XENA

XENA is Software for Cyber-Security Automation, Adversary Simulations, and Red Team Operations.

Why XENA?

XENA strives to be fully integrated security penetration testing framework. It is equipped with a post-exploitation agent, C2 server, and a dark-themed elegant user interface.

Features

Agent features:

• Cross Platform
• Persistence (Windows)
• Real-Time Communication On Demand
• File Browser
• Encrypted Network Communication
• Execute Shell Commands
• Executing Automation Pipelines

Automation Pipelines:

• Port Scanning
• Execute Shell Commands
• Active and Passive Subdomain Discovery
• Top-Level Domain Enumeration
• SSH Bruteforce
• Web Dorking
• Web Crawling
• Web Path Bruteforce
• Reverse DNS Lookups
• 403 Bypass
• CORS Scanner
• Host Header Injection Scanner

and many more...

Can I Integrate With XENA?

Of course, you can! XENA's Command & Control (C2) server has a HTTP API with an available HTTP client library at your disposal Go To GitHub. The API can be used for a few use cases:

• Create custom Agents and connect them with XENA C2.  Here is an example on how to do it.
• Create a custom User Interface or Automate Tasks and manage XENA via its HTTP Client Library.

Planned Updates?

We will release regular updates. You will be able to download them for free if you already own a copy of XENA.

Pricing?

This is community version.

We extend our tool and its DLCs as a complimentary offering to law enforcement agencies meeting specific criteria. Law enforcement entities eligible for this tool free of charge are those not sanctioned by the European Union or the United States and with a demonstrable commitment to upholding human rights standards. This offering is reserved for agencies dedicated to justice and fairness, aiming to support their operational effectiveness while maintaining ethical standards. Contact us for more information.