Project Showcase: Strelok, Wish Granter & Ionosphere

Published on: April 24, 2025 | By: NLS

Just wanted to use this post to share three projects I’ve been working on (or have worked on) recently. They all revolve around automation, security, and AI to some extent.

Strelok: Reconnaissance Automation

• Repo: ZoneSentinel/Strelok on GitHub
• URL : Strelok

Strelok is a platform aimed at automating the reconnaissance phase for bug bounty hunting and penetration testing. The idea is to orchestrate standard CLI tools (Subfinder, Httpx, Nuclei, etc.) and add an AI analysis layer to interpret results and guide the next steps.

Key Features:

• Chained tool pipeline (subdomains, services, web, vulnerabilities).
• LLM integration for scan analysis.
• Modular architecture (potentially microservices).
• Web interface for interaction.

It’s still under active development, but the goal is to streamline and speed up the information gathering phase and include more offensive security tools.

Wish-Granter: AI-Assisted Analysis in Burp Suite

• Repo: ZoneSentinel/Wish-Granter on GitHub

Wish-Granter is an extension for Burp Suite Pro. It allows sending HTTP requests/responses to an AI API (configurable, like OpenAI/OpenRouter) directly from Burp to get a security analysis, identify potential vulnerabilities, or simply better understand a complex request.

Key Features:

• Direct integration into Burp’s right-click menu.
• Use predefined templates or custom prompts.
• Caches results to avoid redundant API calls.
• Requires Burp Pro, Jython, and a compatible API key.

Pretty handy for getting a quick “second opinion” on a request or exploring attack vectors suggested by the AI. The .jar version is WIP!

Ionosphere: CTI Dashboard for Data Breaches

• Repo: (Currently private, summary below)
• URL : Ionosphere

Ionosphere is a personal CTI (Cyber Threat Intelligence) dashboard project. The goal is to automatically monitor certain sources (discussion forums, etc.) mentioning data breaches, analyze the content of new posts (title, description, data samples) via an AI API, and present everything in a structured way.

Key Features:

• Modular Scraping: An external Python script monitors sources and generates standardized JSON.
• Django Backend: Manages data import (via manage.py command), database (SQLite), asynchronous tasks (Django Q) for AI analysis.
• AI Analysis: Uses the OpenRouter API to summarize/analyze scraped content.
• Interface: Simple dashboard (Django + Tailwind) displaying listings, analysis status (Pending, Completed, Failed), and results.

This project aims to centralize and pre-analyze information on new breaches for more effective monitoring. The scraping is decoupled, allowing new data sources to be added easily without touching the core Django application.

peace out