#CTF-Tools
My Personal Library for CTF's
- Online Domain tools: Your online swiss-knife
- radare2: (also known as r2) is a complete framework for reverse-engineering and analyzing binaries; composed of a set of small utilities that can be used together or independently from the command line.
- qemu: QEMU is a generic and open source machine emulator and virtualizer. ... QEMU supports virtualization when executing under the Xen hypervisor or using the KVM kernel module in Linux. When using KVM, QEMU can virtualize x86, server and embedded PowerPC, 64-bit POWER, S390, 32-bit and 64-bit ARM, and MIPS guests.
- gdb: GNU Debugger, which is also called gdb, is the most popular debugger for UNIX systems to debug C and C++ programs.
- strace: is a diagnostic, debugging and instructional userspace utility for Linux. It is used to monitor interactions between processes and the Linux kernel, which include system calls, signal deliveries, and changes of process state.
- angr: angr is a python framework for analyzing binaries. It focuses on both static and dynamic symbolic ("concolic") analysis, making it applicable to a variety of tasks.
- voltron: Voltron is an extensible debugger UI toolkit written in Python. It aims to improve the user experience of various debuggers (LLDB, GDB, VDB and WinDbg) by enabling the attachment of utility views that can retrieve and display data from the debugger host. By running these views in other TTYs, you can build a customised debugger user interface to suit your needs.
- nasm: The Netwide Assembler (NASM) is an assembler and disassembler for the Intel x86 architecture. It can be used to write 16-bit, 32-bit (IA-32) and 64-bit (x86-64) programs. NASM is considered to be one of the most popular assemblers for Linux.
- volatility: The Volatility Framework is a completely open collection of tools, implemented in Python under the GNU General Public License, for the extraction of digital artifacts from volatile memory (RAM) samples.
- dd: dd is a command-line utility for Unix and Unix-like operating systems whose primary purpose is to convert and copy files.
- binwalk: Binwalk is a tool for searching a given binary image for embedded files and executable code. Specifically, it is designed for identifying files and code embedded inside of firmware images.
- wireshark: Wireshark is a free and open source packet analyzer. It is used for network troubleshooting, analysis, software and communications protocol development.
- Sleuth Kit: is a collection of command line tools and a C library that allows you to analyze disk images and recover files from them. It is used behind the scenes in Autopsy and many other open source and commercial forensics tools.
- gpart: gpart is a software utility which scans a storage device, examining the data in order to detect partitions which may exist but are absent from the disk's partition tables
- fdisk:fdisk is a dialog-driven program for creation and manipulation of partition tables. It understands GPT, MBR, Sun, SGI and BSD partition tables.
- TrID: TrID is an utility designed to identify file types from their binary signatures. While there are similar utilities with hard coded logic, TrID has no fixed rules. Instead, it's extensible and can be trained to recognize new formats in a fast and automatic way.
- sagemath: is mathematical software with features covering many aspects of mathematics, including algebra, combinatorics, numerical mathematics, number theory, and calculus.
- pycrypto: This is a collection of both secure hash functions (such as SHA256 and RIPEMD160), and various encryption algorithms (AES, DES, RSA, ElGamal, etc.). The package is structured to make adding new modules easy.
- openssl: OpenSSL is a general purpose cryptography library that provides an open source implementation of the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols.
- FeatherDuster: is a tool used for breaking crypto which tries to make the process of identifying and exploiting weak cryptosystems as easy as possible.
- python: Python is a widely used high-level, general-purpose, interpreted, dynamic programming language. Its design philosophy emphasizes code readability.
- z3: Z3 is a theorem prover from Microsoft Research.
- slack: Slack brings all your communication together in one place. It's real-time messaging, archiving and search for modern teams.
- virtual box: VirtualBox is a powerful x86 and AMD64/Intel64 virtualization product for enterprise as well as home use. Not only is VirtualBox an extremely feature rich, high performance product for enterprise customers, it is also the only professional solution that is freely available as Open Source Software. Note: This list is by no mean comprehensive, this is the basics set of tools that One should have ready for any CTF. Ofcourse specific domain problem may require specialized tools.
- Pico2014 CTF: Well documented write-ups, going from easy to advanced
- awesome ctf: Very well curated CTF list with tools, write-ups, exercises, tutorials...