A collection of tools assembled for the RedEye Hacknight CTF Competition
- Crypto - Decrypts/encrypts everything
- CrypTool2 - Win32/64 Crypto experimenting tool
- FeatherDuster - Identifying and exploiting weak cryptosystems
- CryptoCrack - Identify and crack famous ciphers
- Yafu - Integers factoring ( RSA related )
- RSA-CTFTool - Automated attacks on weak public keys
- XORTool - Analzying XOR Ciphers
- PkCrack - Breaking PkZip Encryption
- HashPump - MD5, SHA1, SHA256, SHA512 exploiting
- John The Ripper - Password cracker
- Johnny - JTR GUI for Win32/64
- Hashcat - Password cracker
- Patator - Multi-purpose brute-forcer
- Nozzlr - Bruteforce framework
- Digital Invisible Ink Toolkit - Extracts messages from images
- LSB Toolkit - Python toolkit for analyzing
- OpenStego - Extracts hidden data from images
- SilentEye - Hides data in images/sounds
- PNGCheck - Dump information from images
- MP3Stego - Mp3 stegano tool
From Awesome-CTF
- Convert - Convert images b/w formats and apply filters
- Exif - Shows EXIF information in JPEG files
- Exiftool - Read and write meta information in files
- Exiv2 - Image metadata manipulation tool
- Outguess - Universal steganographic tool
- Pngtools - For various analysis related to PNGs
- SmartDeblur - Used to deblur and fix defocused images
- Steganabara - Tool for stegano analysis written in Java
- Stegbreak - Launches brute-force dictionary attacks on JPG image
- StegCracker - Steganography brute-force utility to uncover hidden data inside files
- stegextract - Detect hidden files and text in images
- Steghide - Hide data in various kind of images
- Stegsolve - Apply various steganography techniques to images
- Immunity Debugger - Cool debugger/ GUI and CMDLine
- OllyDbg - Windows binary code analyzer
- ILSpy - .NET C# decompiler
- JD-GUI - Basic jar decompiler
- FFDec - Flash decompiler
- dex2jar - Name says it all
- Uncompyle2 - Python bin -> Python code
- Helios - Java decompiler
- FlawFinder - Finds security weaknesses in C/C++ codes
From Awesome-CTF
Tools used for solving Reversing challenges
- Androguard - Reverse engineer Android applications
- Angr - platform-agnostic binary analysis framework
- Apk2Gold - Yet another Android decompiler
- ApkTool - Android Decompiler
- Barf - Binary Analysis and Reverse engineering Framework
- Binary Ninja - Binary analysis framework
- BinUtils - Collection of binary tools
- BinWalk - Analyze, reverse engineer, and extract firmware images.
- Boomerang - Decompile x86 binaries to C
- ctf_import – run basic functions from stripped binaries cross platform
- GDB - The GNU project debugger
- GEF - GDB plugin
- Hopper - Reverse engineering tool (disassembler) for OSX and Linux
- IDA Pro - Most used Reversing software
- Jadx - Decompile Android files
- Java Decompilers - An online decompiler for Java and Android APKs
- Krakatau - Java decompiler and disassembler
- PEDA - GDB plugin (only python2.7)
- Pin A dynamic binary instrumentaion tool by Intel
- Plasma - An interactive disassembler for x86/ARM/MIPS which can generate indented pseudo-code with colored syntax.
- Pwndbg - A GDB plugin that provides a suite of utilities to hack around GDB easily.
- radare2 - A portable reversing framework
- Uncompyle - Decompile Python 2.7 binaries (.pyc)
- WinDbg - Windows debugger distributed by Microsoft
- Xocopy - Program that can copy executables with execute, but no read permission
- Z3 - a theorem prover from Microsoft Research
JavaScript Deobfuscators
- Detox - A Javascript malware analysis tool
SWF Analyzers
- RABCDAsm - Collection of utilities including an ActionScript 3 assembler/disassembler.
- Swftools - Collection of utilities to work with SWF files
- Xxxswf - A Python script for analyzing Flash files.
- MXToolbox - Online website for basic scanning/analyzing
- CSWSH - Cross-Site WebSocket Hijacking Tester
- Request Bin - Lets you inspect http requests to a particular url
- Beautifier - Javascript beautifier
- Revelo - Analyze obfuscated Javascript code
- PHPFormatter - PHP beautifier
- HTMLFormatter - HTML beautifier
- ReactDevTools - Developer tools for react apps
- Fiddler - Web Debugger
- Wappalyzer - Web technology analyzer
From Awesome-CTF
- BurpSuite - A graphical tool to testing website security.
- Commix - Automated All-in-One OS Command Injection and Exploitation Tool.
- Hackbar - Firefox addon for easy web exploitation
- OWASP ZAP - Intercepting proxy to replay, debug, and fuzz HTTP requests and responses
- Raccoon - A high performance offensive security tool for reconnaissance and vulnerability scanning
- SQLMap - Automatic SQL injection and database takeover tooli
- W3af - Web Application Attack and Audit Framework.
- XSSer - Automated XSS testor
- tcpdump - Packet analyzer/Traffic capture
- netcat - Reads and Writes data across network connections
- Scappy - Forge, send and capture packets over the network
- Snort - Detects attacks over network
- Kismet - Wireless network detector, sniffer, and intrusion detection system
From AwesomeCTF
- Bro - An open-source network security monitor.
- Masscan - Mass IP port scanner, TCP port scanner.
- Monit - A linux tool to check a host on the network (and other non-network activities).
- Nipe - Nipe is a script to make Tor Network your default gateway.
- Nmap - An open source utility for network discovery and security auditing.
- Wireshark - Analyze the network dumps.
apt-get install wireshark
- Zmap - An open-source network scanner.
- Binwalk - A tool that helps identify and analyze binaries
- File Utility - Detecs various file types
- Strings - Exports ASCII/unicode strings from various files
- Xplico - Network forensics tool
From AwesomeCTF
- Aircrack-Ng - Crack 802.11 WEP and WPA-PSK keys
apt-get install aircrack-ng
- Audacity - Analyze sound files (mp3, m4a, whatever)
apt-get install audacity
- Bkhive and Samdump2 - Dump SYSTEM and SAM files
apt-get install samdump2 bkhive
- CFF Explorer - PE Editor
- Creddump - Dump windows credentials
- DVCS Ripper - Rips web accessible (distributed) version control systems
- Exif Tool - Read, write and edit file metadata
- Extundelete - Used for recovering lost data from mountable images
- Fibratus - Tool for exploration and tracing of the Windows kernel
- Foremost - Extract particular kind of files using headers
apt-get install foremost
- Fsck.ext4 - Used to fix corrupt filesystems
- Malzilla - Malware hunting tool
- NetworkMiner - Network Forensic Analysis Tool
- PDF Streams Inflater - Find and extract zlib files compressed in PDF files
- ResourcesExtract - Extract various filetypes from exes
- Shellbags - Investigate NT_USER.dat files
- UsbForensics - Contains many tools for usb forensics
- Volatility - To investigate memory dumps
- V0lt - Security CTF Toolkit
- The Sleuth Kit - Digital forensics kit
- Metasploit - Penetration testing software
- Pwntools - CTF Framework for writing exploits (python)
- Bettercap - Framework to perform MITM (Man in the Middle) attacks.
- Layer 2 attacks - Attack various protocols on layer 2
- RegExr - RegEx testing/analyzing
- TorBrowser - Anonymity matters ;)
- ctfTools - Everything(ish) you need
- Visual Studio Code - Cool editor with collaborative editing over the internet
- Neo - Hex editor for windows
- Bless - Hex editor for linux
Thanks uwu - Alaa Zorkane