Skip to content

Sectoolbox First official release - v1.0.0

Latest
Latest

Choose a tag to compare

View all tags
@zebbern zebbern released this 11 Oct 14:34
· 351 commits to main since this release
v1.0.0
dfa48e4

We're excited to announce the first official release of Sectoolbox (v1.0.0) a modern, browser-based cybersecurity analysis platform built for CTF players, security researchers, and penetration testers.

{31C8E6BA-F832-4BB2-A455-24576CAFBEE5}

What is Sectoolbox?

Sectoolbox brings powerful forensics and exploitation tools straight to your browser. Most of our analysis tools run client-side and therefor works offline, improving performance and privacy. Integrations that require remote lookups (e.g., VirusTotal, Shodan) will clearly indicate when external APIs are used and require user-provided API keys in the .env file.

Key Features

Digital Forensics: 
- EXIF & stego detection, hex viewer, QR scanning, audio spectral analysis, PCAP and USB PCAP inspection, EVTX parsing, memory forensics, and recursive folder scanning.

Network & Threat Intel: 
- Shodan, Nmap (HackerTarget), IPInfo, PassiveDNS, crt.sh, VirusTotal, AbuseIPDB, GreyNoise and more (API keys required for third-party lookups).

Web Exploitation: 
- 240+ attack payloads, dynamic payload substitution (domain/IP/callback), favorites, and coverage across SQLi, XSS, RCE, SSRF, deserialization, HTTP smuggling, OAuth/SAML vectors, and more.

Crypto & Tools: 
- encoding/decoding, hash tools, classical ciphers, JWT decoder, and frequency analysis.

Privacy-first: 
- Many analysis operations execute entirely in the browser. No file upload required unless you explicitly use a remote scan.

Web Version (Recommended)

Access instantly at: https://sectoolbox.vercel.app

Self-Hosted

git clone https://github.com/sectoolbox/sectoolbox.git
cd sectoolbox
npm install
npm run dev

Getting Started

  1. Visit the Dashboard for quick access to all analysis tools
  2. Use the Search bar to quickly find specific tools
  3. Check the Network page for IP intelligence and scanning
  4. Explore Threat Intel for malware and breach analysis
  5. Use Web Tools for exploitation payloads with target substitution
  6. Try Crypto Tools for encoding, hashing, and cipher analysis
  7. Upload files to Image, Audio, PCAP, or EVTX analysis pages

Community

See Full CHANGELOGS for detailed version history.

Credits

Built with ❤️ by:

⭐ Star us on GitHub if you find this useful!

Made for the cybersecurity community 🛡️

Assets 3
Loading