SEC-SUITE

SEC-SUITE is a comprehensive security toolkit designed for professionals, penetration testers, and educators. It unifies powerful password auditing capabilities with essential network reconnaissance tools in a single, modular interface.

Whether you prefer a CLI for ease of use or Raw Terminal Commands for automation, SEC-SUITE adapts to your workflow.

🚀 Key Features

Category	Capabilities
🔐 Password Attacks	Markov Chain (Probabilistic), Brute Force (Configurable), Dictionary (Multi-threaded), Rainbow Table
⚡ Performance	Multi-threading across all modules, Smart Hash Auto-detection
🛡️ Modern Hashes	Support for Argon2, Bcrypt, Scrypt, SHA-256/512, MD5, and more
📡 Network Ops	Multi-threaded Port Scanner, Service Discovery, CIDR support
🛠️ Utilities	Encoding/Decoding (Base64, Hex, URL, HTML), Password Strength Analyzer

📖 A Guide for Beginners

What is SEC-Suite?

SEC-Suite is a free, open-source tool for security testing. It’s a command-line interface (CLI) tool, which means you interact with it using text commands in a terminal. Think of it as a smart assistant for security tasks. It’s built in Python and is meant for ethical and educational use only.

Core Concepts Simplified

Passwords and Hashes: A password is like a key. Systems store them as “hashes”—scrambled versions (e.g., MD5 turns “password” into “5f4dcc3b5aa765d61d8327deb882cf99”). Cracking tries to reverse this to find the original password.
Networks and Ports: The internet is like a city of houses (devices) connected by roads. Ports are the doors on those houses (e.g., port 80 for web traffic). A port scan checks which doors are open, helping to assess security.
Encoding: This process converts data into a different format for safe transmission (e.g., Base64 turns text into a string of letters and numbers).

📦 Quick Start

Prerequisites

Python 3.10 or higher
Poetry (Dependency Manager)

Installation & Setup

Clone the repository

git clone https://github.com/gab-dev-7/sec-suite.git
cd sec-suite

Install dependencies

poetry install

Activate the environment (Important!)

poetry shell

Note: This command enters the virtual environment. You can now run the commands below without poetry run.

🎮 Interactive Mode (Recommended)

If you are new to the tool or prefer a visual menu, start here:

python run.py

Breadcrumb Navigation: Never get lost in sub-menus.
Progress Indicators: Real-time visual feedback for long operations.
Input Validation: Handles errors gracefully.

🛠️ CLI Usage (Advanced)

(Ensure you have run poetry shell first)

1. Password Cracking

📖 Dictionary Attack

Traditional wordlist-based recovery. Automatically downloads rockyou.txt if missing.

python main.py crack -t <HASH> -a sha256 -m dictionary

🧠 Markov Chain Attack (New in v2.0)

Probabilistic generation using machine learning models trained on real password databases.

python main.py crack -t <HASH> -a md5 -m markov --max-passwords 50000

🔢 Brute Force

Exhaustive search with custom character sets (l=lower, u=upper, d=digits, s=special).

# Brute force a SHA1 hash, length 4-6, lowercase + digits
python main.py crack -t <HASH> -a sha1 -m bruteforce --charset "ld" --min-length 4 --max-length 6

🌈 Rainbow Table

Instant lookup using precomputed tables.

python main.py crack -t <HASH> -m rainbow --rainbow-table my_table.rt

2. Network Reconnaissance

# Scan a single IP
python main.py scan -t 192.168.1.5 -p 1-1000 --threads 50

# Scan a subnet (CIDR)
python main.py scan -t 192.168.1.0/24 -p 22,80,443

3. Utilities & Encoders

# Analyze password strength
python main.py analyze -p "Sup3rS3cr3t!"

# Base64 Encode
python main.py encode -d "hello world" -e base64 -o encode

# URL Decode
python main.py encode -d "hello%20world" -e url -o decode

⚙️ Configuration

Project Structure

sec-suite/
├── attacks/          # Modular attack implementations
├── tools/            # Network scanner and Encoders
├── utils/            # Core logic (Hash detection, Logging)
├── data/             # Wordlists (auto-downloads rockyou.txt)
└── main.py           # CLI Entry point

Custom Wordlists

SEC-SUITE uses data/rockyou.txt by default. To use your own:

Place the file in the data/ directory.
Run with the -w flag:

python main.py crack ... -w data/my_custom_list.txt

Logging

All operations are logged to sec-suite.log. Use this for debugging or audit trails.

tail -f sec-suite.log

⚠️ Legal & Ethical Disclaimer

SEC-SUITE is strictly for educational purposes, authorized security research, and personal auditing.

DO NOT use this tool against systems you do not own or do not have explicit permission to test.
DO NOT use this tool for malicious purposes.

The developers assume no liability and are not responsible for any misuse or damage caused by this program. By using SEC-SUITE, you agree to these terms.

🤝 Contributing

We welcome contributions!

Fork the repository.
Create a feature branch (git checkout -b feature/AmazingFeature).
Commit your changes (git commit -m 'Add AmazingFeature').
Push to the branch (git push origin feature/AmazingFeature).
Open a Pull Request.