Professional cybersecurity analysis toolkit for CTF competitions and security research
Sectoolbox is a comprehensive web-based security analysis platform designed for CTF players, security researchers, and penetration testers. Built with modern web technologies, it delivers powerful forensics and exploitation tools directly in your browser with intelligent client-side and server-side processing.
Network Forensics:
- PCAP Analysis - Deep packet inspection with tshark integration
- USB PCAP - USB protocol analysis and packet decoding
- Network Intelligence - DNS lookups, IP info, headers analysis
File Analysis:
- Image Analysis - Steganography detection, EXIF extraction, barcode scanning
- Audio Analysis - Spectrograms, frequency analysis, hidden data detection
- Memory Forensics - Process analysis, credential hunting, artifact extraction
- Event Log Analysis - Windows EVTX parsing with MITRE ATT&CK mapping
Security Tools:
- Threat Intelligence - VirusTotal, AbuseIPDB, AlienVault OTX, HIBP integrations
- Crypto Tools - Encoding/decoding, hash analysis, cipher identification
- Python Forensics - Full Python 3.11 environment in browser via WebAssembly
- Folder Scanner - Bulk file analysis and pattern detection
Additional Features:
- Real-time job processing with WebSocket updates
- Automated threat detection and IOC extraction
- CTF flag pattern recognition (HTB, picoCTF, etc.)
- Export results in multiple formats (JSON, CSV)
Visit sectoolbox.cc to use the platform instantly - no installation required.
# Clone repository
git clone https://github.com/sectoolbox/sectoolbox.git
cd sectoolbox
# Install dependencies
npm install
# Start development server
npm run dev
# Visit http://localhost:5173For detailed setup instructions, see Getting Started.
Deploy to production using Vercel and Railway:
# Deploy frontend to Vercel
vercel deploy
# Deploy backend to Railway
railway upFor complete deployment guide, see Deployment Documentation.
- Frontend: React 19, TypeScript 5.8, Vite 7
- Backend: Node.js, Express, TypeScript
- UI Framework: Tailwind CSS, shadcn/ui
- Queue System: Bull with Redis
- Python Runtime: Pyodide 0.28.3 (Python 3.11 in WebAssembly)
- Code Editor: Monaco Editor
- Deployment:
- Frontend + API Functions: Vercel
- Backend + Redis: Railway
For detailed architecture information, see Architecture Documentation.
Comprehensive documentation is available in the /docs directory:
- Getting Started - Installation and setup guide
- API Reference - Complete API documentation for all endpoints
- Architecture - System architecture and design decisions
- Security - Security practices and threat model
- Deployment - Production deployment guide for Vercel and Railway
- Contributing - Contribution guidelines and development standards
Additional documentation:
- Adding File Upload Analysis Pages
- Adding Backend Tools
- Event Log Automated Analysis
- Environment Variables
sectoolbox/
├── api/ # Vercel serverless functions
│ ├── threat-intel.js # Threat intelligence integrations
│ ├── nmap.js # Port scanning
│ ├── headers.js # HTTP header analysis
│ ├── passivedns.js # DNS history queries
│ └── archive.js # Wayback Machine integration
├── backend/ # Railway backend server
│ └── src/
│ ├── routes/ # REST API endpoints
│ ├── workers/ # Background job processors
│ ├── services/ # Queue, WebSocket, storage
│ └── utils/ # Shared utilities
├── src/ # Frontend React application
│ ├── components/ # Reusable UI components
│ ├── pages/ # Application pages
│ ├── lib/ # Analysis logic and utilities
│ ├── services/ # API client, WebSocket
│ └── hooks/ # React hooks
├── public/ # Static assets
└── docs/ # Documentation
- Discord: Join our server
- GitHub Discussions: Ask questions
- Bug Reports: Open an issue
- Contributors: View contributors
We welcome contributions from the community. Before contributing, please review:
- Contributing Guidelines - Development standards and PR process
- Code of Conduct - Community standards
- Security Policy - Reporting vulnerabilities
Built for the cybersecurity community with modern web technologies.
Star us on GitHub if you find this project useful.