Adoption

Agent Skills are supported by leading AI development tools.

VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory

aeondave/hakrawler

Name: hakrawler
Author: aeondave

offensive-tools/recon/hakrawler/SKILL.md

npx skillsauth add aeondave/malskill hakrawler

Clean

TrivyContainer and dependency vulnerability scanner

Clean

SemgrepStatic code analysis for vulnerabilities

Clean

mcp-scan (Snyk)Model Context Protocol security validation

Skipped

Snyk (dep)Open source security scanning

Skipped

Socket.devSupply chain security analysis

Skipped

VirusTotalMulti-engine malware detection

Skipped

CrowdStrikeAdvanced threat intelligence

Skipped

OSV-ScannerOpen Source Vulnerability database check

Skipped

OWASP Dep-Check

Hakrawler

Fast Go web crawler — discover URLs, JS files, forms, and endpoints.

Quick Start

go install github.com/hakluke/hakrawler@latest

# Crawl a domain
echo https://target.com | hakrawler

# Depth 3, include subdomains
echo https://target.com | hakrawler -d 3 -subs

# Output as JSON
echo https://target.com | hakrawler -json

# Pipe multiple domains
cat domains.txt | hakrawler -d 2

Core Flags

| Flag | Purpose | |------|---------| | -d N | Depth (default: 1) | | -subs | Include subdomains | | -u | Unique URLs only | | -insecure | Skip TLS verification | | -t N | Threads | | -timeout N | Timeout per request (s) | | -H "K:V" | Custom header | | -json | JSON output | | -scope REGEX | Limit to URL pattern | | -plain | Print plain text (no color) | | -proxy <url> | HTTP/SOCKS5 proxy | | -cookie <str> | Cookie string | | -dr | Disable following redirects | | -w N | Wait N ms between requests |

Common Workflows

Build URL inventory for fuzzing:

echo https://target.com | hakrawler -d 3 -u | tee urls.txt
# Feed to ffuf
ffuf -w urls.txt:URL -u URL -mc 200

Discover JS files:

echo https://target.com | hakrawler -d 2 | grep "\.js$"

Combine with httpx for live check:

cat domains.txt | hakrawler | httpx -silent -mc 200

Scope-limited crawl (stay in scope):

echo https://target.com | hakrawler -d 3 -scope ".*\.target\.com.*" -u

Extract API endpoints:

echo https://target.com | hakrawler -d 3 -u | \
  grep -E "(/api/|/v[0-9]+/|\.json|\.xml)" | sort -u

Form action discovery:

echo https://target.com | hakrawler -json | \
  jq -r 'select(.type=="form") | .source'

Multi-target via live hosts:

subfinder -d target.com -silent | \
  httpx -silent | \
  hakrawler -d 2 -u | sort -u > all_urls.txt

Resources

| File | When to load | |------|--------------| | references/crawl-tips.md | Scope filtering, JS analysis, pipeline patterns, JS secret extraction |

aeondave/hakrawler

offensive-tools/recon/hakrawler/SKILL.md

Auth/lab ref: Fast Go web crawler for discovering URLs, endpoints, and JavaScript files. For crawling web applications to build a URL inventory before fuzzing or during OSINT on web infrastructure.

4 stars

development

Updated Jun 8, 2026

$ install --global

skillsauth

npx skillsauth add aeondave/malskill hakrawler

Install this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.

Security Scan Results

3 of 9 scanners reported clean

Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.

Scanners Passed

Scanners in report

Clean

TrivyContainer and dependency vulnerability scanner

95%

Clean

SemgrepStatic code analysis for vulnerabilities

95%

Clean

mcp-scan (Snyk)Model Context Protocol security validation

95%

Skipped

Snyk (dep)Open source security scanning

50%

Skipped

Socket.devSupply chain security analysis

50%

Skipped

VirusTotalMulti-engine malware detection

50%

Skipped

CrowdStrikeAdvanced threat intelligence

50%

Skipped

OSV-ScannerOpen Source Vulnerability database check

50%

Skipped

OWASP Dep-Check

50%

Last scanned: Jun 8, 2026, 3:58 AM126.7s2 files scanned

SKILL.md

name:: hakrawler
description:: Auth/lab ref: Fast Go web crawler for discovering URLs, endpoints, and JavaScript files. For crawling web applications to build a URL inventory before fuzzing or during OSINT on web infrastructure.
license:: MIT
compatibility:: Go; Linux/macOS/Windows.
author:: AeonDave
version:: 1.1

Hakrawler

Fast Go web crawler — discover URLs, JS files, forms, and endpoints.

Quick Start

go install github.com/hakluke/hakrawler@latest

# Crawl a domain
echo https://target.com | hakrawler

# Depth 3, include subdomains
echo https://target.com | hakrawler -d 3 -subs

# Output as JSON
echo https://target.com | hakrawler -json

# Pipe multiple domains
cat domains.txt | hakrawler -d 2

Core Flags

Common Workflows

Build URL inventory for fuzzing:

echo https://target.com | hakrawler -d 3 -u | tee urls.txt
# Feed to ffuf
ffuf -w urls.txt:URL -u URL -mc 200

Discover JS files:

echo https://target.com | hakrawler -d 2 | grep "\.js$"

Combine with httpx for live check:

cat domains.txt | hakrawler | httpx -silent -mc 200

Scope-limited crawl (stay in scope):

echo https://target.com | hakrawler -d 3 -scope ".*\.target\.com.*" -u

Extract API endpoints:

echo https://target.com | hakrawler -d 3 -u | \
  grep -E "(/api/|/v[0-9]+/|\.json|\.xml)" | sort -u

Form action discovery:

echo https://target.com | hakrawler -json | \
  jq -r 'select(.type=="form") | .source'

Multi-target via live hosts:

subfinder -d target.com -silent | \
  httpx -silent | \
  hakrawler -d 2 -u | sort -u > all_urls.txt

Resources

| File | When to load | |------|--------------| | references/crawl-tips.md | Scope filtering, JS analysis, pipeline patterns, JS secret extraction |

Related Skills

aeondave/vibe-audit-technique

development

VerifiedTrustedCommunity

White-box auditing methodology for AI-generated ('vibe-coded') applications. Focuses on modern stack misconfigurations (Supabase, Next.js, Vercel).

4SKILL.mdUpdated Jun 12, 2026

aeondave/vibe-audit-technique

aeondave/source-review-technique

development

VerifiedTrustedCommunity

Hybrid AI/Deterministic SAST methodology for discovering zero-day vulnerabilities in source code. Orchestrates structural search with AI-driven data flow and sink validation.

4SKILL.mdUpdated Jun 12, 2026

aeondave/source-review-technique

aeondave/hardware-technique

development

VerifiedTrustedCommunity

Auth assessment: hardware/embedded methodology; UART/JTAG/SWD/SPI/I2C, firmware extraction, boot/debug paths, embedded OS evidence.

4SKILL.mdUpdated Jun 12, 2026

aeondave/hardware-technique

aeondave/container-technique

devops

VerifiedTrustedCommunity

Container methodology: Identifying containerization limits, Docker/K8s misconfigurations, and executing escapes to the host node.

4SKILL.mdUpdated Jun 12, 2026

aeondave/container-technique

Download

For Claude Desktop. Download once, then upload the file in the app — no terminal needed.

Need help? View full Cowork setup guide →

Install manually

Choose your platform

# Clone the repo
git clone https://github.com/aeondave/malskill.git

# Copy into Claude Code skills folder (global)
cp -r malskill/offensive-tools/recon/hakrawler ~/.claude/skills/

Claude Code Skills — official skills path docs.

Repository

aeondave/malskill

4 stars

Compatible with

Claude Code

OpenAI Codex CLI

ChatGPT