CipherSuite
Your entire pentest workflow in one workspace.
CipherSuite replaces the fragmented stack most security professionals tolerate (notes in Notion, evidence in Drive, reports in Word) with a single dark-themed workspace. Findings, evidence, notes, and AI-assisted reports live in one place, with project-level isolation and full audit logging.
Dashboard
RISK 78CRIT
1
HIGH
3
MED
5
LOW
3
FINDINGS BY DAY
RECENT ACTIVITY
Findings (12)
# Entry-point recap
Origin: ACME-Q4 / web tier
Status: open
## Findings
- F-001 SQLi on /api/login (CRIT)
- F-002 Missing CSRF on /admin (HIGH)
## Tooling
burp_pro, sqlmap, gowitness, ffuf
autosaved 1.5s ago
# Entry-point recap
Origin: ACME-Q4 / web tier
Status: open
Findings
- + F-001 SQLi on /api/login (CRIT)
- + F-002 Missing CSRF on /admin (HIGH)
Tool Import
Paste raw output. AI structures it into findings.
# nmap -sV -sC target.acme.com
Starting Nmap 7.94
22/tcp open ssh OpenSSH 7.2p2
80/tcp open http nginx 1.10.0
443/tcp open https nginx 1.10.0
3306/tcp open mysql MySQL 5.5.62
| ssl-cert: subject CN=acme.com
| ssl-enum: TLSv1.0 enabled
Service Info: OS Linux
Done in 47.21s
TLSv1.0 enabled (legacy ciphers)
MySQL 5.5.62 reaches EoL
OpenSSH 7.2p2 outdated
Service banners disclose versions
Reports
AI . CLAUDEExecutive Summary
Board-ready, risk language
4-6 pp
Technical Report
SELECTEDFull PoC + remediation
20-40 pp
Full Pentest
Methodology + scope + appendix
30-60 pp
Bug Bounty
Per-finding submission format
1-3 pp
# Generating: Technical Report
Reading 12 findings ........................ ok
Reading 38 evidence files .................. ok
Reading 5 notes ............................. ok
Synthesising executive summary ............. ok
Drafting per-finding sections .............. ok
Mapping CWE / CVSS / OWASP ................. ok
Rendering PDF .............................. ok
report.pdf ready . 32 pp . download
Under the hood.
Modern web stack with battle-tested AI and storage.
CipherSuite is built on Next.js 14 with the App Router, TypeScript end-to-end, and Tailwind plus shadcn/ui for the dark war-room aesthetic. Firebase handles Auth, Firestore real-time sync, and Storage for evidence files. Anthropic Claude powers the report and tool-output flows.
- +Next.js 14 (App Router, SSR) + TypeScript
- +Tailwind CSS + shadcn/ui (dark war-room theme)
- +Firebase: Auth, Firestore, Storage
- +Anthropic Claude API (reports + tool import)
- +Recharts for analytics, react-markdown for content
One workspace beats four silos.
Security work that lives across Notion, Drive, Word, and a screenshot folder loses information at every handoff. CipherSuite collapses the surface area: notes link to findings, findings link to evidence, AI reads the whole context when it writes the report. The boring parts of professional security work get faster.
- +Context preservation across notes, findings, and evidence
- +AI reasoning over the entire engagement
- +Project-level isolation with Firestore rules
- +Audit log on every change for trust and review
A two-week bug-bounty engagement, end to end.
You start a new engagement, drop in your scope, paste your nmap output, accept the AI-converted findings. Over the next ten days you add evidence directly from your terminal, write the technical detail in markdown notes, and pin the must-fix items. On day fourteen you click Generate Report, choose the Bug Bounty template, and download a polished PDF with all evidence inline. The client sees a deliverable that took an hour, not a weekend.
CipherSuite.
Open the site.
Free, live, and used by pentesters in production today. Open the workspace at ciphersuite.alcyonesecure.in and start a project in under 60 seconds.