ctf-tools/README.md

# ctf-tools

This is a collection of setup scripts to create an install of various security research tools.
Of course, this isn't a hard problem, but it's really nice to have them in one place that's easily deployable to new machines and so forth.

Installers for the following tools are included:

| Category | Tool | Description |
|----------|------|-------------|
| binary | [afl](http://lcamtuf.coredump.cx/afl/) | State-of-the-art fuzzer. |
| binary | [barf](https://github.com/programa-stic/barf-project) | Binary Analysis and Reverse-engineering Framework. |
| binary | [bindead](https://bitbucket.org/mihaila/bindead/wiki/Home) | A static analysis tool for binaries. |
| binary | [checksec](https://github.com/slimm609/checksec.sh) | Check binary hardening settings. |
| binary | [codereason](https://github.com/trailofbits/codereason) | Semantic Binary Code Analysis Framework. |
| binary | [crosstool-ng](http://crosstool-ng.org/) | Cross-compilers and cross-architecture tools. |
| binary | [evilize](http://www.mathstat.dal.ca/~selinger/md5collision/) | Tool to create MD5 colliding binaries |
| binary | [gdb](http://www.gnu.org/software/gdb/) | Up-to-date gdb with python2 bindings. |
| binary | [peda](https://github.com/longld/peda) | Enhanced environment for gdb. |
| binary | [preeny](https://github.com/zardus/preeny) | A collection of helpful preloads (compiled for many architectures!). |
| binary | [villoc](https://github.com/wapiflapi/villoc) | Visualization of heap operations. |
| binary | [qemu](http://qemu.org) | Latest version of qemu! |
| binary | [pathgrind](https://github.com/codelion/pathgrind) | Path-based, symbolically-assisted fuzzer. |
| binary | [virtualsocket](https://github.com/antoniobianchi333/virtualsocket) | A nice library to interact with binaries. |
| binary | [pwntools](https://github.com/Gallopsled/pwntools) | Useful CTF utilities. |
| binary | [python-pin](https://github.com/blankwall/Python_Pin) | Python bindings for pin. |
| binary | [radare2](http://www.radare.org/) | Some crazy thing crowell likes. |
| binary | [shellnoob](https://github.com/reyammer/shellnoob) | Shellcode writing helper. |
| binary | [taintgrind](https://github.com/wmkhoo/taintgrind) | A valgrind taint analysis tool. |
| binary | [qira](http://qira.me) | Parallel, timeless debugger. |
| binary | [xrop](https://github.com/acama/xrop) | Gadget finder. |
| binary | [rp++](https://github.com/0vercl0k/rp) | Another gadget finder. |
| forensics | [binwalk](https://github.com/devttys0/binwalk.git) | Firmware (and arbitrary file) analysis tool. |
| forensics | [dislocker](http://www.hsc.fr/ressources/outils/dislocker/) | Tool for reading Bitlocker encrypted partitions. |
| forensics | [firmware-mod-kit](https://code.google.com/p/firmware-mod-kit/) | Tools for firmware packing/unpacking. |
| forensics | [testdisk](http://www.cgsecurity.org/wiki/TestDisk) | Testdisk and photorec for file recovery. |
| forensics | [pdf-parser](http://blog.didierstevens.com/programs/pdf-tools/) | Tool for digging in PDF files |
| forensics | [scrdec](https://gist.github.com/bcse/1834878) | A decoder for encoded Windows Scripts. |
| crypto | [cribdrag](https://github.com/SpiderLabs/cribdrag) | Interactive crib dragging tool (for crypto). |
| crypto | [foresight](https://github.com/ALSchwalm/foresee) | A tool for predicting the output of random number generators. To run, launch "foresee". |
| crypto | [hashpump](https://github.com/bwall/HashPump) | A tool for performing hash length extension attaacks. |
| crypto | [hashpump-partialhash](https://github.com/mheistermann/HashPump-partialhash) | Hashpump, supporting partially-unknown hashes. |
| crypto | [hash-identifier](https://code.google.com/p/hash-identifier/source/checkout) | Simple hash algorithm identifier. |
| crypto | [littleblackbox](https://github.com/devttys0/littleblackbox) | Database of private SSL/SSH keys for embedded devices. |
| crypto | [pemcrack](https://github.com/robertdavidgraham/pemcrack) | SSL PEM file cracker. |
| crypto | [reveng](http://reveng.sourceforge.net/) | CRC finder. |
| crypto | [sslsplit](https://github.com/droe/sslsplit) | SSL/TLS MITM. |
| crypto | [python-paddingoracle](https://github.com/mwielgoszewski/python-paddingoracle) | Padding oracle attack automation. |
| crypto | [xortool](https://github.com/hellman/xortool) | XOR analysis tool. |
| web | [burp](http://portswigger.net/burp) | Web proxy to do naughty web stuff. |
| web | [dirs3arch](https://github.com/maurosoria/dirs3arch) | Web path scanner. |
| web | [sqlmap](http://sqlmap.org/) | SQL injection automation engine. |
| web | [commix](https://github.com/stasinopoulos/commix) | Command injection and exploitation tool. |
| stego | [sound-visualizer](http://www.sonicvisualiser.org/) | Audio file visualization. |
| stego | [stegdetect](http://www.outguess.org/) | Steganography detection/breaking tool. |
| stego | [steganabara](http://www.caesum.com/handbook/stego.htm) | Antoher image steganography solver. |
| stego | [stegsolve](http://www.caesum.com/handbook/stego.htm) | Image steganography solver. |
| android | [APKTool](https://ibotpeaches.github.io/Apktool/) | Dissect, dis-assemble, and re-pack Android APKs |

There are also some installers for non-CTF stuff to break the monotony!

| Category | Tool | Description |
|----------|------|-------------|
| game | [Dwarf Fortress](http://www.bay12games.com/dwarves/) | Something to help you relax after a CTF! |

## Usage

To use, do:

```bash
# set up the path
/path/to/ctf-tools/bin/manage-tools setup
source ~/.bashrc

# list the available tools
manage-tools list

# install gdb, allowing it to try to sudo install dependencies
manage-tools -s install gdb

# install pwntools, but don't let it sudo install dependencies
manage-tools install pwntools

# uninstall gdb
manage-tools uninstall gdb

# uninstall all tools
manage-tools uninstall all
```

Where possible, the tools keep the installs very self-contained (i.e., in to tool/ directory), and most uninstalls are just calls to `git clean` (**NOTE**, this is **NOT** careful; everything under the tool directory, including whatever you were working on, is blown away during an uninstall).
To support python dependencies, however, make sure to create a virtualenv before installing and using tools (i.e., `mkvirtualenv ctf`).

## Adding Tools

To add a tool (say, named *toolname*), do the following:

1. Create a `toolname` directory.
2. Create an `install` script.
3. (optional) if special uninstall steps are reuired, create an `uninstall` script.

### Install Scripts

The install script will be run with `$PWD` being `toolname`. It should install the tool into this directory, in as contained a manner as possible.
Ideally, full uninstallation should be possible with a `git clean`.

The install script should create a `bin` directory and put its executables there.
These executables will be automatically linked into the main `bin` directory for the repo.
They could be launched from any directory, so don't make assumptions about the location of `$0`!

## License

The individual tools are all licensed under their own licenses.
As for ctf-tools itself, it is "starware".
If you find it useful, star it on github (https://github.com/zardus/ctf-tools).

Good luck!

# See Also

There's a curated list of CTF tools, but without installers, here: https://github.com/apsdehal/awesome-ctf.
typo 2015-05-07 20:29:51 +00:00			`# ctf-tools`
first commit! 2015-05-07 11:02:00 +00:00
			`This is a collection of setup scripts to create an install of various security research tools.`
added preeny! 2015-05-07 20:25:48 +00:00			`Of course, this isn't a hard problem, but it's really nice to have them in one place that's easily deployable to new machines and so forth.`

			`Installers for the following tools are included:`

			`\| Category \| Tool \| Description \|`
			`\|----------\|------\|-------------\|`
links! 2015-05-08 05:08:43 +00:00			`\| binary \| [afl](http://lcamtuf.coredump.cx/afl/) \| State-of-the-art fuzzer. \|`
added BARF 2015-05-14 05:29:52 +00:00			`\| binary \| [barf](https://github.com/programa-stic/barf-project) \| Binary Analysis and Reverse-engineering Framework. \|`
semi-working bindead 2015-05-14 19:49:06 +00:00			`\| binary \| [bindead](https://bitbucket.org/mihaila/bindead/wiki/Home) \| A static analysis tool for binaries. \|`
links! 2015-05-08 05:08:43 +00:00			`\| binary \| [checksec](https://github.com/slimm609/checksec.sh) \| Check binary hardening settings. \|`
codereason 2015-06-19 17:34:31 +00:00			`\| binary \| [codereason](https://github.com/trailofbits/codereason) \| Semantic Binary Code Analysis Framework. \|`
links! 2015-05-08 05:08:43 +00:00			`\| binary \| [crosstool-ng](http://crosstool-ng.org/) \| Cross-compilers and cross-architecture tools. \|`
Update README.md 2015-09-21 13:43:26 +00:00			`\| binary \| [evilize](http://www.mathstat.dal.ca/~selinger/md5collision/) \| Tool to create MD5 colliding binaries \|`
links! 2015-05-08 05:08:43 +00:00			`\| binary \| [gdb](http://www.gnu.org/software/gdb/) \| Up-to-date gdb with python2 bindings. \|`
			`\| binary \| [peda](https://github.com/longld/peda) \| Enhanced environment for gdb. \|`
			`\| binary \| [preeny](https://github.com/zardus/preeny) \| A collection of helpful preloads (compiled for many architectures!). \|`
villoc 2015-05-08 06:08:30 +00:00			`\| binary \| [villoc](https://github.com/wapiflapi/villoc) \| Visualization of heap operations. \|`
links! 2015-05-08 05:08:43 +00:00			`\| binary \| [qemu](http://qemu.org) \| Latest version of qemu! \|`
added pathgrind 2015-06-19 18:48:15 +00:00			`\| binary \| [pathgrind](https://github.com/codelion/pathgrind) \| Path-based, symbolically-assisted fuzzer. \|`
adding virtualsocket 2015-08-02 09:02:11 +00:00			`\| binary \| [virtualsocket](https://github.com/antoniobianchi333/virtualsocket) \| A nice library to interact with binaries. \|`
pwntools 2015-05-08 02:24:30 +00:00			`\| binary \| [pwntools](https://github.com/Gallopsled/pwntools) \| Useful CTF utilities. \|`
python bindings for pin 2015-05-08 08:50:50 +00:00			`\| binary \| [python-pin](https://github.com/blankwall/Python_Pin) \| Python bindings for pin. \|`
links! 2015-05-08 05:08:43 +00:00			`\| binary \| [radare2](http://www.radare.org/) \| Some crazy thing crowell likes. \|`
			`\| binary \| [shellnoob](https://github.com/reyammer/shellnoob) \| Shellcode writing helper. \|`
taintgrind 2015-05-08 08:38:42 +00:00			`\| binary \| [taintgrind](https://github.com/wmkhoo/taintgrind) \| A valgrind taint analysis tool. \|`
added qira 2015-05-07 23:55:04 +00:00			`\| binary \| [qira](http://qira.me) \| Parallel, timeless debugger. \|`
links! 2015-05-08 05:08:43 +00:00			`\| binary \| [xrop](https://github.com/acama/xrop) \| Gadget finder. \|`
Add rp++ as an installable tool 2015-05-12 00:15:36 +00:00			`\| binary \| [rp++](https://github.com/0vercl0k/rp) \| Another gadget finder. \|`
binwalk 2015-05-08 02:50:13 +00:00			`\| forensics \| [binwalk](https://github.com/devttys0/binwalk.git) \| Firmware (and arbitrary file) analysis tool. \|`
added the names to the readme 2015-05-10 07:24:34 +00:00			`\| forensics \| [dislocker](http://www.hsc.fr/ressources/outils/dislocker/) \| Tool for reading Bitlocker encrypted partitions. \|`
links! 2015-05-08 05:08:43 +00:00			`\| forensics \| [firmware-mod-kit](https://code.google.com/p/firmware-mod-kit/) \| Tools for firmware packing/unpacking. \|`
			`\| forensics \| [testdisk](http://www.cgsecurity.org/wiki/TestDisk) \| Testdisk and photorec for file recovery. \|`
Add new tools to readme 2015-05-11 05:41:44 +00:00			`\| forensics \| [pdf-parser](http://blog.didierstevens.com/programs/pdf-tools/) \| Tool for digging in PDF files \|`
added scrdec for decoding windows script files 2015-09-05 08:10:38 +00:00			`\| forensics \| [scrdec](https://gist.github.com/bcse/1834878) \| A decoder for encoded Windows Scripts. \|`
links! 2015-05-08 05:08:43 +00:00			`\| crypto \| [cribdrag](https://github.com/SpiderLabs/cribdrag) \| Interactive crib dragging tool (for crypto). \|`
added foresee, used for crypto100 for whitehat gp 2015 2015-10-25 03:52:24 +00:00			`\| crypto \| [foresight](https://github.com/ALSchwalm/foresee) \| A tool for predicting the output of random number generators. To run, launch "foresee". \|`
links! 2015-05-08 05:08:43 +00:00			`\| crypto \| [hashpump](https://github.com/bwall/HashPump) \| A tool for performing hash length extension attaacks. \|`
hashpump with partial hashes 2015-05-08 05:14:51 +00:00			`\| crypto \| [hashpump-partialhash](https://github.com/mheistermann/HashPump-partialhash) \| Hashpump, supporting partially-unknown hashes. \|`
hash identifier 2015-05-07 20:54:42 +00:00			`\| crypto \| [hash-identifier](https://code.google.com/p/hash-identifier/source/checkout) \| Simple hash algorithm identifier. \|`
hashpump with partial hashes 2015-05-08 05:14:51 +00:00			`\| crypto \| [littleblackbox](https://github.com/devttys0/littleblackbox) \| Database of private SSL/SSH keys for embedded devices. \|`
pemcrack 2015-05-08 03:25:38 +00:00			`\| crypto \| [pemcrack](https://github.com/robertdavidgraham/pemcrack) \| SSL PEM file cracker. \|`
reveng 2015-05-08 03:37:57 +00:00			`\| crypto \| [reveng](http://reveng.sourceforge.net/) \| CRC finder. \|`
sslsplit 2015-05-08 03:28:48 +00:00			`\| crypto \| [sslsplit](https://github.com/droe/sslsplit) \| SSL/TLS MITM. \|`
oops 2015-05-11 04:08:17 +00:00			`\| crypto \| [python-paddingoracle](https://github.com/mwielgoszewski/python-paddingoracle) \| Padding oracle attack automation. \|`
links! 2015-05-08 05:08:43 +00:00			`\| crypto \| [xortool](https://github.com/hellman/xortool) \| XOR analysis tool. \|`
burp 2015-05-14 21:37:56 +00:00			`\| web \| [burp](http://portswigger.net/burp) \| Web proxy to do naughty web stuff. \|`
links! 2015-05-08 05:08:43 +00:00			`\| web \| [dirs3arch](https://github.com/maurosoria/dirs3arch) \| Web path scanner. \|`
			`\| web \| [sqlmap](http://sqlmap.org/) \| SQL injection automation engine. \|`
Update README.md 2015-08-28 10:01:33 +00:00			`\| web \| [commix](https://github.com/stasinopoulos/commix) \| Command injection and exploitation tool. \|`
music file visualizer 2015-05-11 04:44:07 +00:00			`\| stego \| [sound-visualizer](http://www.sonicvisualiser.org/) \| Audio file visualization. \|`
added stegdetect 2015-05-14 04:36:14 +00:00			`\| stego \| [stegdetect](http://www.outguess.org/) \| Steganography detection/breaking tool. \|`
steganabara 2015-05-11 04:07:46 +00:00			`\| stego \| [steganabara](http://www.caesum.com/handbook/stego.htm) \| Antoher image steganography solver. \|`
music file visualizer 2015-05-11 04:44:07 +00:00			`\| stego \| [stegsolve](http://www.caesum.com/handbook/stego.htm) \| Image steganography solver. \|`
Add new tools to readme 2015-05-11 05:41:44 +00:00			`\| android \| [APKTool](https://ibotpeaches.github.io/Apktool/) \| Dissect, dis-assemble, and re-pack Android APKs \|`
added action doc to manage-tools 2015-05-11 10:02:14 +00:00
very important tool 2015-05-14 19:59:11 +00:00			`There are also some installers for non-CTF stuff to break the monotony!`

			`\| Category \| Tool \| Description \|`
			`\|----------\|------\|-------------\|`
			`\| game \| [Dwarf Fortress](http://www.bay12games.com/dwarves/) \| Something to help you relax after a CTF! \|`

added action doc to manage-tools 2015-05-11 10:02:14 +00:00			`## Usage`

			`To use, do:`

			```bash
			`# set up the path`
fixed manage-tools location 2015-05-14 19:50:51 +00:00			`/path/to/ctf-tools/bin/manage-tools setup`
added action doc to manage-tools 2015-05-11 10:02:14 +00:00			`source ~/.bashrc`

			`# list the available tools`
			`manage-tools list`

			`# install gdb, allowing it to try to sudo install dependencies`
			`manage-tools -s install gdb`

			`# install pwntools, but don't let it sudo install dependencies`
			`manage-tools install pwntools`

			`# uninstall gdb`
			`manage-tools uninstall gdb`

			`# uninstall all tools`
			`manage-tools uninstall all`
			```

			Where possible, the tools keep the installs very self-contained (i.e., in to tool/ directory), and most uninstalls are just calls to `git clean` (NOTE, this is NOT careful; everything under the tool directory, including whatever you were working on, is blown away during an uninstall).
			To support python dependencies, however, make sure to create a virtualenv before installing and using tools (i.e., `mkvirtualenv ctf`).

docs for adding tools 2015-05-08 01:01:30 +00:00			`## Adding Tools`

			`To add a tool (say, named toolname), do the following:`

			1. Create a `toolname` directory.
			2. Create an `install` script.
			3. (optional) if special uninstall steps are reuired, create an `uninstall` script.

			`### Install Scripts`

			The install script will be run with `$PWD` being `toolname`. It should install the tool into this directory, in as contained a manner as possible.
			Ideally, full uninstallation should be possible with a `git clean`.

			The install script should create a `bin` directory and put its executables there.
			These executables will be automatically linked into the main `bin` directory for the repo.
			They could be launched from any directory, so don't make assumptions about the location of `$0`!
Added awesome-ctf link! 2015-07-18 01:31:54 +00:00
starware! 2015-10-14 00:04:53 +00:00			`## License`

			`The individual tools are all licensed under their own licenses.`
			`As for ctf-tools itself, it is "starware".`
			`If you find it useful, star it on github (https://github.com/zardus/ctf-tools).`

			`Good luck!`

Added awesome-ctf link! 2015-07-18 01:31:54 +00:00			`# See Also`

			`There's a curated list of CTF tools, but without installers, here: https://github.com/apsdehal/awesome-ctf.`