README.md |
CTF Tools
A curated list of awesome CTF frameworks, libraries, resources and softwares.
Contributing
Please take a quick gander at the contribution guidelines first.
If you know a tool that isn't present here, feel free to open a pull request.
Contents
Create
Tools used for creating CTF challenges
Forensics
Tools used for creating Forensics challenges
- Registry Dumper - Dump your registry
Web
Tools used for creating Web challenges
JavaScript Obfustcators
- Metasploit JavaScript Obfustcator
- Uglify
Solve
Tools used for solving CTF challenges
Attacks
Tools used for performing various kinds of attacks
- Layer 2 attacks - Attack various protocols on layer 2
Crypto
Tools used for solving Crypto challenges
- XORTool
- RSATool - Generate private key with knowledge of p and q
Bruteforcers
Tools used for various kind of bruteforcing (passwords etc.)
- John The Ripper
- John The Jumbo
- Ophcrack
Exploits
Tools used for solving Exploits challenges
- Metasploit - Most used penetration testing software
- pwntools - CTF Framework for writing exploits
Forensics
Tools used for solving Forensics challenges
- Volatility - To investigate memory dumps
- Shellbags - Investigate NT_USER.dat files
- Foremost - Extract particular kind of files using headers
apt-get install foremost
- Wireshark - Analyze the network dumps
apt-get install wireshark
- Audacity - Analyze sound files (mp3, m4a, whatever)
apt-get install audacity
- extundelete - Used for recovering lost data from mountable images
- fsck.ext4 - Used to fix corrupt filesystems
- RegistryViewer - Used to view windows registries
- bkhive and samdump2 - Dump SYSTEM and SAM files
- creddump - Dump windows credentials
- UsbForensics - Contains many tools for usb forensics
- [ResourcesExtract] - Extract various filetypes from exes
- CFF Explorer - PE Editor
- Malzilla - Malware hunting tool
- PDF Streams Inflater - Find and extract zlib files compressed in PDF files
Reversing
Tools used for solving Reversing challenges
- Androguard - Reverse engineer Android applications
- Apk2Gold - Yet another Android decompiler
- ApkTool - Android Decompiler
- IDA Pro - Ultimate solution to reversing needs
- Krakatau - Java decompiler and disassembler
- Revelo
- Uncompyle - Decompile Python 2.7 binaries (.pyc)
JavaScript Deobfustcators
- Detox
- BinWalk - Analyze, reverse engineer, and extract firmware images.
- Jadx - Decompile Android files
- Boomerang - Decompile x86 binaries to C
Services
Various kind of useful services available around the internet
- Request Bin - Lets you inspect http requests to a particular url
- CSWSH - Cross-Site WebSocket Hijacking Tester
Stegano
Tools used for solving Steganography challenges
- Stegsolve
- Steganabara
- Steghide
- pngtools - For various analysis related to PNGs
apt-get install pngtools
- SmartDeblur Used to deblur and fix defocused images
Web
Tools used for solving Web challenges
Resources
Where to discover about CTF
Websites
Various general websites about and on ctf
- CTF Time - General information on CTF occuring around the worlds
Writeups Collections
Collections of CTF writeups
- CTF Writeups (Community) - CTF Writeups Repos maintained by community
- Shell Storm - CTF Writeups Repo maintained by Jonathan Salwan
Tutorials
Tutorials to learn how to play CTFs