Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
awesome-ctf
forked from https://github.com/apsdehal/awesome-ctf.git
https://github.com/c4pr1c3/awesome-ctf
Last synced: 2 days ago
JSON representation
-
Forensics
- Creddump - Dump windows credentials.
- Dnscat2 - Hosts communication through DNS.
- DVCS Ripper - Rips web accessible (distributed) version control systems.
- Fibratus - Tool for exploration and tracing of the Windows kernel.
- Aircrack-Ng - Crack 802.11 WEP and WPA-PSK keys.
- Fsck.ext4 - Used to fix corrupt filesystems.
- Pngcheck - Verifies the integrity of PNG and dump all of the chunk-level information in human-readable form.
- ResourcesExtract - Extract various filetypes from exes.
- Snow - A Whitespace Steganography Tool.
- OfflineRegistryView - Simple tool for Windows that allows you to read offline Registry files from external drive and view the desired Registry key in .reg file format.
-
Operating Systems
- URIX OS - Based on openSUSE.
- URIX OS - Based on openSUSE.
- URIX OS - Based on openSUSE.
- Android Tamer - Based on Debian.
- BlackArch Linux - Based on Arch Linux.
- Kali Linux - Based on Debian.
- Parrot Security OS - Based on Debian.
- URIX OS - Based on openSUSE.
- REMnux - Based on Debian.
- URIX OS - Based on openSUSE.
-
Steganography
- AperiSolve - Aperi'Solve is a platform which performs layer analysis on image (open-source).
- Convert - Convert images b/w formats and apply filters.
- Exiftool - Read and write meta information in files.
- Image Steganography - Embeds text and files in images with optional encryption. Easy-to-use UI.
- ImageMagick - Tool for manipulating images.
- Pngtools - For various analysis related to PNGs.
- Stegbreak - Launches brute-force dictionary attacks on JPG image.
- StegOnline - Conduct a wide range of image steganography operations, such as concealing/revealing files hidden within bits (open-source).
- Stegsolve - Apply various steganography techniques to images.
-
Web
- Metasploit JavaScript Obfuscator
- BurpSuite - A graphical tool to testing website security.
- Hackbar - Firefox addon for easy web exploitation.
- OWASP ZAP - Intercepting proxy to replay, debug, and fuzz HTTP requests and responses
-
Writeups Collections
- Shell Storm - CTF challenge archive maintained by Jonathan Salwan.
- Captf - Dumped CTF challenges and materials by psifertex.
-
PHP
- Damn Vulnerable Web Application - PHP/MySQL web application that is damn vulnerable
-
Android
- t0thkr1s/frida-demo - an intentionally vulnerable Android application for Frida Demonstration
-
Crypto
- PkCrack - A tool for Breaking PkZip-encryption.
-
Bruteforcers
- Hashcat - Password Cracker
- Turbo Intruder - Burp Suite extension for sending large numbers of HTTP requests
-
Exploits
-
Networking
-
Reversing
- Binary Ninja - Binary analysis framework.
- BinUtils - Collection of binary tools.
- GDB - The GNU project debugger.
- Ghidra - Open Source suite of reverse engineering tools. Similar to IDA Pro.
- IDA Pro - Most used Reversing software.
- WinDbg - Windows debugger distributed by Microsoft.
- Xocopy - Program that can copy executables with execute, but no read permission.
- Detox - A Javascript malware analysis tool.
- Swftools - Collection of utilities to work with SWF files.
- Xxxswf - A Python script for analyzing Flash files.
-
Services
- CSWSH - Cross-Site WebSocket Hijacking Tester.
-
Tutorials
- CTF related notes - Personal CTFs and beyond notes (in Chinese)
- CTF Tricks by Phithon - CTF tricks about Web (in Chinese)
- Intro. to CTF Course - A free course that teaches beginners the basics of forensics, crypto, and web-ex.
- RITSEC - RITSEC is a student run club at Rochester Institute of Technology. There are some CTF writeups and shares in this team repository.
-
Uncategorized
-
Uncategorized
- Kali Linux CTF Blueprints - Online book on building, testing, and customizing your own Capture the Flag challenges.
-
-
Wargames
- 247ctf - A learning oriented real CTF platform with challenges covering across web, cryptography, networking, reversing and exploitation.
- Backdoor - Security Platform by SDSLabs.
- buuoj - A CTF training platform with challenges collected from the past real CTF contests around the world. (in Chinese)
- Crackmes - Reverse Engineering Challenges.
- CryptoHack - Fun cryptography challenges.
- echoCTF.RED - Online CTF with a variety of targets to attack.
- Exploit Exercises - Variety of VMs to learn variety of computer security issues.
- Hack This Site - Training ground for hackers.
- Hacker101 - CTF from HackerOne
- Hacking-Lab - Ethical hacking, computer network and security challenge platform.
- Hone Your Ninja Skills - Web challenges starting from basic ones.
- IO - Wargame for binary challenges.
- jarvisoj - A CTF training platform developed by Jarvis from USSLab in ZJU.
- PentesterLab - Variety of VM and online challenges (paid).
- PicoCTF - All year round ctf game. Questions from the yearly picoCTF competition.
- PWN Challenge - Binary Exploitation Wargame.
- Pwnable.kr - Pwn Game.
- Pwnable.tw - Binary wargame.
- Pwnable.xyz - Binary Exploitation Wargame.
- Reversin.kr - Reversing challenge.
- Root-Me - Hacking and Information Security learning platform.
- SANS HHC - Challenges with a holiday theme
- VulnHub - VM-based for practical in digital security, computer application & network administration.
-
Websites
- CTF Time - General information on CTF occuring around the worlds.
- Reddit Security CTF - Reddit CTF category.
-
Wikis
- Bamboofox - Chinese resources to learn CTF
- bi0s Wiki - Wiki from team bi0s.
- CTF Cheatsheet - CTF tips and tricks.
- OpenToAll - Open To All Knowledge Base
Categories
Sub Categories