Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

awesome-ctf

A curated list of CTF frameworks, libraries, resources and softwares
https://github.com/apsdehal/awesome-ctf

Last synced: 6 days ago
JSON representation

  • Operating Systems

  • Forensics

  • Platforms

    • CTFd - Platform to host jeopardy style CTFs from ISISLab, NYU Tandon.
  • Steganography

    • AperiSolve - Aperi'Solve is a platform which performs layer analysis on image (open-source).
    • Convert - Convert images b/w formats and apply filters.
    • Exif - Shows EXIF information in JPEG files.
    • Exiftool - Read and write meta information in files.
    • Exiv2 - Image metadata manipulation tool.
    • Image Steganography - Embeds text and files in images with optional encryption. Easy-to-use UI.
    • Image Steganography Online - This is a client-side Javascript tool to steganographically hide images inside the lower "bits" of other images
    • ImageMagick - Tool for manipulating images.
    • Outguess - Universal steganographic tool.
    • Pngtools - For various analysis related to PNGs.
    • Steganabara - Tool for stegano analysis written in Java.
    • Stegbreak - Launches brute-force dictionary attacks on JPG image.
    • Steghide - Hide data in various kind of images.
    • StegOnline - Conduct a wide range of image steganography operations, such as concealing/revealing files hidden within bits (open-source).
    • Stegsolve - Apply various steganography techniques to images.
    • AperiSolve - Aperi'Solve is a platform which performs layer analysis on image (open-source).
    • AperiSolve - Aperi'Solve is a platform which performs layer analysis on image (open-source).
  • Web

  • Crypto

    • CyberChef - Web app for analysing and decoding data.
    • PkCrack - A tool for Breaking PkZip-encryption.
    • QuipQuip - An online tool for breaking substitution ciphers or vigenere ciphers (without key).
    • RSACTFTool - A tool for recovering RSA private key with various attack.
  • Bruteforcers

    • Hashcat - Password Cracker
    • Hydra - A parallelized login cracker which supports numerous protocols to attack
    • John The Jumbo - Community enhanced version of John the Ripper.
    • John The Ripper - Password Cracker.
    • Ophcrack - Windows password cracker based on rainbow tables.
    • Turbo Intruder - Burp Suite extension for sending large numbers of HTTP requests
  • Exploits

  • Networking

    • Monit - A linux tool to check a host on the network (and other non-network activities).
    • Nipe - Nipe is a script to make Tor Network your default gateway.
    • Nmap - An open source utility for network discovery and security auditing.
    • Wireshark - Analyze the network dumps.
    • Zeek - An open-source network security monitor.
    • Zmap - An open-source network scanner.
    • Monit - A linux tool to check a host on the network (and other non-network activities).
  • Reversing

    • ApkTool - Android Decompiler.
    • Binary Ninja - Binary analysis framework.
    • BinUtils - Collection of binary tools.
    • BinWalk - Analyze, reverse engineer, and extract firmware images.
    • Frida - Dynamic Code Injection.
    • GDB - The GNU project debugger.
    • Ghidra - Open Source suite of reverse engineering tools. Similar to IDA Pro.
    • Hopper - Reverse engineering tool (disassembler) for OSX and Linux.
    • IDA Pro - Most used Reversing software.
    • Java Decompilers - An online decompiler for Java and Android APKs.
    • Plasma - An interactive disassembler for x86/ARM/MIPS which can generate indented pseudo-code with colored syntax.
    • radare2 - A portable reversing framework.
    • WinDbg - Windows debugger distributed by Microsoft.
    • Xocopy - Program that can copy executables with execute, but no read permission.
    • Detox - A Javascript malware analysis tool.
    • Revelo - Analyze obfuscated Javascript code.
    • Swftools - Collection of utilities to work with SWF files.
    • Xxxswf - A Python script for analyzing Flash files.
  • Services

    • CSWSH - Cross-Site WebSocket Hijacking Tester.
    • Request Bin - Lets you inspect http requests to a particular url.
  • Tutorials

  • Wargames

    • Backdoor - Security Platform by SDSLabs.
    • Crackmes - Reverse Engineering Challenges.
    • CryptoHack - Fun cryptography challenges.
    • echoCTF.RED - Online CTF with a variety of targets to attack.
    • Exploit Exercises - Variety of VMs to learn variety of computer security issues.
    • Exploit.Education - Variety of VMs to learn variety of computer security issues.
    • Hack The Box - Weekly CTFs for all types of security enthusiasts.
    • Hack This Site - Training ground for hackers.
    • Hacker101 - CTF from HackerOne
    • Hacking-Lab - Ethical hacking, computer network and security challenge platform.
    • Hone Your Ninja Skills - Web challenges starting from basic ones.
    • IO - Wargame for binary challenges.
    • Microcorruption - Embedded security CTF.
    • Over The Wire - Wargame maintained by OvertheWire Community.
    • PentesterLab - Variety of VM and online challenges (paid).
    • PicoCTF - All year round ctf game. Questions from the yearly picoCTF competition.
    • PWN Challenge - Binary Exploitation Wargame.
    • Pwnable.kr - Pwn Game.
    • Pwnable.tw - Binary wargame.
    • Pwnable.xyz - Binary Exploitation Wargame.
    • Reversin.kr - Reversing challenge.
    • Ringzer0Team - Ringzer0 Team Online CTF.
    • Root-Me - Hacking and Information Security learning platform.
    • SANS HHC - Challenges with a holiday theme
    • SmashTheStack - A variety of wargames maintained by the SmashTheStack Community.
    • Viblo CTF - Various amazing CTF challenges, in many different categories. Has both Practice mode and Contest mode.
    • VulnHub - VM-based for practical in digital security, computer application & network administration.
    • W3Challs - A penetration testing training platform, which offers various computer challenges, in various categories.
    • WebHacking - Hacking challenges for web.
    • Damn Vulnerable Web Application - PHP/MySQL web application that is damn vulnerable.
  • Websites

  • Wikis

  • Writeups Collections

    • Captf - Dumped CTF challenges and materials by psifertex.
    • Shell Storm - CTF challenge archive maintained by Jonathan Salwan.
  • Uncategorized