No description
Find a file
2015-04-26 11:45:02 +05:30
README.md Fix malzilla location 2015-04-26 11:45:02 +05:30

CTF Tools

A curated list of awesome CTF frameworks, libraries, resources and softwares.

Contributing

Please take a quick gander at the contribution guidelines first.

If you know a tool that isn't present here, feel free to open a pull request.

Contents

Create

Tools used for creating CTF challenges

Forensics

Tools used for creating Forensics challenges

Web

Tools used for creating Web challenges

JavaScript Obfustcators

  • Metasploit JavaScript Obfustcator
  • Uglify

Solve

Tools used for solving CTF challenges

Attacks

Tools used for performing various kinds of attacks

Crypto

Tools used for solving Crypto challenges

  • XORTool
  • RSATool - Generate private key with knowledge of p and q

Bruteforcers

Tools used for various kind of bruteforcing (passwords etc.)

  • John The Ripper
  • John The Jumbo
  • Ophcrack

Exploits

Tools used for solving Exploits challenges

  • Metasploit - Most used penetration testing software
  • pwntools - CTF Framework for writing exploits

Forensics

Tools used for solving Forensics challenges

  • Volatility - To investigate memory dumps
  • Shellbags - Investigate NT_USER.dat files
  • Foremost - Extract particular kind of files using headers
    • apt-get install foremost
  • Wireshark - Analyze the network dumps
    • apt-get install wireshark
  • Audacity - Analyze sound files (mp3, m4a, whatever)
    • apt-get install audacity
  • extundelete - Used for recovering lost data from mountable images
  • fsck.ext4 - Used to fix corrupt filesystems
  • RegistryViewer - Used to view windows registries
  • bkhive and samdump2 - Dump SYSTEM and SAM files
  • creddump - Dump windows credentials
  • UsbForensics - Contains many tools for usb forensics
  • [ResourcesExtract] - Extract various filetypes from exes
  • CFF Explorer - PE Editor
  • Malzilla - Malware hunting tool
  • PDF Streams Inflater - Find and extract zlib files compressed in PDF files

Reversing

Tools used for solving Reversing challenges

  • Androguard - Reverse engineer Android applications
  • Apk2Gold - Yet another Android decompiler
  • ApkTool - Android Decompiler
  • IDA Pro - Ultimate solution to reversing needs
  • Krakatau - Java decompiler and disassembler
  • Revelo
  • Uncompyle - Decompile Python 2.7 binaries (.pyc)

JavaScript Deobfustcators

  • Detox
  • BinWalk - Analyze, reverse engineer, and extract firmware images.
  • Jadx - Decompile Android files
  • Boomerang - Decompile x86 binaries to C

Services

Various kind of useful services available around the internet

  • Request Bin - Lets you inspect http requests to a particular url
  • CSWSH - Cross-Site WebSocket Hijacking Tester

Stegano

Tools used for solving Steganography challenges

  • Stegsolve
  • Steganabara
  • Steghide
  • pngtools - For various analysis related to PNGs
    • apt-get install pngtools
  • SmartDeblur Used to deblur and fix defocused images

Web

Tools used for solving Web challenges

  • XSSer - Automated XSS testor
  • SQLMap - Automatic SQL injection and database takeover tooli

Resources

Where to discover about CTF

Websites

Various general websites about and on ctf

  • CTF Time - General information on CTF occuring around the worlds

Writeups Collections

Collections of CTF writeups

Tutorials

Tutorials to learn how to play CTFs