1. Introduction

HackOx is a web-based pentesting framework which implements a fully customizable user interface for nearly any tool out there. It can be operated two different modes: portable mode, in which you connect directly to the device and remote mode, that will connect the device on where it's installed to your own control for remote controlling (supports multiple devices). The interface can be customized by adding modules, which extend the core functions and implements tools running on linux and apps, which are scripts that can be executed with/without arguments and will generate a plain text output.

2. Installation

2.1. Dependencies

This dependencies will be automatically installed when running the installation script:

  1. apache2
  2. apache2-mpm-itk
  3. mysql-server
  4. cURL
  5. wput
  6. cron
  7. wget
  8. sudo
  9. wpasupplicant

2.2. How to install?

For installing hackOx just run this command on your cli:

wget -O hackox https://repo.hackox.net/client/hackox-stable.sh && bash hackox && rm hackox

Then create a new MySQL database and go to http://{HACKOX_IP}:8085/install and use the installer to setup the database:

3. Configuration

3.1. Configuration File

Multiple app and module repositories will be supported in future releases. Right now only one repository can be used.
The /var/hackox/www/config.php file contains all the configuration variables:

Variable Type Description
ENABLE_REPOS boolean Enable/disable connection with the app and module repositories
MODULES_REPO String URL where the modules.json repository file is stored
APPS_REPO String URL where the applications.json repository file is stored
LOGPATH String Path to hackOx logs directory
SW_VER String hackOx software version
3.1. Configuration Page

Inside the Config tab (hackOx panel), you'll find some quick configurations like admin username and password, wifi connections manager and hostname changer.

4. Applications

HackOx is designed for being fully modular and making life easier to module and app developers! Apps are single/multiple scripts (python, perl, bash, etc) packaged on a zip file, which can be used from the hackOx interface.

4.1. Application Manager

From this panel you can manage your installed applications. The 3 buttons on each app row stand for running the app in normal mode, running the app as root, and uninstalling the app from the device (if the app requires arguments, they can be typed on the Additional Arguments input). After running the app, the output will be displayed on the Output section and log to the app log file.

4.2. Application Installer

Installing a new app can be done uploading the app package or choosing one from the repositories previously configured (or default ones). The information loaded on this time is downloaded from the repo index files and will display the latest versions.

4.3. Application Logs

Each time an app is executed, the ouput will be logged to the /var/hackox/logs/apps directory. This files are removed when uninstalling an app or the Remove Logs function is used.

4.4. Application Development

Creating a new app is as simple as packaging your scripts + app.json file. This file need contains the essential information for running the app:

		"name": "Demo App",
		"version": "1.0",
		"author": "hackOx",
		"description": "Dummy app description",
		"directory": "demo",
		"run_command": "python3",
		"script": "demo.py" 

To install the app, go to Applications > Install App, and upload the .zip file. If you want it to be added to the official repository, please send us a message through our Discord/DM on Twitter.

5. Modules

For coding new modules, we provide a dev-friendly PHP and JS Module API, which can be used to create a custom interfaces for any Linux running tool.

5.1. Module Manager
5.2. Module Installer
5.3. Module Development

More information coming soon :D

Modules are packaged into zip file which contain the module files.

This file is used during the installation process.

	  "info": {
		"name": "Module Demo",
		"version": "1.0",
		"author": "hackOx",
		"description": "Module Demo description."
	  "tab": {
		"display": true,
		"name": "Demo Tab",
		"slug": "demo"
	  "support_xml": false,
	  "directory": "demo",
	  "controller": "demo.php",
	  "template": "demo.tpl",
	  "default_config": [
		  "key": "demo_config_key",
		  "value": "demo_config_value"
	  "install_commands": [
		"apt-get install test"

Available configuration values for the module config file.

Option Name Type Description
info Object Object formed by string name string version string author string description
tab Object Object formed by boolean display string name string slug
support_xml boolean Enable/disable XML export support
directory string Module directory name
controller string Module controller file
template string Module template file
default_config[] object Array Array of objects with the structure string key and string value
install_commands[] string Array Array of commands sort by execution