Advanced Security Testing Toolkit & Password Analysis Engine
SEC-SUITE is a comprehensive security toolkit designed for professionals, penetration testers, and educators. It unifies powerful password auditing capabilities with essential network reconnaissance tools in a single, modular interface.
Whether you prefer a CLI for ease of use or Raw Terminal Commands for automation, SEC-SUITE adapts to your workflow.
| Category | Capabilities |
|---|---|
| 🔐 Password Attacks | Markov Chain (Probabilistic), Brute Force (Configurable), Dictionary (Multi-threaded), Rainbow Table |
| ⚡ Performance | Multi-threading across all modules, Smart Hash Auto-detection |
| 🛡️ Modern Hashes | Support for Argon2, Bcrypt, Scrypt, SHA-256/512, MD5, and more |
| 📡 Network Ops | Multi-threaded Port Scanner, Service Discovery, CIDR support |
| 🛠️ Utilities | Encoding/Decoding (Base64, Hex, URL, HTML), Password Strength Analyzer |
- Python 3.10 or higher
- Poetry (Dependency Manager)
- Clone the repository
git clone [https://github.com/gab-dev-7/sec-suite.git](https://github.com/gab-dev-7/sec-suite.git)
cd sec-suite
- Install dependencies
poetry install
- Activate the environment (Important!)
poetry shell
Note: This command enters the virtual environment. Your terminal prompt should change. You can now run the commands below without poetry run.
If you are new to the tool or prefer a visual menu, start here:
python run.py
- Breadcrumb Navigation: Never get lost in sub-menus.
- Progress Indicators: Real-time visual feedback for long operations.
- Input Validation: Handles errors gracefully.
(Ensure you have run poetry shell first)
📖 Dictionary Attack
Traditional wordlist-based recovery. Automatically downloads rockyou.txt if missing.
python main.py crack -t <HASH> -a sha256 -m dictionary
🧠 Markov Chain Attack (New in v2.0)
Probabilistic generation using machine learning models trained on real password databases.
python main.py crack -t <HASH> -a md5 -m markov --max-passwords 50000
🔢 Brute Force
Exhaustive search with custom character sets (l=lower, u=upper, d=digits, s=special).
# Brute force a SHA1 hash, length 4-6, lowercase + digits
python main.py crack -t <HASH> -a sha1 -m bruteforce --charset "ld" --min-length 4 --max-length 6
🌈 Rainbow Table
Instant lookup using precomputed tables.
python main.py crack -t <HASH> -m rainbow --rainbow-table my_table.rt
# Scan a single IP
python main.py scan -t 192.168.1.5 -p 1-1000 --threads 50
# Scan a subnet (CIDR)
python main.py scan -t 192.168.1.0/24 -p 22,80,443
# Analyze password strength
python main.py analyze -p "Sup3rS3cr3t!"
# Base64 Encode
python main.py encode -d "hello world" -e base64 -o encode
# URL Decode
python main.py encode -d "hello%20world" -e url -o decode
sec-suite/
├── attacks/ # Modular attack implementations
├── tools/ # Network scanner and Encoders
├── utils/ # Core logic (Hash detection, Logging)
├── data/ # Wordlists (auto-downloads rockyou.txt)
└── main.py # CLI Entry point
SEC-SUITE uses data/rockyou.txt by default. To use your own:
- Place the file in the
data/directory. - Run with the
-wflag:
python main.py crack ... -w data/my_custom_list.txt
All operations are logged to sec-suite.log. Use this for debugging or audit trails.
tail -f sec-suite.log
SEC-SUITE is strictly for educational purposes, authorized security research, and personal auditing.
- DO NOT use this tool against systems you do not own or do not have explicit permission to test.
- DO NOT use this tool for malicious purposes.
The developers assume no liability and are not responsible for any misuse or damage caused by this program. By using SEC-SUITE, you agree to these terms.
We welcome contributions!
- Fork the repository.
- Create a feature branch (
git checkout -b feature/AmazingFeature). - Commit your changes (
git commit -m 'Add AmazingFeature'). - Push to the branch (
git push origin feature/AmazingFeature). - Open a Pull Request.
SEC-SUITE v2.0 - Advanced Security Testing Toolkit