# hcxtools mit Homebrew, apt, dnf, Nix, pacman installieren

Prüfe Installationswege, Executables, Metadaten und Sicherheitshinweise für hcxtools in AI-Agent-Workflows.

## Installation

```sh
sudo av install brew:hcxtools
```

Weitere Installationsbefehle:

### macOS

- Homebrew (100%):

```sh
brew install hcxtools
```

  Evidenz: local Homebrew formula metadata

### Linux

- Debian apt (92%):

```sh
sudo apt install hcxtools
```

  Evidenz: Debian stable package indexes: hcxtools from https://deb.debian.org/debian/dists/stable/main/binary-amd64/Packages.xz

- dnf (92%):

```sh
sudo dnf install hcxtools
```

  Evidenz: Fedora Rawhide package metadata: hcxtools from https://dl.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/repodata/e5ca8ce900cd68f5419e1c39ae517343100b306336cbaeb70a3c153121d95094-primary.xml.zst

- Nix (92%):

```sh
nix profile install nixpkgs#hcxtools
```

  Evidenz: nixpkgs package indexes: pkgs/by-name/hc/hcxtools/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1

- pacman (92%):

```sh
sudo pacman -S hcxtools
```

  Evidenz: Arch Linux sync databases: hcxtools from https://geo.mirror.pkgbuild.com/extra/os/x86_64/extra.db.tar.gz

## Paketfakten

- **Paketschlüssel:** brew:hcxtools
- **Paketmanager:** Homebrew
- **Paketmanager-Seite:** <https://formulae.brew.sh/formula/hcxtools>
- **Version:** 7.1.2
- **Quellzusammenfassung:** Utils for conversion of cap/pcap/pcapng WiFi dump files
- **Homepage:** <https://github.com/ZerBea/hcxtools>
- **Repository:** <https://github.com/ZerBea/hcxtools>
- **Upstream-Dokumentation:** <https://github.com/ZerBea/hcxtools#readme>
- **Lizenz:** MIT
- **Quellarchiv:** <https://github.com/ZerBea/hcxtools/archive/refs/tags/7.1.2.tar.gz>
- **Generiert:** 2026-07-08T07:18:31+00:00

## Executables

- hcxeiutool (cli)
- hcxhash2cap (cli)
- hcxhashtool (cli)
- hcxpcapngtool (cli)
- hcxpmktool (cli)
- hcxpottool (cli)
- hcxpsktool (cli)
- hcxwltool (cli)
- whoismac (cli)
- wlancap2wpasec (cli)
- hcxeiutool (Alias)
- hcxhash2cap (Alias)
- hcxhashtool (Alias)
- hcxpcapngtool (Alias)
- hcxpmktool (Alias)
- hcxpottool (Alias)
- hcxpsktool (Alias)
- hcxwltool (Alias)
- whoismac (Alias)
- wlancap2wpasec (Alias)

## Abhängigkeiten

- openssl@3

## Build-Abhängigkeiten

- pkgconf

## Von macOS bereitgestellte Bibliotheken

- curl

## Installationsverhalten

- Post-install-Hook: nicht definiert
- Bottle: verfügbar auf arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux

## Version und Aktualität

- Seite generiert: 2026-07-08
- Manager-Version: 7.1.2
- lokale Daten: OK
- Upstream-Repository: https://github.com/ZerBea/hcxtools
- neueste erkannte Version: 7.1.2 (aktuell)
- Info: No package-manager update timestamp was available.
## Projektgeschichte und Nutzung

hcxtools is a Linux-focused suite for converting Wi-Fi capture files into hash formats consumed by Hashcat and John the Ripper. The upstream description frames it as an analysis toolkit for finding weak points in one's own wireless networks rather than as a password-cracking engine.

### Projektgeschichte

The GitHub repository was created in April 2017. Its scope settled around the conversion and post-processing side of WPA/WPA2 auditing: hcxpcapngtool converts capture files, hcxhashtool filters hash files, hcxpmktool verifies PSKs or PMKs, hcxpottool handles pot files, and related tools handle wordlist candidates, vendor lookup, and upload workflows.

The toolkit is closely paired with ZerBea's hcxdumptool, which performs packet capture and layer-2 WPA protocol tests. The documented workflow is hcxdumptool to hcxpcapngtool to hcxhashtool, optionally to hcxpsktool or hcxeiutool, and then to Hashcat or John the Ripper.

hcxtools evolved with Hashcat's WPA formats. The README emphasizes Hashcat mode 22000/22001 over older 2500/2501 and 16800/16801 formats, while the changelog records later work on FT-PSK PMKID and EAPOL conversion for mode 37100 and ongoing handling of EAPOL length limits.

### Adoptionsgeschichte

The package spread through security-oriented Linux distributions and general package managers because it solves a specific interoperability problem: turning packet captures into forms that established cracking and auditing tools can read. The batch input records Homebrew, Debian, Fedora, Nix, Arch, and Ubuntu packaging, but upstream itself warns that operating systems outside its Linux target are unsupported.

Its audience is narrower than a general network utility. Upstream expects knowledge of radio technology, 802.11 protocol behavior, key derivation, Linux drivers, capture filters, and related tooling. That technical bar shaped adoption among wireless-security practitioners and package users who already know the Hashcat/JtR workflow.

### Wie es verwendet wird

hcxtools does not capture traffic, crack hashes, attack WEP or WPS, or decrypt encrypted traffic. Instead, it converts, filters, verifies, and prepares artifacts: pcapng/pcap/cap input, PMKID and EAPOL hash lines, pot files, ESSID-derived candidate lists, vendor OUI lookups, and wpa-sec upload workflows.

The upstream README is explicit that output files may be appended to, that dump files should not be merged in ways that destroy custom block hash assignments, and that nonce-error correction is not performed by the tools. These details are why package users often care about exact upstream versions matching hcxdumptool and Hashcat behavior.

### Warum Paket-Nerds sich dafür interessieren

hcxtools is package-nerd significant because it sits at a brittle boundary between kernel Wi-Fi capture behavior, pcapng file semantics, WPA handshake interpretation, and Hashcat/JtR hash formats. Small changes in any layer can make a packaged version too old for a user's capture workflow.

The suite is also notable as a source-built C toolkit with many small executables rather than one command. Packaging therefore exposes a toolbox: hcxpcapngtool for conversion, hcxhashtool for filtering, hcxhash2cap for reverse conversion, hcxpottool for pot files, whoismac for OUI data, and more.

### Zeitleiste

- 2017: hcxtools repository created.
- 2019: 5.x releases published through GitHub releases.
- 2020: 6.0.0 and 6.1.x releases published.
- 2021: 6.2.x releases published.
- 2024: README simplified distribution-specific compile instructions and pointed users back to their distribution dependency names.
- 2025: 7.0.0 added support for relayed EAPOL messages.
- 2026: changelog recorded FT-PSK PMKID and EAPOL conversion work for Hashcat mode 37100.

### Related projects

- hcxdumptool captures the wireless packets that hcxtools converts and filters.
- Hashcat consumes the WPA/WPA2 hash formats that hcxtools prepares.
- John the Ripper is the other major password-auditing tool named in the README.
- wpa-sec is an upload target documented by the toolkit for testing captured material against common weak-key data.

### Quellen

- <https://api.github.com/repos/ZerBea/hcxdumptool>
- <https://api.github.com/repos/ZerBea/hcxtools>
- <https://api.github.com/repos/ZerBea/hcxtools/releases>
- <https://github.com/ZerBea/hcxdumptool>
- <https://github.com/ZerBea/hcxtools>
- <https://github.com/ZerBea/hcxtools/blob/master/changelog>
- <https://github.com/hashcat/hashcat>


## Sicherheitshinweise

narrow executable package without higher-risk signals.

- **Geiger-Risiko:** grün / niedrig
- narrow executable package without higher-risk signals

## Details aus der Quelldatenbank

- **Source Database:** Homebrew formula API
- **Tap:** homebrew/core
- **Full Name:** hcxtools
- **Version Scheme:** 0
- **Revision:** 0
- **Head Version:** HEAD
- **Bottle Stable Root URL:** <https://ghcr.io/v2/homebrew/core>
- **Deprecated:** no
- **Disabled:** no
- **Keg Only:** no
- **URL Keys:** head, stable

## Andere Paketmanager-Einträge

- Debian apt - hcxtools - 6.3.5-1: normalized package name match | Debian stable package indexes: hcxtools from https://deb.debian.org/debian/dists/stable/main/binary-amd64/Packages.xz | Tools for converting captures to use with hashcat or John the Ripper | https://github.com/ZerBea/hcxtools
- Nix - hcxtools: normalized package name match | nixpkgs package indexes: pkgs/by-name/hc/hcxtools/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1
- Ubuntu apt - hcxtools - 6.2.7-2build3: normalized package name match | Ubuntu 24.04 LTS package indexes: hcxtools from https://archive.ubuntu.com/ubuntu/dists/noble/universe/binary-amd64/Packages.gz | Tools for converting captures to use with hashcat or John the Ripper | https://github.com/ZerBea/hcxtools
- dnf - hcxtools - 7.1.2-1.fc45: normalized package name match | Fedora Rawhide package metadata: hcxtools from https://dl.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/repodata/e5ca8ce900cd68f5419e1c39ae517343100b306336cbaeb70a3c153121d95094-primary.xml.zst | Set of tools to convert packets from capture files to hash files | https://github.com/ZerBea/hcxtools
- pacman - hcxtools - 7.1.2-1: normalized package name match | Arch Linux sync databases: hcxtools from https://geo.mirror.pkgbuild.com/extra/os/x86_64/extra.db.tar.gz | Portable solution for capturing wlan traffic and conversion to hashcat and John the Ripper formats | https://github.com/ZerBea/hcxtools


## Verwandte Links

- [Source-control packages](https://www.automicvault.com/de/pkg/source-control-tools/) - Belongs to a source-control command family.
- [Terminal utility packages](https://www.automicvault.com/de/pkg/terminal-utilities/) - Matched terminal and command-line workflow metadata.
- [Networking and protocol packages](https://www.automicvault.com/de/pkg/networking-protocol-tools/) - Matched network, protocol, or remote-service metadata.
- [Security and crypto packages](https://www.automicvault.com/de/pkg/security-crypto-tools/) - Matched security, identity, cryptography, password, signing, or certificate metadata.
- [openssl@3](https://www.automicvault.com/de/pkg/brew/openssl-3/) - Runtime dependency declared by Homebrew.
- [pkgconf](https://www.automicvault.com/de/pkg/brew/pkgconf/) - Build dependency declared by Homebrew.
- [aircrack-ng](https://www.automicvault.com/de/pkg/brew/aircrack-ng/) - Shares av.db curated category or tags: cli, packet-capture, security, wifi, wireless.
- [pixiewps](https://www.automicvault.com/de/pkg/brew/pixiewps/) - Shares av.db curated category or tags: cli, security, wifi, wireless.
- [reaver](https://www.automicvault.com/de/pkg/brew/reaver/) - Shares av.db curated category or tags: cli, security, wifi, wireless.
- [ubertooth](https://www.automicvault.com/de/pkg/brew/ubertooth/) - Shares av.db curated category or tags: cli, security, wireless.
- [crunch](https://www.automicvault.com/de/pkg/brew/crunch/) - Shares av.db curated category or tags: cli, password-auditing, security.
- [hydra](https://www.automicvault.com/de/pkg/brew/hydra/) - Shares av.db curated category or tags: cli, password-auditing, security.
- [ncrack](https://www.automicvault.com/de/pkg/brew/ncrack/) - Shares av.db curated category or tags: cli, password-auditing, security.
- [search-that-hash](https://www.automicvault.com/de/pkg/brew/search-that-hash/) - Shares av.db curated category or tags: cli, hashcat, security.
- [retdec](https://www.automicvault.com/de/pkg/brew/retdec/) - Security-sensitive metadata or terminology overlaps. Shared terms: analysis, cli, openssl, openssl-3, security.

## Combined YAML source

View the package source record on GitHub. [combined/hcxtools.yml](https://github.com/automic-vault/db/blob/main/combined/hcxtools.yml)


## Quellen

- Nucleus package database
- Geiger risk classifier
- package-page enrichment
- curated package history
- package version freshness
- av.db category and tag curation
- package relationship graph
- external package-manager database matches
- cross-ecosystem install command graph
