The increased demand of cyber security professionals has also increased the development of new platforms and tools that help those professionals to improve their offensive skills. One of these platforms is HackTheBox, an online cyber security training platform that delivers a controlled and safe environment for those professionals to explore virtual machines in a Capture the Flag (CTF) competition style. Most of the tools used in a CTF, or even on real-world Penetration Testing (Pentest), were developed for specific reasons so each tool usually has different input and output formats. These different formats make it hard for cyber security professionals and CTF competitors to develop an attack graph. In order to help cyber security professionals and CTF competitors to discover, select and exploit an attack vector, this paper presents Shadow Blade, a tool to aid users to interact with their attack vectors.

翻译：随着对网络安全专业人员需求的增长，帮助这些专业人员提升攻击技能的新平台和工具也在加速发展。HackTheBox 便是其中之一，这是一个在线网络安全培训平台，为专业人员提供受控且安全的环境，使他们能够以夺旗赛（CTF）的形式探索虚拟机。目前，CTF 乃至实际渗透测试中使用的多数工具均为特定目的而开发，导致各工具的输入输出格式各不相同。这种格式差异使得网络安全专业人员和 CTF 参赛者难以构建攻击图。为帮助网络安全专业人员和 CTF 参赛者发现、选择并利用攻击向量，本文提出了 Shadow Blade——一种辅助用户与其攻击向量进行交互的工具。