H@xc0rd is a simple yet powerful Discord bot for the utilization of common tools frequently used in network security, without the need to understand Linux.
“With only one command to start it, there’s no reason not to love it,” says H@xc0rd mastermind Bradley Chavis (Advancing Computer Science, Network Security). “No more struggling to set up a Linux machine, or trying to find all the tools compatible with Windows. It’s just one command and you’re done.”
H@xc0rd tools range from exploit to recon, including Hashcat, Hydra, Nmap, Shodan and many more. Each tool has its own custom-built help section to guide the user through understanding what the tool is, how to use it and how to use the results gained from it.
H@xc0rd was built off the node.js run time library, leveraging many libraries along the way, such as Discord.js and axios. The different commands are based on modules, enabling them to be loaded dynamically. This offers another benefit — the ability to limit users to certain tools and commands. Since many tools within this project can be intrusive to the local network that it’s hosted off of, the bot owner can adjust who has access to what tool at any time, significantly limiting the chance for it to be abused.
H@xc0rd is even simpler to use on the server this bot is hosted on — only a Discord account and a basic knowledge of the platform is needed. To use the bot, simply tighten the specified prefix that can be found packaged sub.js on file and the command you want to run. Such as a “!ping” command, which gives you latency to the bot.
Crack a password hash with java ripper and show off the results to everyone on the server. You no longer need to export the results of the tool to a file and send that file to others, time and time again. Better yet, want to find information on how many times a certain password has been compromised, like password? Use the “!haveibeenpwed,” which utilizes the haveibeenpwed guy to query and display the results.
Want to find out information about a machine accessible to the public internet through “!shodan,” and don’t know where to start? Start with H@xc0rd. Just add the help argument after any command for a comprehensive description of the tool, arguments that can be used with the command and external resources to learn more about that specific tool.
Now you may ask, how do I know all the commands in the first place? Well, the command “!commands” of course, which lists out all the available commands. Currently, there are approximately 15 types of tools implemented into this project.
As time goes on, new tools come along and current ones slowly fall out of date by not getting updated. To accommodate this, Bradley and project partner David Austad (Network Security) will consistently update the tools within the project, removing and replacing them with new ones that provide similar results.
If there is a tool that hasn’t been implemented yet, but you really want to use it, you have the freedom to add it yourself. H@xc0rd was built so that a new tool can be implemented in a matter of minutes!
During the building of this project, Bradley and David ran into a big issue — at first, the only way to run H@xc0rd was on Linux. Since this didn’t comply with the final goal of utilization by everyone, they searched for a solution and found Docker, a virtualization platform that allows operating systems’ environments, like Linux, to run on systems that generally wouldn’t support that, such as Windows or Mac OS. Docker’s implementation into this project allowed H@xc0rd to be hosted on nearly every operating system and can easily be tuned if one doesn’t work perfectly through the provided install script.
Another goal of the project was to make it as simple as possible for the user to set it up through install scripts. The entire install process was automated through bash scripts to run natively on most Linux systems.
Saving the best part for last, it’s free and open source. Bradley states, “You will never be limited with what you can do with this project, only by your imagination.” As time goes on, Bradley hopes others will contribute to it as well. Currently, H@xc0rd is only available via GitHub with plans in the works to host it through Docker as well.
Take your ideas and make them happen with UAT’s Advancing Computer Science degree.