Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
awesome-CTF
https://github.com/cyberheartmi9/awesome-CTF
- Dnscat - Hosts communication through DNS
- Registry Dumper - Dump your registry
- Aircrack-Ng - Crack 802.11 WEP and WPA-PSK keys
- Audacity - Analyze sound files (mp3, m4a, whatever)
- Bkhive and Samdump2 - Dump SYSTEM and SAM files
- CFF Explorer - PE Editor
- Creddump - Dump windows credentials
- DVCS Ripper - Rips web accessible (distributed) version control systems
- Exif Tool - Read, write and edit file metadata
- Extundelete - Used for recovering lost data from mountable images
- Fibratus - Tool for exploration and tracing of the Windows kernel
- Foremost - Extract particular kind of files using headers
- Fsck.ext4 - Used to fix corrupt filesystems
- Malzilla - Malware hunting tool
- NetworkMiner - Network Forensic Analysis Tool
- PDF Streams Inflater - Find and extract zlib files compressed in PDF files
- ResourcesExtract - Extract various filetypes from exes
- Shellbags - Investigate NT\_USER.dat files
- UsbForensics - Contains many tools for usb forensics
- Volatility - To investigate memory dumps
- RegistryViewer - Used to view windows registries
- Windows Registry Viewers - More registry viewers
- CTFd - Platform to host jeopardy style CTFs from ISISLab, NYU Tandon
- FBCTF - Platform to host Capture the Flag competitions from Facebook
- HackTheArch - CTF scoring platform
- Mellivora - A CTF engine written in PHP
- NightShade - A simple security CTF framework
- OpenCTF - CTF in a box. Minimal setup required
- PicoCTF Platform 2 - A genericized version of picoCTF 2014 that can be easily adapted to host CTF or programming competitions.
- PyChallFactory - Small framework to create/manage/package jeopardy CTF challenges
- RootTheBox - A Game of Hackers (CTF Scoreboard & Game Manager
- Scorebot - Platform for CTFs by Legitbs (Defcon)
- SecGen - Security Scenario Generator. Creates randomly vulnerable virtual machines
- Convert - Convert images b/w formats and apply filters
- Exif - Shows EXIF information in JPEG files
- Exiftool - Read and write meta information in files
- Exiv2 - Image metadata manipulation tool
- ImageMagick - Tool for manipulating images
- Outguess - Universal steganographic tool
- Pngtools - For various analysis related to PNGs
- SmartDeblur - Used to deblur and fix defocused images
- Steganabara - Tool for stegano analysis written in Java
- Stegbreak - Launches brute-force dictionary attacks on JPG image
- Steghide - Hide data in various kind of images
- Stegsolve - Apply various steganography techniques to images
- Metasploit JavaScript Obfustcator
- Uglify
- Commix - Automated All-in-One OS Command Injection and Exploitation Tool.
- Hackbar - Firefox addon for easy web exploitation
- OWASP ZAP - Intercepting proxy to replay, debug, and fuzz HTTP requests and responses
- Postman - Add on for chrome for debugging network requests
- SQLMap - Automatic SQL injection and database takeover tooli
- W3af - Web Application Attack and Audit Framework.
- XSSer - Automated XSS testor
- Bettercap - Framework to perform MITM (Man in the Middle) attacks.
- Layer 2 attacks - Attack various protocols on layer 2
- FeatherDuster - An automated, modular cryptanalysis tool
- Hash Extender - A utility tool for performing hash length extension attacks
- PkCrack - A tool for Breaking PkZip-encryption
- RSATool - Generate private key with knowledge of p and q
- XORTool - A tool to analyze multi-byte xor cipher
- Hashcat - Password Cracker
- John The Jumbo - Community enhanced version of John the Ripper
- John The Ripper - Password Cracker
- Nozzlr - Nozzlr is a bruteforce framework, trully modular and script-friendly.
- Ophcrack - Windows password cracker based on rainbow tables.
- Patator - Patator is a multi-purpose brute-forcer, with a modular design.
- DLLInjector - Inject dlls in processes
- libformatstr - Simplify format string exploitation.
- Metasploit - Penetration testing software
- one_gadget - A tool to find the one gadget `execve('/bin/sh', NULL, NULL)` call
- Pwntools - CTF Framework for writing exploits
- Qira - QEMU Interactive Runtime Analyser
- ROP Gadget - Framework for ROP exploitation
- V0lt - Security CTF Toolkit
- Masscan - Mass IP port scanner, TCP port scanner
- Nipe - Nipe is a script to make Tor Network your default gateway.
- Nmap - open source utility for network discovery and security auditing
- Wireshark - Analyze the network dumps
- Zmap - an open-source network scanner
- Androguard - Reverse engineer Android applications
- Angr - platform-agnostic binary analysis framework
- Apk2Gold - Yet another Android decompiler
- ApkTool - Android Decompiler
- Barf - Binary Analysis and Reverse engineering Framework
- Binary Ninja - Binary analysis framework
- BinUtils - Collection of binary tools
- BinWalk - Analyze, reverse engineer, and extract firmware images.
- Boomerang - Decompile x86 binaries to C
- ctf_import
- GDB - The GNU project debugger
- GEF - GDB plugin
- Hopper - Reverse engineering tool (disassembler) for OSX and Linux
- IDA Pro - Most used Reversing software
- Jadx - Decompile Android files
- Java Decompilers - An online decompiler for Java and Android APKs
- Krakatau - Java decompiler and disassembler
- PEDA - GDB plugin (only python2.7)
- Plasma - An interactive disassembler for x86/ARM/MIPS which can generate indented pseudo-code with colored syntax.
- Pwndbg - A GDB plugin that provides a suite of utilities to hack around GDB easily.
- radare2 - A portable reversing framework
- Uncompyle - Decompile Python 2.7 binaries (.pyc)
- WinDbg - Windows debugger distributed by Microsoft
- Xocopy - Program that can copy executables with execute, but no read permission
- Z3 - a theorem prover from Microsoft Research
- Detox - A Javascript malware analysis tool
- Revelo - Analyze obfuscated Javascript code
- RABCDAsm - Collection of utilities including an ActionScript 3 assembler/disassembler.
- Swftools - Collection of utilities to work with SWF files
- Xxxswf - A Python script for analyzing Flash files.
- CSWSH - Cross-Site WebSocket Hijacking Tester
- Request Bin - Lets you inspect http requests to a particular url
- BackBox - Based on Ubuntu
- BlackArch Linux - Based on Arch Linux
- Fedora Security Lab - Based on Fedora
- Kali Linux - Based on Debian
- Parrot Security OS - Based on Debian
- Pentoo - Based on Gentoo
- URIX OS - Based on openSUSE
- Wifislax - Based on Slackware
- REMnux - Based on Debian
- CTF Tools - Collection of setup scripts to install various security research tools.
- LazyKali - A 2016 refresh of LazyKali which simplifies install of tools and configuration.
- CTF Field Guide - Field Guide by Trails of Bits
- CTF Resources - Start Guide maintained by community
- Damn Vulnerable Web Application
- How to Get Started in CTF - Short guideline for CTF beginners by Endgame
- MIPT CTF - A small course for beginners in CTFs (in Russian)
- Backdoor - Security Platform by SDSLabs.
- Ctfs.me - CTF All the time
- Exploit Exercises - Variety of VMs to learn variety of computer security issues.
- Gracker - Binary challenges having a slow learning curve, and write-ups for each level.
- Hack The Box - Weekly CTFs for all types of security enthusiasts.
- Hack This Site - Training ground for hackers.
- IO - Wargame for binary challenges.
- Over The Wire - Wargame maintained by OvertheWire Community
- Pwnable.kr - Pwn Game
- Ringzer0Team - Ringzer0 Team Online CTF
- SmashTheStack - A variety of wargames maintained by the SmashTheStack Community.
- VulnHub - VM-based for practical in digital security, computer application & network administration.
- WebHacking - Hacking challenges for web.
- WeChall - Always online challenge site.
- WTHack OnlineCTF - CTF Practice platform for every level of cyber security enthusiasts.
- Juice Shop CTF - Scripts and tools for hosting a CTF on [OWASP Juice Shop](https://www.owasp.org/index.php/OWASP_Juice_Shop_Project) easily.
- CTF Time - General information on CTF occuring around the worlds
- Reddit Security CTF - Reddit CTF category
- Bamboofox - Chinese resources to learn CTF
- ISIS Lab - CTF Wiki by Isis lab
- OpenToAll - Open To All Knowledge Base
- Captf - Dumped CTF challenges and materials by psifertex
- CTF write-ups (community) - CTF challenges + write-ups archive maintained by the community
- CTFTime Scrapper - Scraps all writeup from ctf time and organize which to read first
- pwntools writeups - A collection of CTF write-ups all using pwntools
- Smoke Leet Everyday - CTF write-ups repo maintained by SmokeLeetEveryday team.
Keywords
python
10
security
7
ctf
7
reverse-engineering
5
pentesting
4
exploit
4
pwnable
3
exploitation
3
linux
3
pwntools
2
python3
2
rop
2
shellcode
2
security-ctf
2
android
2
dex
2
pwn
2
binary-ninja
2
debugging
2
malware-analysis
2
ida-pro
2
gef
2
gdb
2
cryptanalysis
2
cryptography
2
capture-the-flag
2
ctf-framework
2
detection
2
takeover
2
vulnerability-scanner
2
sql-injection
2
glibc
1
libc
1
one-gadget-rce
1
brute-force
1
shell
1
arm
1
binary-analysis
1
reil
1
x86
1
infosec
1
bruteforce
1
discord
1
exploit-development
1
xortool
1
xor-cipher
1
shellcoding
1
wargame
1
binary-exploitation
1
shellcode-development
1