Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

awesome-ctf

A curated list of CTF frameworks, libraries, resources and softwares
https://github.com/apsdehal/awesome-ctf

Last synced: 11 days ago
JSON representation

  • Attacks

    • Bettercap - Framework to perform MITM (Man in the Middle) attacks.
    • Yersinia - Attack various protocols on layer 2.

  • Bruteforcers

    • Hashcat - Password Cracker
    • Hydra - A parallelized login cracker which supports numerous protocols to attack
    • Ophcrack - Windows password cracker based on rainbow tables.
    • Turbo Intruder - Burp Suite extension for sending large numbers of HTTP requests
    • Nozzlr - Nozzlr is a bruteforce framework, trully modular and script-friendly.
    • Patator - Patator is a multi-purpose brute-forcer, with a modular design.
    • Ophcrack - Windows password cracker based on rainbow tables.

  • Crypto

    • PkCrack - A tool for Breaking PkZip-encryption.
    • QuipQuip - An online tool for breaking substitution ciphers or vigenere ciphers (without key).
    • FeatherDuster - An automated, modular cryptanalysis tool.
    • Hash Extender - A utility tool for performing hash length extension attacks.
    • padding-oracle-attacker - A CLI tool to execute padding oracle attacks.
    • RSACTFTool - A tool for recovering RSA private key with various attack.
    • RSATool - Generate private key with knowledge of p and q.
    • XORTool - A tool to analyze multi-byte xor cipher.
    • QuipQuip - An online tool for breaking substitution ciphers or vigenere ciphers (without key).

  • Exploits

  • Forensics

  • Networking

    • Nmap - An open source utility for network discovery and security auditing.
    • Wireshark - Analyze the network dumps.
    • Zmap - An open-source network scanner.
    • Monit - A linux tool to check a host on the network (and other non-network activities).
    • Masscan - Mass IP port scanner, TCP port scanner.
    • Nipe - Nipe is a script to make Tor Network your default gateway.

  • Operating Systems

  • Platforms

    • echoCTF.RED - Develop, deploy and maintain your own CTF infrastructure.
    • FBCTF - Platform to host Capture the Flag competitions from Facebook.
    • Haaukins - A Highly Accessible and Automated Virtualization Platform for Security Education.
    • HackTheArch - CTF scoring platform.
    • Mellivora - A CTF engine written in PHP.
    • MotherFucking-CTF - Badass lightweight plaform to host CTFs. No JS involved.
    • PicoCTF - The platform used to run picoCTF. A great framework to host any CTF.
    • PyChallFactory - Small framework to create/manage/package jeopardy CTF challenges.
    • RootTheBox - A Game of Hackers (CTF Scoreboard & Game Manager).
    • Scorebot - Platform for CTFs by Legitbs (Defcon).
    • SecGen - Security Scenario Generator. Creates randomly vulnerable virtual machines.
    • NightShade - A simple security CTF framework.

  • Reversing

    • Binary Ninja - Binary analysis framework.
    • BinUtils - Collection of binary tools.
    • Frida - Dynamic Code Injection.
    • GDB - The GNU project debugger.
    • Java Decompilers - An online decompiler for Java and Android APKs.
    • WinDbg - Windows debugger distributed by Microsoft.
    • Xocopy - Program that can copy executables with execute, but no read permission.
    • Detox - A Javascript malware analysis tool.
    • Revelo - Analyze obfuscated Javascript code.
    • Swftools - Collection of utilities to work with SWF files.
    • Xxxswf - A Python script for analyzing Flash files.
    • Androguard - Reverse engineer Android applications.
    • Angr - platform-agnostic binary analysis framework.
    • Apk2Gold - Yet another Android decompiler.
    • Barf - Binary Analysis and Reverse engineering Framework.
    • Boomerang - Decompile x86/SPARC/PowerPC/ST-20 binaries to C.
    • cwe_checker - cwe_checker finds vulnerable patterns in binary executables.
    • GEF - GDB plugin.
    • Ghidra - Open Source suite of reverse engineering tools. Similar to IDA Pro.
    • Jadx - Decompile Android files.
    • Java Decompilers - An online decompiler for Java and Android APKs.
    • Krakatau - Java decompiler and disassembler.
    • Objection - Runtime Mobile Exploration.
    • PEDA - GDB plugin (only python2.7).
    • PINCE - GDB front-end/reverse engineering tool, focused on game-hacking and automation.
    • PinCTF - A tool which uses intel pin for Side Channel Analysis.
    • Pwndbg - A GDB plugin that provides a suite of utilities to hack around GDB easily.
    • Uncompyle - Decompile Python 2.7 binaries (.pyc).
    • WinDbg - Windows debugger distributed by Microsoft.
    • Xocopy - Program that can copy executables with execute, but no read permission.
    • Z3 - A theorem prover from Microsoft Research.
    • Revelo - Analyze obfuscated Javascript code.
    • RABCDAsm - Collection of utilities including an ActionScript 3 assembler/disassembler.
    • radare2 - A portable reversing framework.
    • BinWalk - Analyze, reverse engineer, and extract firmware images.
    • Plasma - An interactive disassembler for x86/ARM/MIPS which can generate indented pseudo-code with colored syntax.
    • Pin - A dynamic binary instrumentaion tool by Intel.

  • Services

    • CSWSH - Cross-Site WebSocket Hijacking Tester.
    • Request Bin - Lets you inspect http requests to a particular url.
    • CSWSH - Cross-Site WebSocket Hijacking Tester.

  • Starter Packs

    • CTF Tools - Collection of setup scripts to install various security research tools.
    • LazyKali - A 2016 refresh of LazyKali which simplifies install of tools and configuration.

  • Steganography

    • Convert - Convert images b/w formats and apply filters.
    • Exif - Shows EXIF information in JPEG files.
    • Exiftool - Read and write meta information in files.
    • Exiv2 - Image metadata manipulation tool.
    • Image Steganography - Embeds text and files in images with optional encryption. Easy-to-use UI.
    • Image Steganography Online - This is a client-side Javascript tool to steganographically hide images inside the lower "bits" of other images
    • ImageMagick - Tool for manipulating images.
    • Outguess - Universal steganographic tool.
    • Pngtools - For various analysis related to PNGs.
    • Steganabara - Tool for stegano analysis written in Java.
    • Stegbreak - Launches brute-force dictionary attacks on JPG image.
    • StegOnline - Conduct a wide range of image steganography operations, such as concealing/revealing files hidden within bits (open-source).
    • Stegsolve - Apply various steganography techniques to images.
    • AperiSolve - Aperi'Solve is a platform which performs layer analysis on image (open-source).
    • Convert - Convert images b/w formats and apply filters.
    • SmartDeblur - Used to deblur and fix defocused images.
    • SteganographyOnline - Online steganography encoder and decoder.
    • StegCracker - Steganography brute-force utility to uncover hidden data inside files.
    • stegextract - Detect hidden files and text in images.
    • Stegsolve - Apply various steganography techniques to images.
    • Exif - Shows EXIF information in JPEG files.
    • Outguess - Universal steganographic tool.
    • Steganabara - Tool for stegano analysis written in Java.

  • Tutorials

Programming Languages
Python 32 C 4 PHP 3 Shell 3 Go 3 Ruby 2 Rust 2 C++ 2 CSS 1 Groovy 1
Categories
Operating Systems 59 Reversing 37 Wargames 31 Forensics 29 Steganography 23 Web 12 Platforms 12 Writeups Collections 9 Crypto 9 Bruteforcers 7 Exploits 7 Tutorials 6 Networking 6 Wikis 5 Websites 3 Services 3 Attacks 2 Uncategorized 2 Starter Packs 2
Sub Categories
Uncategorized 2
Keywords
ctf 10 python 10 security 9 reverse-engineering 8 pentesting 5 vulnerability-scanner 4 cryptography 4 linux 4 hacking 4 exploit 4 gdb 3 exploitation 3 capture-the-flag 3 pwnable 3 hacking-tool 3 android 3 detection 2 virtualization 2 cybersecurity 2 sql-injection 2 x86 2 binary-analysis 2 takeover 2 hackthebox 2 instrumentation 2 pentest 2 decompiler 2 dex 2 encryption 2 crypto 2 cryptanalysis 2 security-scanner 2 scanner 2 golang 2 windows 2 debugging 2 ctf-framework 2 binary-ninja 2 pwn 2 python3 2 exploit-development 2 rop 2 malware-analysis 2 ida-pro 2 pwntools 2 gef 2 sparc 2 disassembler 2 wifi-security 1 wpa2 1