All about CTF







CyberChef

https://gchq.github.io/CyberChef/

CTF | Tool

The CyberChef is a website which provides many recipes and makes it easy to combine them. The recipes are small input/output steps, similar to UNIX tools, and cover a large area of topics, like data formats, encoding, encryption, networking, hashing, compression, etc. The main use case is making it easier in CTFs to chain simple operations together, like processing encoded text.






Dogbolt Decompiler Explorer

https://dogbolt.org/

CTF | Tool | x86

Dogbolt is an online interactive decompiler explorer. A binary can be uploaded and the decompiled C-like output of multiple decompilers compared. The website collects all uploaded binaries, so be wary of which files to upload. The big advantage of the website is having so many available decompilers (angr, Binary Ninja, Boomerang, Ghidra, IDA Pro, REC Studio, Reko, RetDec, Snowman). A downside is that no alterations to the decompilation are possible, for example, to provide function signatures.




Godbolt Compiler Explorer

https://godbolt.org/

CTF | Tool | x86

The Godbolt compiler explorer allows the user to compile a function and see the corresponding assembly code. It can highlight matching parts in the language and assembly, making it easy to understand how individual expressions are compiled. It supports common languages like C, C++, Go, Rust. Furthermore, it can also work with assembler and LLVM IR.

Another nice feature is, that it can show statistics about assembler code, like needed cycles, instructions, and which resources the instructions need. This uses the LLVM Machine Code Analyzer.




Linux System Call Table

CTF | Cheatsheet | Dataset | x86

These websites provided an overview of the Linux systemcall interface by listing the syscall numbers, their meanings, and their arguments.



OWASP Amass

https://github.com/owasp-amass/amass

CTF | DNS | Tool

The OWASP Amass tool suite obtains subdomain names by scraping data sources, recursive brute forcing, crawling web archives, permuting/altering names and reverse DNS sweeping. Additionally, Amass uses the IP addresses obtained during resolution to discover associated net blocks and ASNs. All the information is then used to build maps of the target networks.







Reverse Shell Generator

https://www.revshells.com/

CTF | Tool

The website provides a generator for quickly configuring a reverse shell. After entering an IP address and port number, the website shows code snippets for many languages. It also provides the option to create bind shells or use the metasploit framework.












how2heap: Educational Heap Exploitation

https://github.com/shellphish/how2heap

CTF | Tutorial

This repo is for learning various heap exploitation techniques. We use Ubuntu's Libc releases as the gold-standard. Each technique is verified to work on corresponding Ubuntu releases. You can run apt source libc6 to download the source code of the Libc you are using on Debian-based operating system. You can also click ⏵ to debug the technique in your browser using gdb.

Besides the heap exploitation examples the repo also contains references to helpful tools and further information about heap exploitation.



preeny

https://github.com/zardus/preeny

CTF | Tool

preeny helps pwning binaries by disabling many annoying functions, such as random or alarm. It does so by providing different LDPRELOAD-able libraries for those library functions.


pwntools

https://pwntools.readthedocs.io/en/stable/

CTF | Tool

pwntools is one of THE Python tools needed during a CTF. It is useful for both jeopardy and attack-defense CTFs. It provides common abstractions, like connecting to a local or remote program, and simplifying I/O. Additionally, it provides helpers for many exploitation techniques, such as ROP, shellcode, and leaking memory.