This project provides a Claude Code plugin that integrates over 183 pentesting and OSINT tools from the Z4nzu/hackingtool repository. It allows users to access and run these security tools through a conversational AI interface, automatically managing the execution environment. The primary benefit is simplifying complex security workflows by abstracting tool selection and backend execution, making advanced capabilities accessible to a broader technical audience.

How It Works

The plugin utilizes a Python script, ht_run.py, to orchestrate tool execution. It intelligently selects an appropriate backend: native Bash on Linux/macOS, WSL on Windows, or Docker. For many tools, it maps them to specific, pre-built Docker images (e.g., instrumentisto/nmap, projectdiscovery/nuclei) for faster pulls and cleaner execution. If a tool isn't explicitly mapped, it falls back to the kalilinux/kali-rolling Docker image. The script handles command execution, attempts retries with elevated privileges for permission errors, and returns results as structured JSON.

Quick Start & Requirements

• Installation: Add via the Claude plugin marketplace: /plugin install hackingtool@hackingtool-marketplace.
• Prerequisites: Python 3.10+ is required. Docker Desktop is necessary for the Docker backend. WSL is recommended for Windows users not relying solely on Docker.
• Links: Upstream Z4nzu/hackingtool: https://github.com/Z4nzu/hackingtool.

Highlighted Details

• Provides access to a comprehensive suite of 183 pentesting and OSINT tools across 20+ categories.
• Features automatic backend detection and selection (Linux/macOS native, WSL, Docker).
• Leverages purpose-built Docker images for many tools, ensuring efficient and isolated execution.
• Tools are tagged with 🟢 (plug-and-play) or 🟡 (environment-dependent) indicators to denote execution characteristics.

Maintenance & Community

This plugin is developed by ariacodez and serves as a wrapper for the upstream Z4nzu/hackingtool project. Specific community channels for the plugin itself are not detailed, but the upstream project's repository is the primary reference.

Licensing & Compatibility

The plugin and its upstream dependency, Z4nzu/hackingtool, are both released under the MIT License. However, usage is restricted to "authorized security testing, bug bounty, CTFs, and research only."

Limitations & Caveats

The plugin requires Python 3.10+. It does not support asynchronous tool streaming, meaning long-running tools will block the interface until completion or timeout. The Docker backend may pull the kalilinux/kali-rolling image on first use as a fallback. The 🟢/🟡 capability flags are heuristic and may occasionally require manual correction within data/tools.json.