No description
Find a file
2015-10-28 11:52:27 -07:00
afl add bison as a build dep 2015-05-18 01:39:09 -07:00
apktool Update apktool install to 2.0.1 2015-09-21 23:50:48 +10:00
barf added BARF 2015-05-13 22:29:52 -07:00
bin add manage-tools search 2015-10-25 10:42:46 -04:00
bindead apparently needs jdk? 2015-05-14 18:13:03 -07:00
binwalk binwalk 2015-05-07 19:50:13 -07:00
burp java deps 2015-05-14 18:12:30 -07:00
checksec changed the install system 2015-05-07 11:54:16 -07:00
codereason Fix missing LIB_VEX error 2015-09-12 01:21:32 +10:00
commix Made scripts executable 2015-09-23 03:41:17 +10:00
cribdrag changed the install system 2015-05-07 11:54:16 -07:00
crosstool Update uninstall 2015-05-14 18:44:22 -07:00
df don't override df! 2015-05-18 00:32:06 -07:00
dirs3arch Fix git clone RSA key error on Kali 2015-09-12 01:16:39 +10:00
dislocker added dislocker 2015-05-10 00:19:14 -07:00
elfkickers add elfkickers 2015-05-15 16:18:27 -07:00
evilize Made scripts executable 2015-09-23 03:41:17 +10:00
exetractor exetractor for unpacking packed python executables 2015-10-24 21:02:28 -07:00
firmware-mod-kit Fixes #9 - add liblzma-dev to install-root 2015-05-13 17:21:36 -07:00
foresight let's use https 2015-10-24 20:54:06 -07:00
gdb gdb latest is 7.10 2015-10-27 16:31:57 -04:00
hash-identifier hash identifier 2015-05-07 13:54:42 -07:00
hashpump install the python bindings 2015-05-08 13:09:39 -07:00
hashpump-partialhash hashpump with partial hashes 2015-05-07 22:14:51 -07:00
littleblackbox littleblackbox 2015-05-07 20:06:53 -07:00
msieve Create install-root 2015-09-28 12:40:22 +00:00
pathgrind added pathgrind 2015-06-19 11:48:15 -07:00
pdf-parser Fix minor issues with APKTool and pdf-parser 2015-05-10 22:42:10 -07:00
peda Use envir instead of hardcoded, forgot cd 2015-09-21 20:52:40 +10:00
pemcrack pemcrack 2015-05-07 20:25:38 -07:00
preeny accidentally left some stuff commented out 2015-05-10 21:10:17 -07:00
pwntools root requirements 2015-05-07 20:07:00 -07:00
python-paddingoracle python-paddingoracle 2015-05-07 19:44:48 -07:00
python-pin python bindings for pin 2015-05-08 01:50:50 -07:00
qemu Updated qemu to 2.4.0.1 2015-10-29 00:36:31 +11:00
qira fix the freaking install so that it no longer loops over and over -- wtf, me?? 2015-05-18 01:38:56 -07:00
radare2 did I even test this? 2015-05-11 00:44:49 -07:00
reveng Update install to 1.3.1, fix download host 2015-09-11 22:05:40 +10:00
rp++ Add rp++ as an installable tool 2015-05-11 17:15:36 -07:00
scrdec18 added scrdec for decoding windows script files 2015-09-05 01:10:38 -07:00
shellnoob shellnoob 2015-05-07 12:01:40 -07:00
sonic-visualizer whoops 2015-09-24 13:31:21 -07:00
sqlmap root requirements 2015-05-07 20:07:00 -07:00
ssh_decoder added ssh_decoder, used for forensics 400 for whitehat gp 2015 2015-10-24 20:58:24 -07:00
sslsplit sslsplit 2015-05-07 20:28:48 -07:00
steganabara steganabara 2015-05-10 21:07:46 -07:00
stegdetect added stegdetect 2015-05-13 21:36:14 -07:00
stegsolve added stegsolve 2015-05-10 00:18:56 -07:00
subbrute added subbrute to brute-force DNS records 2015-10-27 16:00:09 -07:00
taintgrind taintgrind 2015-05-08 01:38:42 -07:00
testdisk testdisk 2015-05-07 14:14:46 -07:00
villoc villoc 2015-05-07 23:08:30 -07:00
virtualsocket Fix git clone in virtualsocket 2015-09-12 09:54:44 +10:00
xortool uninstall 2015-05-07 13:34:36 -07:00
xrop Make xrop installable once again!! 2015-06-09 13:57:49 -07:00
.gitignore gitignore 2015-05-07 12:11:08 -07:00
README.md added subbrute to brute-force DNS records 2015-10-27 16:00:09 -07:00
TODO reveng 2015-05-07 20:37:57 -07:00

ctf-tools

This is a collection of setup scripts to create an install of various security research tools. Of course, this isn't a hard problem, but it's really nice to have them in one place that's easily deployable to new machines and so forth.

Installers for the following tools are included:

Category Tool Description
binary afl State-of-the-art fuzzer.
binary barf Binary Analysis and Reverse-engineering Framework.
binary bindead A static analysis tool for binaries.
binary checksec Check binary hardening settings.
binary codereason Semantic Binary Code Analysis Framework.
binary crosstool-ng Cross-compilers and cross-architecture tools.
binary evilize Tool to create MD5 colliding binaries
binary gdb Up-to-date gdb with python2 bindings.
binary peda Enhanced environment for gdb.
binary preeny A collection of helpful preloads (compiled for many architectures!).
binary villoc Visualization of heap operations.
binary qemu Latest version of qemu!
binary pathgrind Path-based, symbolically-assisted fuzzer.
binary virtualsocket A nice library to interact with binaries.
binary pwntools Useful CTF utilities.
binary python-pin Python bindings for pin.
binary radare2 Some crazy thing crowell likes.
binary shellnoob Shellcode writing helper.
binary taintgrind A valgrind taint analysis tool.
binary qira Parallel, timeless debugger.
binary xrop Gadget finder.
binary rp++ Another gadget finder.
forensics binwalk Firmware (and arbitrary file) analysis tool.
forensics dislocker Tool for reading Bitlocker encrypted partitions.
forensics exetractor Unpacker for packed Python executables. Supports PyInstaller and py2exe.
forensics firmware-mod-kit Tools for firmware packing/unpacking.
forensics testdisk Testdisk and photorec for file recovery.
forensics pdf-parser Tool for digging in PDF files
forensics scrdec A decoder for encoded Windows Scripts.
crypto cribdrag Interactive crib dragging tool (for crypto).
crypto foresight A tool for predicting the output of random number generators. To run, launch "foresee".
crypto hashpump A tool for performing hash length extension attaacks.
crypto hashpump-partialhash Hashpump, supporting partially-unknown hashes.
crypto hash-identifier Simple hash algorithm identifier.
crypto littleblackbox Database of private SSL/SSH keys for embedded devices.
crypto pemcrack SSL PEM file cracker.
crypto reveng CRC finder.
crypto ssh_decoder A tool for decoding ssh traffic. You will need ruby1.8 from https://launchpad.net/~brightbox/+archive/ubuntu/ruby-ng to run this. Run with ssh_decoder --help for help, as running it with no arguments causes it to crash.
crypto sslsplit SSL/TLS MITM.
crypto python-paddingoracle Padding oracle attack automation.
crypto xortool XOR analysis tool.
web burp Web proxy to do naughty web stuff.
web commix Command injection and exploitation tool.
web dirs3arch Web path scanner.
web sqlmap SQL injection automation engine.
web subbrute A DNS meta-query spider that enumerates DNS records, and subdomains.
stego sound-visualizer Audio file visualization.
stego stegdetect Steganography detection/breaking tool.
stego steganabara Antoher image steganography solver.
stego stegsolve Image steganography solver.
android APKTool Dissect, dis-assemble, and re-pack Android APKs

There are also some installers for non-CTF stuff to break the monotony!

Category Tool Description
game Dwarf Fortress Something to help you relax after a CTF!

Usage

To use, do:

# set up the path
/path/to/ctf-tools/bin/manage-tools setup
source ~/.bashrc

# list the available tools
manage-tools list

# install gdb, allowing it to try to sudo install dependencies
manage-tools -s install gdb

# install pwntools, but don't let it sudo install dependencies
manage-tools install pwntools

# uninstall gdb
manage-tools uninstall gdb

# uninstall all tools
manage-tools uninstall all

# search for a tool
manage-tools search preload

Where possible, the tools keep the installs very self-contained (i.e., in to tool/ directory), and most uninstalls are just calls to git clean (NOTE, this is NOT careful; everything under the tool directory, including whatever you were working on, is blown away during an uninstall). To support python dependencies, however, make sure to create a virtualenv before installing and using tools (i.e., mkvirtualenv ctf).

Adding Tools

To add a tool (say, named toolname), do the following:

  1. Create a toolname directory.
  2. Create an install script.
  3. (optional) if special uninstall steps are reuired, create an uninstall script.

Install Scripts

The install script will be run with $PWD being toolname. It should install the tool into this directory, in as contained a manner as possible. Ideally, full uninstallation should be possible with a git clean.

The install script should create a bin directory and put its executables there. These executables will be automatically linked into the main bin directory for the repo. They could be launched from any directory, so don't make assumptions about the location of $0!

License

The individual tools are all licensed under their own licenses. As for ctf-tools itself, it is "starware". If you find it useful, star it on github (https://github.com/zardus/ctf-tools).

Good luck!

See Also

There's a curated list of CTF tools, but without installers, here: https://github.com/apsdehal/awesome-ctf.