Firefox base ( Security Testing Framework ) - (HconSTF)

Hcon Security Testing Framework (HconSTF) v0.5 [Fire Base] - codename 'Prime'


 ဒီေဆာ့၀ဲလ္ေလးဟာဆိုရင္ Mozilla ရဲ ့ Firefox Browser ကို အေျခခံထားတာျဖစ္ျပီး  WEB အေျချပဳ 
 Penetration Testing   လုပ္ဖို ့အတြက္ အေကာင္းတစ္ကာအေကာင္းဆံုးထဲက Best  of the Best ျဖစ္ပါတယ္၊
Firefox ကိုအေျခထားတာျဖစ္တဲ့အတြက္ေၾကာင့္ ကိုယ္လိုခ်င္တဲ့ Addons ေတြကိုလည္းထပ္သြင္းထည့္လို ့
ရမွာျဖစ္သလို Browser ၾကီးပဲသံုးမယ္ဆိုရင္ေတာင္ အင္တာနက္ကို ျမန္ဆန္ေစလို ့ ရိုးရိုး Firefox ထက္
ေတာ္ေတာ္ေလးကို အားသာတာေတြ ့ရပါတယ္၊ 
security testing stages မွာလည္းအမ်ားၾကီး အသံုး၀င္ပါတယ္၊ ဒီေဆာ့၀ဲလ္နဲ ့ လုပ္လို ့ရတာေတြကေတာ့
  • Web Penetration Testing
  • Web Exploits Development
  • Web Malware Analysis
  • Open Source Intelligence ( Cyber Spying & Doxing )

တို ့ပဲျဖစ္ပါတယ္၊


1. IT Security Professionals
2. Web Bug bounty Hunters
3. Web Developers
4. IT students or any one interested in IT security    တို ့အတြက္လည္းအင္မတန္မွအသံုး၀င္ျပီး သင့္ေတာ္ ေကာင္းမြန္ပါတယ္၊
Version Info :
Current version : 0.5 codename 'PRIME'
Type : Portable (no need to install , run from pendrive or any memory card)
Platform : Windows : XP , Vista , 7 both x32 & x64, 8, Linux (wine)
                  Linux : All Linux distributions are supported including Kali, Backbox, Blackbuntu, Weakerthan

Best of the Best ထဲကမွ ကၽြန္ေတာ္ေျပာဖို ့ ေမ့သြားတာ ဒီေဆာ့၀ဲလ္ေလးက ထာ၀ရ Open Source ပါ။
Portable Version ျဖစ္ျပီး  USB drive လို  memory stick or card ေတြထဲမွာလည္း ထည့္ျပီး လိုတဲ့အခ်ိန္

ေနာက္ဆံုးအေနနဲ ့ေျပာခ်င္တာေတာ့ ဒီေဆာ့၀ဲလ္ေလးျဖစ္ေျမာက္လာျခင္းရဲ  ့အစ မူလဘူတ ဖန္တီးရွင္ကေတာ့ ကၽြန္ေတာ္တို ့ ျမန္မာႏိုင္ငံရဲ  ့ Best if the Best Hacker Group တစ္ခုျဖစ္တဲ့    
YGN Ethical Hacker Group ကဖန္တီးလိုက္တဲ့   Hackerfox အေျခခံျပီး ဖန္တီးထားတာ ျဖစ္ပါတယ္၊

Hacker Friendly

Fully Customizable, Versatile in Usage can be used in many Web related hacking needs, Simple and easy to use interface, small in size and light on resources. contains hundreds of features for :
  • Web Penetration Testing
  • Web Exploits Development
  • Web Malware Analysis
  • OSINT & Cyber spying

Exploitation ready

Very comprehensive and plenty of tools for exploitation and supports verbose debugging features for Web Exploit Development.


HconSTF contains blend of online and offline tools for Pentesting called 'WebUI'.
includes scanners, encoders, and much more


IDB is Integrated database with huge amount of Web payloads like :
  • Xss
  • Sqli
  • LDAP
  • Command execution

Osint Ready

Helps in many Open source intelligence based tasks like
  • Passive Web & Network Reconnaissance
  • Doxing
  • Cyber Spying
  • Hash cracking
Huge amount of Plugins more than 165

Obfuscation Ready

Encoding / Decoding & hashing Features and tools, supports wide variety of formats, character set and algorithms for making payloads undetectable.

Decoy Ready

Darknets and proxies integrated, Spoofing tools. supports integration with many decoy options, includes many tools for proxies and anonymizing networks
readily configured for :
  • Tor
  • AdvOR
  • I2P
  • Https, Socks 4 / 5

Enhanced Reporting

Contains many integrated useful reporting features like :
  • Screenshots
  • Note taking
  • Session saving & exporting
  • Custom Url Logging
  • Automated Request logging

Hacker Helper

Includes Hackery-Hybrid, collection of huge amount of learning bookmarks for learning any techniques, tools.

More Features :
  • Available for both all Windows and Linux based systems
  • Easy to use & collaborative Operating System like interface
  • Includes Custom scripts for doing many pentesting tasks
  • Includes Cleaner for running HconSTF smoothly
  • Light on Hardware Resources & Small in size
  • Portable - no need to install, can work from any USB storage device
  • Multi-Language support (Partial)
  • Works side-by-side with your normal web browser without any conflict issues
  • Works on both architectures x86 & x64 on windows XP, Vista, 7 and on Linux with Wine
  • Netbook compatible - User interface is designed for using framework on small screen sizes
  • Free & Open source and always will be

Categories of tools :
  • Recon / Mapping
  • Editors / Debuggers
  • Exploitation / Audit
  • Anonymity
  • Passwords
  • Cryptography
  • Database
  • Scripting / Automation
  • Network Utilities
  • Reporting
Share on Google Plus

About puupuu nya

This is a short description in the author block about the author. You edit it by entering text in the "Biographical Info" field in the user admin panel.
    Blogger Comment
    Facebook Comment


Post a Comment