CipherStrike simulates ransomware behavior, testing EDR defenses by encrypting files, exfiltrating data, and more.
CipherStrike is a Python-based ransomware simulation tool designed to test endpoint detection and response (EDR) systems. It mimics a real-world ransomware attack, encrypting files, exfiltrating data, and providing decryption functionality. A command-and-control (C2) server is included for victim communication, enabling testing and strengthening of cybersecurity defenses.
-
🛡️ Simulates Ransomware Attacks: Encrypts files and mimics real-world ransomware behavior.
-
💻 Command-and-Control (C2) Server: Allows communication between attacker and infected systems.
-
🔐 File Encryption: Uses AES encryption to secure victim data.
-
💾 Data Exfiltration: Sends encrypted data to a C2 server for testing exfiltration detection.
-
📝 Ransom Note: Generates a ransom note for victim systems to simulate a full attack scenario.
- Pre-requisites: Ensure you have Python3 installed on your system.
- Clone the Repo: Use "git clone https://github.com/Cursed271/CipherStrike"
- Traverse into the Directory: Use "cd CipherStrike"
- Install Dependencies: Use "pip3 install -r requirements.txt"
- Execute the PII Generator Script: Use "python3 CipherStrikePII.py"
- Execute the C2 Server Script: Use "python3 CipherStrikeC2.py"
- Execute the Ransomware Script: Use "python3 CipherStrike.py"
- Choose the Ransomware Mode: Encryption, Decryption or C2 Simulation
Have suggestions or feature requests? Feel free to reach out via:
- 🐦 Twitter: @Cursed271
- 🐙 GitHub: @Cursed271
- 🔗 LinkedIn: Steven Pereira
- 📧 Email: cursed.pereira@proton.me
- 🐞 File an Issue: GitHub Issues
- 💡 Request a Feature: Feature Requests
Your feedback helps improve CipherStrike! Contributions and PRs are always welcome. 🚀
- Steven Pereira (aka Cursed) - Creator & Maintainer
CipherStrike is licensed under the MIT License. See the LICENSE file for details.