All about CTF

angr

 https://angr.io/

Python | Reverse Engineering | Tools

angr is a python framework for analyzing binaries. It combines both static and dynamic symbolic ("concolic") analysis, making it applicable to a variety of tasks.


AVR Instruction Set

 https://www.microchip.com/webdoc/avrassembler/avrassembler.wb_instruction_list.html

Cheatsheet | Datasets

This websites provide reference documentation of the AVR instruction set, which is used for Arduino boards.


Binary Ninja Cloud

 https://cloud.binary.ninja/

Reverse Engineering | Tools

The cloud version of binary ninja allows free reversing in the cloud. It has a real-time collaboration feature.


Binary Refinery

 https://github.com/binref/refinery

Tools

Binary Refinery is a collection of Python scripts for transforming data. It is similar in concept to CyberChef but runs locally. For example, Binary Refinery support base64 or hex transformations, hash data, or pack values into binary.


binwalk

 https://github.com/ReFirmLabs/binwalk

Tools

Binwalk is a binary file analysis tool. It works by traversing a file and looking for potentially embedded files. These embedded files can also be extraced.


CTF Challenge Search

 https://ctf.courgettes.club/

Datasets

Search for CTF challenges by language or topic of the challenge.


CTF Tools by CInsects

 https://cinsects.de/category/resources.html

Tools

CInsects is a German CTF team. They collect resources of tool, tutorials, and documentation around CTF tools and exploitation.


CyberChef

 https://gchq.github.io/CyberChef/

Tools

The CyberChef is a website which provides many recipes and makes it easy to combine them. The recipes are small input/output steps, similar to UNIX tools, and cover a large area of topics, like data formats, encoding, encryption, networking, hashing, compression, etc. The main use case is making it easier in CTFs to chain simple operations together like processing encoded text.


Debin: Predicting Debug Information in Stripped Binaries

 https://debin.ai

Reverse Engineering | Tools

Debin is a tool to predict the debug information of stripped binaries. It only works relyable with C programs, as this is the only dataset it was trained on. It might be useful to use the website for jeopardy CTFs.


DEF CON CTF Archive

 https://archive.ooo/

Datasets

The website provides a playable archive of old DEFCON challenges. The chanllenges are tagged by category and by original CTF.

The files are available on GitHub.


Depix: Recover passwords from pixelized screenshots

 https://github.com/beurtschipper/Depix

Tools

Depix allows to revert pixelization and recover the original text. It works for pixelized images created using linear box filters. The recovery process is not always perfect, but good enough to produce readable text.


dnsteal DNS Exfiltration Tool

 https://github.com/m57/dnsteal

DNS | Tools

dnsteal provides a fake DNS server and encodes a file into a series of DNS requests. The fake DNS server then reassembles the file. This can be used to hide the file exfiltration as DNS traffic, however, since it doesn't use the default DNS server it is quite noisy.


Driftnet

 https://github.com/deiv/driftnet

Networks | Tools

Driftnet watches network traffic, and picks out and displays JPEG and GIF images for display.


Ghidra

 https://ghidra-sre.org/

Reverse Engineering | Tools

Ghidra software reverse engineering (SRE) framework and IDA Pro alternative.


Godbolt Compiler Explorer

 https://godbolt.org/

Tools | x86

The Godbolt compiler explorer allows the user to compile a function and see the corresponding assembly code. It can highlight matching parts in the language and assembly, making it easy to understand how individual expressions are compiled. It supports common languages like C, C++, Go, Rust. It can also work with assembler and LLVM IR.

Another nice feature is, that it can show statistics about assembler code, like needed cycles, instructions, and which resources the instructions need. This uses the LLVM Machine Code Analyzer.


how2heap: Educational Heap Exploitation

 https://github.com/shellphish/how2heap

Tutorials

This repo is for learning various heap exploitation techniques. We use Ubuntu's Libc releases as the gold-standard. Each technique is verified to work on corresponding Ubuntu releases. You can run apt source libc6 to download the source code of the Libc your are using on Debian-based operating system. You can also click ⏵ to debug the technique in your browser using gdb.

Besides the hep exploitation examples the repo also contains references to helpful tools and further information about heap exploitation.


Image Metadata Viewer

 http://exif.regex.info/exif.cgi

Tools

The online Image Metadata Viewer shows the EXIF information from uploaded files or files by URL. It supports a wide range of metadata, such as XMP, EXIF, IPTC, and MakerNotes.


John the Ripper

 https://github.com/openwall/john

Hashes | Passwords | Tools

John the Ripper is THE tool to brute force passwords and password hashes. It is very fast in calculating hashes with support of GPU acceleration and supports a wide range of different hash formats.


libc Database Search

Datasets | Reverse Engineering

Online interface to find a libc database by function offsets. They are powered by the libc-database repository.


Linux System Call Table

Cheatsheet | Datasets | x86

These websites provided an overview over the Linux systemcall interface by listing the syscall numbers, their meanings, and their arguments.


List of Default Passwords

 https://default-password.info/

Datasets | Passwords

The website features a large list of default passwords found in routers and IoT devices. The data is sorted by manufacturer and can be searched.


Online Dis-Assembler

 https://defuse.ca/online-x86-assembler.htm

Tools | x86

Website allowing assembly and disassembly of x86 and x64 code.


Online Disassembler

 https://onlinedisassembler.com/odaweb/

Reverse Engineering | Tools | x86

The online disassembler can disassemble a wide range of binary formats and platforms. It can disassemble free-standing bytes too. It provides a disassembly view, a graph view, a symbols and a function viewer.


Online Hash Crackers

Datasets | Hashes | Passwords

These websites have access to large rainbow tables and allow quick access to known weak hashes.


Over The Wire: Wargames

 https://overthewire.org/wargames/

Datasets | Tools

Over The Wire provides with the wargames many different challenges, to learn exploitations of different things. There are different wargames based on skill and required tooling. In each level the user has to retrieve a flag to procede to the next level.


OWASP Amass

 https://github.com/OWASP/Amass

DNS | Tools

The OWASP Amass tool suite obtains subdomain names by scraping data sources, recursive brute forcing, crawling web archives, permuting/altering names and reverse DNS sweeping. Additionally, Amass uses the IP addresses obtained during resolution to discover associated netblocks and ASNs. All the information is then used to build maps of the target networks.


preeny

 https://github.com/zardus/preeny

Tools

preeny helps pwning binaries by disabling many annoying functions such as random or alarm. It does so by providing different LDPRELOAD-able libraries for those library functions.


Privilege Escalation Cheatsheet (Vulnhub)

 https://github.com/Ignitetechnologies/Privilege-Escalation

Datasets

The repo contains a curated list of various ways to perform privilege escalation. It is sorted by different attack vectors.


pwntools

 https://pwntools.readthedocs.io/en/stable/

Tools

pwntools is one of THE Python tools needed during a CTF. It is useful for both jeopardy and attack-defense CTFs. It provides common abstractions, like connecting to a local or remote program and simplifying I/O. Addtionally, it provides helpers for many exploitation techniques, such as ROP, shellcode, and leaking memory.


RsaCtfTool

 https://github.com/Ganapati/RsaCtfTool

Certificates | Tools

The RsaCtfTool is a tool supporting working with RSA keys. The main focus lies in a wide range of known attacks which are implemented and easy to use with it. This makes it suitable for CTFs, especially Jeopardies.


Run Foreign-Achitecture Docker Containers

 https://npmccallum.gitlab.io/post/foreign-architecture-docker/

Docker | Tools

Sometimes it is necessary to run Docker containers for a different CPU architecture. This Docker containers makes it possible to run other Docker containers with a different architecture. It works by using binfmt_misc, a Linux kernel feature to run files with interpreters, and installs qemu binaries for different architectures.


snidump

 https://github.com/kontaxis/snidump

Networks | Tools

This is a tcpdump-like program for printing TLS SNI and HTTP/1.1 Host fields in live or captured traffic.


Solve Crypto with Force!

 https://scwf.dima.ninja/

Tools

The website offers a large variety of crypto implementations which can be tested. It is helpful to solve unknown crypto challenges during CTFs. It is similar in concept to the CyberChef, but only for crypto.


Vulnerable (Docker) Containers

 https://vulnerablecontainers.org/

Datasets | Docker

The website lists docker containers from Docker Hub with known vulnerabilities in it. The top 1000 docker containers from Docker Hub are regularly scanned with Trivy and the results reported here.

A similar tool to scan for vulnerable containers is Clair scanner.


Vulnerable Apps for Penetration Testing

 https://kaiiyer.co/awesome-vulnerable/

A curated list of vulnerable apps and systems which can be used as penetration testing practice lab. This list aims to help starters as well as pros to test out and enhance their penetration skills.


x86 Instruction Set

Datasets | Cheatsheet | x86

These websites provide reference documentation of the x86 instruction set: