The increasing ubiquity of digital systems in daily life has significantly expanded the attack surface for cyber threats, demanding new tools and methodologies for effective defense. Traditional security practices are no longer sufficient in the face of evolving and sophisticated cyberattacks. Therefore, this paper introduces Red Team Knife (RTK), a tool designed to support cybersecurity education and practice by guiding users-both novices and experts-through structured penetration testing activities aligned with the Cyber Kill Chain model. RTK integrates widely-used red teaming tools (e.g., Nmap, Sqlmap, theHarvester) within a user-friendly graphical interface built on the MVC paradigm. It provides contextual guidance and execution support to enhance usability and streamline pentesting workflows. The tool was tested on vulnerable virtual machines (XVWA and OWASP BWA), demonstrating its ability to identify security flaws, assist users with targeted hints, and maintain a persistent knowledge base through result saving and restoration features. RTK represents a valuable contribution to cybersecurity training and operational efficiency. Providing a guided, modular, and extensible environment for penetration testing improves educational outcomes and real-world security assessments.
Red Team Knife to improve Cyber Security Education
Caivano D.;Gentile A.;Piccinno A.
2025-01-01
Abstract
The increasing ubiquity of digital systems in daily life has significantly expanded the attack surface for cyber threats, demanding new tools and methodologies for effective defense. Traditional security practices are no longer sufficient in the face of evolving and sophisticated cyberattacks. Therefore, this paper introduces Red Team Knife (RTK), a tool designed to support cybersecurity education and practice by guiding users-both novices and experts-through structured penetration testing activities aligned with the Cyber Kill Chain model. RTK integrates widely-used red teaming tools (e.g., Nmap, Sqlmap, theHarvester) within a user-friendly graphical interface built on the MVC paradigm. It provides contextual guidance and execution support to enhance usability and streamline pentesting workflows. The tool was tested on vulnerable virtual machines (XVWA and OWASP BWA), demonstrating its ability to identify security flaws, assist users with targeted hints, and maintain a persistent knowledge base through result saving and restoration features. RTK represents a valuable contribution to cybersecurity training and operational efficiency. Providing a guided, modular, and extensible environment for penetration testing improves educational outcomes and real-world security assessments.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
