- Awesome CTF
Tools used for creating CTF challenges
Tools used for creating Forensics challenges
- Registry Dumper - Dump your registry
Tools used for creating Web challenges
Tools used for solving CTF challenges
Tools used for performing various kinds of attacks
- Bettercap - Framework to perform MITM (Man in the Middle) attacks.
- Layer 2 attacks - Attack various protocols on layer 2
Tools used for solving Crypto challenges
- PkCrack - A tool for Breaking PkZip-encryption
- RSATool - Generate private key with knowledge of p and q
- XORTool - A tool to analyze multi-byte xor cipher
Tools used for various kind of bruteforcing (passwords etc.)
- John The Jumbo - Community enhanced version of John the Ripper
- John The Ripper - Password Cracker
- Ophcrack - Windows password cracker based on rainbow tables.
Tools used for solving Exploits challenges
- binjitsu - CTF framework and exploit development library
- Metasploit - Penetration testing software
- pwntools - CTF Framework for writing exploits
- qira - QEMU Interactive Runtime Analyser
- ROP Gadget - Framework for ROP exploitation
Tools used for solving Forensics challenges
- Aircrack-Ng - Crack 802.11 WEP and WPA-PSK keys
apt-get install aircrack-ng
- Audacity - Analyze sound files (mp3, m4a, whatever)
apt-get install audacity
- bkhive and samdump2 - Dump SYSTEM and SAM files
apt-get install samdump2 bkhive
- CFF Explorer - PE Editor
- creddump - Dump windows credentials
- DVCS Ripper - Rips web accessible (distributed) version control systems
- Exif Tool - Read, write and edit file metadata
- extundelete - Used for recovering lost data from mountable images
- Foremost - Extract particular kind of files using headers
apt-get install foremost
- fsck.ext4 - Used to fix corrupt filesystems
- Malzilla - Malware hunting tool
- NetworkMiner - Network Forensic Analysis Tool
- PDF Streams Inflater - Find and extract zlib files compressed in PDF files
- ResourcesExtract - Extract various filetypes from exes
- Shellbags - Investigate NT_USER.dat files
- UsbForensics - Contains many tools for usb forensics
- Volatility - To investigate memory dumps
- Wireshark - Analyze the network dumps
apt-get install wireshark
Tools used for solving Reversing challenges
- Androguard - Reverse engineer Android applications
- Apk2Gold - Yet another Android decompiler
- ApkTool - Android Decompiler
- BinUtils - Collection of binary tools
- BinWalk - Analyze, reverse engineer, and extract firmware images.
- Boomerang - Decompile x86 binaries to C
- GDB - The GNU project debugger
- IDA Pro - Most used Reversing software
- Jadx - Decompile Android files
- Krakatau - Java decompiler and disassembler
- radare2 - A portable reversing framework
- Uncompyle - Decompile Python 2.7 binaries (.pyc)
- WinDbg - Windows debugger distributed by Microsoft
- z3 - a theorem prover from Microsoft Research
SWF Analyzers - RABCDAsm - Collection of utilities including an ActionScript 3 assembler/disassembler. - swftools - Collection of utilities to work with SWF files - xxxswf - A Python script for analyzing Flash files.
Various kind of useful services available around the internet
- CSWSH - Cross-Site WebSocket Hijacking Tester
- Request Bin - Lets you inspect http requests to a particular url
Tools used for solving Steganography challenges
- pngtools - For various analysis related to PNGs
apt-get install pngtools
- SmartDeblur - Used to deblur and fix defocused images
- Steganabara - Tool for stegano analysis written in Java
- Steghide - Hide data in various kind of images
- Stegsolve - Apply various steganography techniques to images
Tools used for solving Web challenges
- SQLMap - Automatic SQL injection and database takeover tooli
- w3af - Web Application Attack and Audit Framework.
- XSSer - Automated XSS testor
Where to discover about CTF
Collections of installer scripts, useful tools
- CTF Tools - Collection of setup scripts to install various security research tools.
Tutorials to learn how to play CTFs
- CTF Field Guide - Field Guide by Trails of Bits
- CTF Resources - Start Guide maintained by community
- How to Get Started in CTF - Short guideline for CTF beginners by Endgame
- MIPT CTF - A small course for beginners in CTFs (in Russian)
Always online CTFs
- Backdoor - Security Platform by SDSLabs.
- Ctfs.me - CTF All the time
- Exploit Exercises - Variety of VMs to learn variety of computer security issues.
- Hack This Site - Training ground for hackers.
- Over The Wire - Wargame maintained by OvertheWire Community
- Ringzer0Team - Ringzer0 Team Online CTF
- SmashTheStack - A variety of wargames maintained by the SmashTheStack Community.
- VulnHub - VM-based for practical in digital security, computer application & network administration.
- WeChall - Always online challenge site.
Various general websites about and on ctf
- CTF Time - General information on CTF occuring around the worlds
- Reddit Security CTF - Reddit CTF category
Various Wikis available for learning about CTFs
Collections of CTF write-ups
- Captf - Dumped CTF challenges and materials by psifertex
- CTF write-ups (community) - CTF challenges + write-ups archive maintained by the community
- pwntools writeups - A collection of CTF write-ups all using pwntools
- Shell Storm - CTF challenge archive maintained by Jonathan Salwan
- Smoke Leet Everyday - CTF write-ups repo maintained by SmokeLeetEveryday team.