{"id":13514690,"url":"https://github.com/SandySekharan/CTF-tool","last_synced_at":"2025-03-31T03:31:10.352Z","repository":{"id":46170444,"uuid":"55849720","full_name":"SandySekharan/CTF-tool","owner":"SandySekharan","description":"A curated list of Capture The Flag (CTF) frameworks, libraries, resources and softwares.","archived":false,"fork":false,"pushed_at":"2016-04-09T14:53:12.000Z","size":5,"stargazers_count":239,"open_issues_count":1,"forks_count":58,"subscribers_count":15,"default_branch":"master","last_synced_at":"2024-02-13T00:50:34.616Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/SandySekharan.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2016-04-09T14:48:26.000Z","updated_at":"2024-01-18T08:31:58.000Z","dependencies_parsed_at":"2022-09-05T06:30:53.039Z","dependency_job_id":null,"html_url":"https://github.com/SandySekharan/CTF-tool","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SandySekharan%2FCTF-tool","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SandySekharan%2FCTF-tool/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SandySekharan%2FCTF-tool/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SandySekharan%2FCTF-tool/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/SandySekharan","download_url":"https://codeload.github.com/SandySekharan/CTF-tool/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246413377,"owners_count":20773053,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-01T05:01:00.406Z","updated_at":"2025-03-31T03:31:09.318Z","avatar_url":"https://github.com/SandySekharan.png","language":null,"funding_links":[],"categories":["Other useful repositories","Other Useful Repositories","Table of Contents","🛠️ Helpful Repositories","Uncategorized"],"sub_categories":["Other useful repositories","Uncategorized"],"readme":"# CTF-tool\nA curated list of Capture The Flag (CTF) frameworks, libraries, resources and softwares.\n\n\n# Awesome CTF [![Build Status](https://travis-ci.org/apsdehal/awesome-ctf.svg?branch=master)](https://travis-ci.org/apsdehal/awesome-ctf) [![Awesome](https://cdn.rawgit.com/sindresorhus/awesome/d7305f38d29fed78fa85652e3a63e154dd8e8829/media/badge.svg)](https://github.com/sindresorhus/awesome)\n\nA curated list of [Capture The Flag](https://en.wikipedia.org/wiki/Capture_the_flag#Computer_security) (CTF) frameworks, libraries, resources and softwares.\n\n### Contributing\n\nPlease take a quick look at the [contribution guidelines](https://github.com/apsdehal/ctf-tools/blob/master/CONTRIBUTING.md) first.\n\n#### _If you know a tool that isn't present here, feel free to open a pull request._\n\n### Why?\n\nIt takes time to build up collection of tools used in ctf and remember them all. This repo helps to keep all these scattered tools at one place.\n\n\n### Contents\n\n- [Awesome CTF](#awesome-ctf)\n  - [Create](#create)\n    - [Forensics](#forensics)\n    - [Web](#web)\n  - [Solve](#solve)\n    - [Attacks](#attacks)\n    - [Bruteforcers](#bruteforcers)\n    - [Cryptography](#crypto)\n    - [Exploits](#exploits)\n    - [Forensics](#forensics-1)\n    - [Reversing](#reversing)\n    - [Services](#services)\n    - [Steganography](#stegano)\n    - [Web](#web-1)\n\n- [Resources](#resources)\n  - [Starter Packs](#starter-packs)\n  - [Tutorials](#tutorials)\n  - [Wargames](#wargames)\n  - [Websites](#websites)\n  - [Wikis](#wikis)\n  - [Writeups Collections](#writeups-collections)\n\n# Create\n\n*Tools used for creating CTF challenges*\n\n## Forensics\n\n*Tools used for creating Forensics challenges*\n\n- [Registry Dumper](http://www.kahusecurity.com/tools/RegistryDumper_v0.1.zip) - Dump your registry\n\n## Web\n\n*Tools used for creating Web challenges*\n\n*JavaScript Obfustcators*\n\n- [Metasploit JavaScript Obfustcator](https://github.com/rapid7/metasploit-framework/wiki/How-to-obfuscate-JavaScript-in-Metasploit)\n- [Uglify](http://marijnhaverbeke.nl//uglifyjs)\n\n\n# Solve\n\n*Tools used for solving CTF challenges*\n\n## Attacks\n\n*Tools used for performing various kinds of attacks*\n\n- [Bettercap](https://github.com/evilsocket/bettercap) - Framework to perform MITM (Man in the Middle) attacks.\n- [Layer 2 attacks](https://github.com/tomac/yersinia) - Attack various protocols on layer 2\n\n## Crypto\n\n*Tools used for solving Crypto challenges*\n\n- [PkCrack](https://www.unix-ag.uni-kl.de/~conrad/krypto/pkcrack.html) - A tool for Breaking PkZip-encryption\n- [RSATool](https://github.com/ius/rsatool) - Generate private key with knowledge of p and q\n- [XORTool](https://github.com/hellman/xortool) - A tool to analyze multi-byte xor cipher\n\n## Bruteforcers\n\n*Tools used for various kind of bruteforcing (passwords etc.)*\n\n- [John The Jumbo](https://github.com/magnumripper/JohnTheRipper) - Community enhanced version of John the Ripper\n- [John The Ripper](http://www.openwall.com/john/) - Password Cracker\n- [Ophcrack](http://ophcrack.sourceforge.net/) - Windows password cracker based on rainbow tables.\n\n## Exploits\n\n*Tools used for solving Exploits challenges*\n\n- [binjitsu](https://github.com/binjitsu/binjitsu/) - CTF framework and exploit development library\n- [Metasploit](http://www.metasploit.com/) - Penetration testing software\n- [pwntools](https://github.com/Gallopsled/pwntools) - CTF Framework for writing exploits\n- [qira](https://github.com/BinaryAnalysisPlatform/qira) - QEMU Interactive Runtime Analyser\n- [ROP Gadget](https://github.com/JonathanSalwan/ROPgadget) - Framework for ROP exploitation\n\n## Forensics\n\n*Tools used for solving Forensics challenges*\n\n- [Aircrack-Ng](http://www.aircrack-ng.org/) - Crack 802.11 WEP and WPA-PSK keys\n  - `apt-get install aircrack-ng`\n- [Audacity](http://sourceforge.net/projects/audacity/) - Analyze sound files (mp3, m4a, whatever)\n  - `apt-get install audacity`\n- [bkhive and samdump2](http://sourceforge.net/projects/ophcrack/files/samdump2/) - Dump SYSTEM and SAM files\n  - `apt-get install samdump2 bkhive`\n- [CFF Explorer](http://www.ntcore.com/exsuite.php) - PE Editor\n- [creddump](https://github.com/moyix/creddump) - Dump windows credentials\n- [DVCS Ripper](https://github.com/kost/dvcs-ripper) - Rips web accessible (distributed) version control systems\n- [Exif Tool](http://www.sno.phy.queensu.ca/~phil/exiftool/) - Read, write and edit file metadata\n- [extundelete](http://extundelete.sourceforge.net/) - Used for recovering lost data from mountable images\n- [Foremost](http://foremost.sourceforge.net/) - Extract particular kind of files using headers\n  - `apt-get install foremost`\n- [fsck.ext4](http://linux.die.net/man/8/fsck.ext3) - Used to fix corrupt filesystems\n- [Malzilla](http://malzilla.sourceforge.net/) - Malware hunting tool\n- [NetworkMiner](http://www.netresec.com/?page=NetworkMiner) - Network Forensic Analysis Tool\n- [PDF Streams Inflater](http://malzilla.sourceforge.net/downloads.html) - Find and extract zlib files compressed in PDF files\n- [ResourcesExtract](http://www.nirsoft.net/utils/resources_extract.html) - Extract various filetypes from exes\n- [Shellbags](https://github.com/williballenthin/shellbags) - Investigate NT\\_USER.dat files\n- [UsbForensics](http://www.forensicswiki.org/wiki/USB_History_Viewing) - Contains many tools for usb forensics\n- [Volatility](https://github.com/volatilityfoundation/volatility) - To investigate memory dumps\n- [Wireshark](https://www.wireshark.org/) - Analyze the network dumps\n  - `apt-get install wireshark`\n\n*Registry Viewers*\n- [RegistryViewer](http://www.gaijin.at/en/getitpage.php?id=regview) - Used to view windows registries\n- [Windows Registry Viewers](http://www.forensicswiki.org/wiki/Windows_Registry) - More registry viewers\n\n## Reversing\n\n*Tools used for solving Reversing challenges*\n\n- [Androguard](https://github.com/androguard/androguard) - Reverse engineer Android applications\n- [Apk2Gold](https://github.com/lxdvs/apk2gold) - Yet another Android decompiler\n- [ApkTool](http://ibotpeaches.github.io/Apktool/) - Android Decompiler\n- [BinUtils](http://www.gnu.org/software/binutils/binutils.html) - Collection of binary tools\n- [BinWalk](https://github.com/devttys0/binwalk) - Analyze, reverse engineer, and extract firmware images.\n- [Boomerang](https://github.com/nemerle/boomerang) - Decompile x86 binaries to C\n- [GDB](https://www.gnu.org/software/gdb/) - The GNU project debugger\n- [IDA Pro](https://www.hex-rays.com/products/ida/) - Most used Reversing software\n- [Jadx](https://github.com/skylot/jadx) - Decompile Android files\n- [Krakatau](https://github.com/Storyyeller/Krakatau) - Java decompiler and disassembler\n- [radare2](https://github.com/radare/radare2) - A portable reversing framework\n- [Uncompyle](https://github.com/gstarnberger/uncompyle) - Decompile Python 2.7 binaries (.pyc)\n- [WinDbg](http://www.windbg.org/) - Windows debugger distributed by Microsoft\n- [z3](https://github.com/Z3Prover/z3) - a theorem prover from Microsoft Research\n\n*JavaScript Deobfustcators*\n\n- [Detox](http://relentless-coding.org/projects/jsdetox/install) - A Javascript malware analysis tool\n- [Revelo](http://www.kahusecurity.com/tools/Revelo_v0.6.zip) - Analyze obfuscated Javascript code\n\n*SWF Analyzers*\n- [RABCDAsm](https://github.com/CyberShadow/RABCDAsm) - Collection of utilities including an ActionScript 3 assembler/disassembler.\n- [swftools](http://www.swftools.org/) - Collection of utilities to work with SWF files\n- [xxxswf](https://bitbucket.org/Alexander_Hanel/xxxswf) -  A Python script for analyzing Flash files.\n\n## Services\n\n*Various kind of useful services available around the internet*\n\n- [CSWSH](http://ironwasp.org/cswsh.html) - Cross-Site WebSocket Hijacking Tester\n- [Request Bin](http://requestb.in/) - Lets you inspect http requests to a particular url\n\n## Stegano\n\n*Tools used for solving Steganography challenges*\n\n- [pngtools](http://www.stillhq.com/pngtools/) - For various analysis related to PNGs\n  - `apt-get install pngtools`\n- [SmartDeblur](https://github.com/Y-Vladimir/SmartDeblur) - Used to deblur and fix defocused images\n- [Steganabara](https://www.openhub.net/p/steganabara) -  Tool for stegano analysis written in Java\n- [Steghide](http://steghide.sourceforge.net/) - Hide data in various kind of images\n- [Stegsolve](http://www.caesum.com/handbook/Stegsolve.jar) - Apply various steganography techniques to images\n\n## Web\n\n*Tools used for solving Web challenges*\n\n- [SQLMap](https://github.com/sqlmapproject/sqlmap) - Automatic SQL injection and database takeover tooli\n- [w3af](https://github.com/andresriancho/w3af) -  Web Application Attack and Audit Framework.\n- [XSSer](http://xsser.sourceforge.net/) - Automated XSS testor\n\n\n# Resources\n\n*Where to discover about CTF*\n\n## Starter Packs\n\n*Collections of installer scripts, useful tools*\n\n- [CTF Tools](https://github.com/zardus/ctf-tools) - Collection of setup scripts to install various security research tools.\n\n## Tutorials\n\n*Tutorials to learn how to play CTFs*\n\n- [CTF Field Guide](https://trailofbits.github.io/ctf/) - Field Guide by Trails of Bits\n- [CTF Resources](http://ctfs.github.io/resources/) -  Start Guide maintained by community\n- [How to Get Started in CTF](https://www.endgame.com/blog/how-get-started-ctf) - Short guideline for CTF beginners by Endgame\n- [MIPT CTF](https://github.com/xairy/mipt-ctf) - A small course for beginners in CTFs (in Russian)\n\n## Wargames\n\n*Always online CTFs*\n\n- [Backdoor](https://backdoor.sdslabs.co/) - Security Platform by SDSLabs.\n- [Ctfs.me](http://ctfs.me) - CTF All the time\n- [Exploit Exercises](https://exploit-exercises.com/) - Variety of VMs to learn variety of computer security issues.\n- [Hack This Site](https://www.hackthissite.org/) - Training ground for hackers.\n- [Over The Wire](http://overthewire.org/wargames/) - Wargame maintained by OvertheWire Community\n- [Ringzer0Team](https://ringzer0team.com/) - Ringzer0 Team Online CTF\n- [SmashTheStack](http://smashthestack.org/) - A variety of wargames maintained by the SmashTheStack Community.\n- [VulnHub](https://www.vulnhub.com/) - VM-based for practical in digital security, computer application \u0026 network administration.\n- [WeChall](https://www.wechall.net/) - Always online challenge site.\n\n## Websites\n\n*Various general websites about and on ctf*\n\n- [CTF Time](https://ctftime.org/) - General information on CTF occuring around the worlds\n- [Reddit Security CTF](http://www.reddit.com/r/securityctf) - Reddit CTF category\n\n## Wikis\n\n*Various Wikis available for learning about CTFs*\n\n- [Bamboofox](https://bamboofox.torchpad.com/) - Chinese resources to learn CTF\n- [ISIS Lab](https://github.com/isislab/Project-Ideas/wiki) - CTF Wiki by Isis lab\n\n## Writeups Collections\n\n*Collections of CTF write-ups*\n\n- [Captf](http://captf.com/) - Dumped CTF challenges and materials by psifertex\n- [CTF write-ups (community)](https://github.com/ctfs/) - CTF challenges + write-ups archive maintained by the community\n- [pwntools writeups](https://github.com/Gallopsled/pwntools-write-ups) - A collection of CTF write-ups all using pwntools\n- [Shell Storm](shell-storm.org/repo/CTF/) - CTF challenge archive maintained by Jonathan Salwan\n- [Smoke Leet Everyday](https://github.com/smokeleeteveryday/CTF_WRITEUPS) - CTF write-ups repo maintained by SmokeLeetEveryday team.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FSandySekharan%2FCTF-tool","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FSandySekharan%2FCTF-tool","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FSandySekharan%2FCTF-tool/lists"}