No description
Find a file
2016-06-01 15:01:43 +02:00
afl First step to support running on archlinux 2016-05-04 20:01:01 +02:00
android-sdk Using OpenJDK instead of Sun Java like the BurpSuite installer 2016-05-12 22:55:48 -04:00
angr Adding a few more required packages 2016-05-12 22:43:00 -04:00
apktool Update apktool install to 2.0.2 2015-10-29 00:14:00 +11:00
barf use shallow clones to speed things up and reduce disk space usage 2015-12-09 14:42:41 -08:00
beef Added beef installation 2016-05-04 20:01:47 +02:00
bin Added check for install-root failure 2016-06-01 15:01:43 +02:00
bindead use shallow clones to speed things up and reduce disk space usage 2015-12-09 14:42:41 -08:00
binjitsu Copied new pwntools/install-root to binjitsu, they probably have the same deps 2016-06-01 13:29:15 +02:00
binwalk use shallow clones to speed things up and reduce disk space usage 2015-12-09 14:42:41 -08:00
burpsuite rename burp to burpsuite to be more explicit (closes #37) 2015-10-28 12:00:40 -07:00
checksec use shallow clones to speed things up and reduce disk space usage 2015-12-09 14:42:41 -08:00
codereason use shallow clones to speed things up and reduce disk space usage 2015-12-09 14:42:41 -08:00
commix use shallow clones to speed things up and reduce disk space usage 2015-12-09 14:42:41 -08:00
cribdrag use shallow clones to speed things up and reduce disk space usage 2015-12-09 14:42:41 -08:00
cross2 remove tar verbosity 2016-02-04 14:33:05 -08:00
crosstool First step to support running on archlinux 2016-05-04 20:01:01 +02:00
df Update install to 42.02 2015-12-08 19:05:16 +11:00
dirb Add dirb http://dirb.sourceforge.net/ 2016-04-04 16:14:48 -07:00
dirsearch apparently dirs3arch was renamed to dirsearch 2016-06-01 13:51:19 +02:00
dislocker reduce tar verbosity 2015-12-09 14:28:28 -08:00
elfkickers use shallow clones to speed things up and reduce disk space usage 2015-12-09 14:42:41 -08:00
elfparser added elfparser 2015-12-17 16:21:18 -07:00
evilize Made scripts executable 2015-09-23 03:41:17 +10:00
exetractor use shallow clones to speed things up and reduce disk space usage 2015-12-09 14:42:41 -08:00
firmware-mod-kit Updating FMK source url 2016-05-12 22:01:02 -04:00
foresight added -y switches to uninstall 2016-05-04 20:01:02 +02:00
gdb gdb 7.11 is released. 2016-02-24 20:13:07 -05:00
gef Added GEF (GDB Enhanced Features) for debugging non x86 binaries 2016-05-04 20:01:47 +02:00
hash-identifier Merge branch 'master' of https://github.com/zardus/ctf-tools into archlinux 2016-06-01 12:51:21 +02:00
hashkill added hashkill 2016-04-04 17:31:30 -07:00
hashpump added missing uninstall scripts for tools installed via pip 2016-06-01 13:29:53 +02:00
hashpump-partialhash add crypto libs for hashpump-partialhash 2016-02-04 00:28:30 -08:00
honggfuzz added honggfuzz 2016-04-04 17:31:30 -07:00
littleblackbox use shallow clones to speed things up and reduce disk space usage 2015-12-09 14:42:41 -08:00
mitmproxy added -y switches to uninstall 2016-05-04 20:01:02 +02:00
msieve Use HTTPS if supported 2015-12-19 13:22:23 -08:00
panda added panda 2015-12-18 16:35:52 -08:00
pathgrind Fixing filename for pathgrind 2016-03-08 18:36:40 -05:00
pdf-parser Update install to 0.6.4, added https 2015-10-29 00:14:12 +11:00
peda added "" to "$@" 2016-05-04 20:01:47 +02:00
peepdf added peepdf 2016-04-04 17:31:30 -07:00
pemcrack use shallow clones to speed things up and reduce disk space usage 2015-12-09 14:42:41 -08:00
pkcrack reduce tar verbosity 2015-12-09 14:28:28 -08:00
preeny use shallow clones to speed things up and reduce disk space usage 2015-12-09 14:42:41 -08:00
pwndbg added "" to "$@" 2016-05-04 20:01:47 +02:00
pwntools Merge branch 'master' of https://github.com/zardus/ctf-tools into archlinux 2016-06-01 12:51:21 +02:00
python-paddingoracle added missing uninstall scripts for tools installed via pip 2016-06-01 13:29:53 +02:00
python-pin use shallow clones to speed things up and reduce disk space usage 2015-12-09 14:42:41 -08:00
qemu Merge branch 'master' of https://github.com/zardus/ctf-tools into archlinux 2016-06-01 12:51:21 +02:00
qira thank goodness for ci 2016-02-03 23:42:17 -08:00
radare2 use shallow clones to speed things up and reduce disk space usage 2015-12-09 14:42:41 -08:00
reveng Updating reveng to 1.4.0 2016-05-13 10:46:11 -04:00
ropper add ropper rop gadget finder 2016-04-04 17:31:29 -07:00
rp++ Add rp++ as an installable tool 2015-05-11 17:15:36 -07:00
scrdec18 added scrdec for decoding windows script files 2015-09-05 01:10:38 -07:00
shellnoob use shallow clones to speed things up and reduce disk space usage 2015-12-09 14:42:41 -08:00
shellsploit fix shellsploit 2016-02-25 19:32:01 -08:00
snowman use shallow clones to speed things up and reduce disk space usage 2015-12-09 14:42:41 -08:00
sonic-visualizer Update install to 2.5 2015-10-28 12:12:19 -07:00
sqlmap use shallow clones to speed things up and reduce disk space usage 2015-12-09 14:42:41 -08:00
ssh_decoder use shallow clones to speed things up and reduce disk space usage 2015-12-09 14:42:41 -08:00
sslsplit use shallow clones to speed things up and reduce disk space usage 2015-12-09 14:42:41 -08:00
steganabara reduce tar verbosity 2015-12-09 14:28:28 -08:00
stegdetect use shallow clones to speed things up and reduce disk space usage 2015-12-09 14:42:41 -08:00
stegsolve added stegsolve 2015-05-10 00:18:56 -07:00
subbrute use shallow clones to speed things up and reduce disk space usage 2015-12-09 14:42:41 -08:00
taintgrind use shallow clones to speed things up and reduce disk space usage 2015-12-09 14:42:41 -08:00
testdisk Use HTTPS if supported 2015-12-19 13:22:23 -08:00
villoc use shallow clones to speed things up and reduce disk space usage 2015-12-09 14:42:41 -08:00
virtualsocket use shallow clones to speed things up and reduce disk space usage 2015-12-09 14:42:41 -08:00
xortool added -y switches to uninstall 2016-05-04 20:01:02 +02:00
xrop use shallow clones to speed things up and reduce disk space usage 2015-12-09 14:42:41 -08:00
yafu Use HTTPS if supported 2015-12-19 13:22:23 -08:00
.dockerignore dockerfile 2015-11-03 18:27:49 -08:00
.gitignore uninstall scripts should also be allowed in gitignore 2016-05-04 20:01:01 +02:00
.travis.yml workaround for https://github.com/travis-ci/travis-ci/issues/5221 2016-03-10 17:50:04 -08:00
Dockerfile dockerfile 2015-11-03 18:27:49 -08:00
README.md Merge pull request #60 from cspensky/patch-1 2016-04-05 11:44:15 -07:00
TODO Update TODO 2015-10-29 16:24:49 +11:00
Vagrantfile Add Vagrantfile 2015-12-18 00:04:37 -08:00

ctf-tools

Build Status IRC

This is a collection of setup scripts to create an install of various security research tools. Of course, this isn't a hard problem, but it's really nice to have them in one place that's easily deployable to new machines and so forth.

Installers for the following tools are included:

Category Tool Description
binary afl State-of-the-art fuzzer.
binary angr Next-generation binary analysis engine from Shellphish.
binary barf Binary Analysis and Reverse-engineering Framework.
binary bindead A static analysis tool for binaries.
binary checksec Check binary hardening settings.
binary codereason Semantic Binary Code Analysis Framework.
binary crosstool-ng Cross-compilers and cross-architecture tools.
binary cross2 A set of cross-compilation tools from a Japanese book on C.
binary elfkickers A set of utilities for working with ELF files.
binary elfparser Quickly determine the capabilities of an ELF binary through static analysis.
binary evilize Tool to create MD5 colliding binaries
binary gdb Up-to-date gdb with python2 bindings.
binary hongfuzz A general-purpose, easy-to-use fuzzer with interesting analysis options.
binary panda Platform for Architecture-Neutral Dynamic Analysis.
binary pathgrind Path-based, symbolically-assisted fuzzer.
binary peda Enhanced environment for gdb.
binary preeny A collection of helpful preloads (compiled for many architectures!).
binary pwntools Useful CTF utilities.
binary python-pin Python bindings for pin.
binary qemu Latest version of qemu!
binary qira Parallel, timeless debugger.
binary radare2 Some crazy thing crowell likes.
binary ropper Another gadget finder.
binary rp++ Another gadget finder.
binary shellnoob Shellcode writing helper.
binary shellsploit Shellcode development kit.
binary snowman Cross-architecture decompiler.
binary taintgrind A valgrind taint analysis tool.
binary villoc Visualization of heap operations.
binary virtualsocket A nice library to interact with binaries.
binary xrop Gadget finder.
forensics binwalk Firmware (and arbitrary file) analysis tool.
forensics dislocker Tool for reading Bitlocker encrypted partitions.
forensics exetractor Unpacker for packed Python executables. Supports PyInstaller and py2exe.
forensics firmware-mod-kit Tools for firmware packing/unpacking.
forensics pdf-parser Tool for digging in PDF files
forensics peepdf Powerful Python tool to analyze PDF documents.
forensics scrdec A decoder for encoded Windows Scripts.
forensics testdisk Testdisk and photorec for file recovery.
crypto cribdrag Interactive crib dragging tool (for crypto).
crypto foresight A tool for predicting the output of random number generators. To run, launch "foresee".
crypto hashkill Hash cracker.
crypto hashpump A tool for performing hash length extension attaacks.
crypto hashpump-partialhash Hashpump, supporting partially-unknown hashes.
crypto hash-identifier Simple hash algorithm identifier.
crypto littleblackbox Database of private SSL/SSH keys for embedded devices.
crypto msieve Msieve is a C library implementing a suite of algorithms to factor large integers.
crypto pemcrack SSL PEM file cracker.
crypto pkcrack PkZip encryption cracker.
crypto python-paddingoracle Padding oracle attack automation.
crypto reveng CRC finder.
crypto ssh_decoder A tool for decoding ssh traffic. You will need ruby1.8 from https://launchpad.net/~brightbox/+archive/ubuntu/ruby-ng to run this. Run with ssh_decoder --help for help, as running it with no arguments causes it to crash.
crypto sslsplit SSL/TLS MITM.
crypto xortool XOR analysis tool.
crypto yafu Automated integer factorization.
web burpsuite Web proxy to do naughty web stuff.
web commix Command injection and exploitation tool.
web dirb Web path scanner.
web dirs3arch Web path scanner.
web sqlmap SQL injection automation engine.
web subbrute A DNS meta-query spider that enumerates DNS records, and subdomains.
stego sound-visualizer Audio file visualization.
stego steganabara Another image steganography solver.
stego stegdetect Steganography detection/breaking tool.
stego stegsolve Image steganography solver.
android apktool Dissect, dis-assemble, and re-pack Android APKs
android android-sdk The android SDK (adb, emulator, etc).

There are also some installers for non-CTF stuff to break the monotony!

Category Tool Description
game Dwarf Fortress Something to help you relax after a CTF!

Usage

To use, do:

# set up the path
/path/to/ctf-tools/bin/manage-tools setup
source ~/.bashrc

# list the available tools
manage-tools list

# install gdb, allowing it to try to sudo install dependencies
manage-tools -s install gdb

# install pwntools, but don't let it sudo install dependencies
manage-tools install pwntools

# uninstall gdb
manage-tools uninstall gdb

# uninstall all tools
manage-tools uninstall all

# search for a tool
manage-tools search preload

Where possible, the tools keep the installs very self-contained (i.e., in to tool/ directory), and most uninstalls are just calls to git clean (NOTE, this is NOT careful; everything under the tool directory, including whatever you were working on, is blown away during an uninstall). To support python dependencies, however, make sure to create a virtualenv before installing and using tools (i.e., mkvirtualenv --system-site-packages ctf. The --system-site-packages is there for easier reuse of apt-gotten python packages where necessary).

Help!

Something not working? I didn't write (almost) any of these tools, but hit up #ctf-tools on freenode if you're desperate. Maybe some kind soul will help!

Docker (version 1.7+)

By popular demand, a Dockerfile has been included. You can build a docker image with:

git clone https://github.com/zardus/ctf-tools
docker build -t ctf-tools .

And run it with:

docker run -it ctf-tools

The built image will have ctf-tools cloned and ready to go, but you will still need to install the tools themselves (see above).

Vagrant

You can build a Vagrant VM with:

wget https://raw.githubusercontent.com/zardus/ctf-tools/master/Vagrantfile
vagrant up

And connect to it via:

vagrant ssh

Adding Tools

To add a tool (say, named toolname), do the following:

  1. Create a toolname directory.
  2. Create an install script.
  3. (optional) if special uninstall steps are required, create an uninstall script.

Install Scripts

The install script will be run with $PWD being toolname. It should install the tool into this directory, in as contained a manner as possible. Ideally, full uninstallation should be possible with a git clean.

The install script should create a bin directory and put its executables there. These executables will be automatically linked into the main bin directory for the repo. They could be launched from any directory, so don't make assumptions about the location of $0!

License

The individual tools are all licensed under their own licenses. As for ctf-tools itself, it is "starware". If you find it useful, star it on github (https://github.com/zardus/ctf-tools).

Good luck!

See Also

There's a curated list of CTF tools, but without installers, here: https://github.com/apsdehal/awesome-ctf.

There's a Vagrant config with a lot of the bigger frameworks here: https://github.com/thebarbershopper/epictreasure.

Tools in the official Debian/Ubuntu repos

These tools are present in the Debian or Ubuntu repos (in an adequately new version). They're not included in ctf-tools, but are included here as notes for the author.

Category Package Description Package
forensics foremost File carver. foremost
dsniff dsniff Grabs passwords and other data from pcaps/network streams. dsniff

Tools with unofficial Debian/Ubuntu repos or debs

Category Package Description Repo/deb
stego sound-visualizer Audio file visualization. deb