This tool provides commandline access for HackTheBox, TryHackMe and VulnHub machines. Here's a quick listing of useful features:
- Look up machine details across HTB/THM/VH
- Track owned/pending/todo machines
- Interact with HTB portal and assign/remove/own/query machines
- Search writeup descriptions using ippsec.rocks like option
- Search machine details using
jq
-style query language
machinescli
works in conjuction with svachal framework. As such, if you wish to extend and use writeup metadata, it will be natively accessible via the sharedmachines.json
file.
Follow the steps below and run machinescli
to create the machines.json
file (to get your HTBAPIKEY
from HackTheBox, go to your username tab > Classic HTB > Settings > API Key):
$ mkdir -pv cd $HOME/toolbox/projects && cd $HOME/toolbox/projects
$ git clone https://github.com/7h3rAm/machinescli && cd machinescli
$ python3 -m venv --copies venv
$ source venv/bin/activate
$ pip install -r requirements.txt
$ mkdir -pv $HOME/toolbox/bootstrap # this directory will be used to store and access machines.json file
$ export HTBAPIKEY=<APIKEYHERE>
$ python3 machinescli.py --update
-
Show stats for machine named
bashed
, show extended details as JSON, export results for GSheet import: -
Search machine descriptions for keywords
buffer overflow
andbash
: -
Query
owned AND oscplike HackTheBox
machines using the built-in filter: -
Query
owned AND oscplike HackTheBox
machines using the built-in filter and show TTPs if machine writeups are available: -
Query
owned AND NOT OSCPlike
machines usingjq
-style syntax: -
Show
spawned
machines andexpiry
stats from HackTheBox platform: -
Perform
assign
andremove
operations on a HackTheBox machine:
Source the .bash-completion
file within a shell to trigger auto-complete for arguments. This will require the following alias:
alias machinescli='python3 $HOME/toolbox/projects/machinescli/machinescli.py'
You will need a Nerd Fonts patched font for OS icons and other symbols to be rendered correctly.