snicat is a lightweight command-line utility developed by CTFd that extends the behavior of traditional netcat by adding native support for TLS and Server Name Indication (SNI).

It enables direct interaction with remote services hosted behind HTTPS endpoints (typically on port 443) by automatically:

• establishing a TLS connection
• sending the correct hostname via SNI during the handshake

This is particularly useful in CTF environments where multiple services are multiplexed behind a single IP address and routed based on hostname.

Unlike traditional tools like netcat, SNICat removes the need for manual TLS handling or additional wrappers when dealing with modern infrastructure that relies on SNI-based routing.

To properly send and receive data from a service normally used with snicat, you can use pwntools’ remote with little configuration. Here a lightweight example:

from pwn import remote

io = remote(HOST, 443, ssl=True, sni=HOST)