Tools and Resources to Prepare for a Hacker CTF Competition or Challenge. CTF or Capture the Flag is a traditional competition or war game in any hacker conferences like DEFCON, ROOTCON, HITB and some hackathons. CTF games are usually categorized in the form of Attack and Defend Style, Exploit Development, Packet Capture Analysis, Web Hacking, Digital Puzzles, Cryptography, Stego, Reverse Engineering, Binary Analysis, Mobile Security, etc. As the author of n. CTF Labs, I decided to create a cheat sheet for the tools and resources you may want to use if ever you are planning to participate in a CTF challenge or competition CTF Competitions on Hacker Conferences or Gatherings and Wargames. DEFCON CTF one of the most prestigious and challenging CTF ever in DEFCON which is currently organized by Legitimate Business Syndicatepico. CTF a CTF targeted for middle and high school students. Ghost in the Shellcode an annual CTF which is hosted in Shmoo. Con Hacker Convention. ROOTCON Campus Tour CTF is the first ever inter university CTF challenge in the Philippines which is a open to all college students. ROOTCON CTF is the official CTF of ROOTCON Hacker Conference. CSAW CTF by NYU Policy. HSCTF known to be the first CTF made by high school students and for high school students. Athena Medical Billing Software Login. UCSB i. CTF the UCSB International Capture The Flag is organized by Prof. Giovanni Vigna of the Department of Computer Science at UCSB, and is held once a year usually at the beginning of December, but it has been rescheduled a few timesInfosec Institute CTF our very own CTF Labs. Smash the Stack a war gaming network which simulates software vulnerabilities and allows for the legal execution of exploitation techniques. Over. The. Wire another war gaming network. Embedded Security CTFDef. Camp CTF the official CTF of DEFCAMPHITCON CTFTrend Micro CTF Asia Pacific Japan a CTF event hosted by Trend Micro. More upcoming events are in CTF TimeCTF Guides and Resources. Ethical Hacking Training Resources Info. SecCTF Frameworks or All In One Tools for CTFPwn. Tools a CTF framework and exploit development library used by Gallopsled in every CTFctf tools a Github repository of open source scripts for your CTF needs like binwalk and apktool. Metasploit Framework aside from being a penetration testing framework and software, Metasploit has modules for automatic exploitation and tools for crafting your exploits like findbadchars. ROPgadget used for ROP exploitation. Peda Python Exploit Development Assistance for GDBGoogle where you can ask some questions. Reverse Engineering Tools, Decompilers and Debuggers. Immunity Debugger a debugger similar to Olly. Dbg that has some cool plugins with the use of Python. Olly. Dbg the most disassembly based and GUI debugger for Windows. SWFScan allows you to decompile Flash filesgdb GNU Debugger. IDA Pro Windows, Linux or Mac OS X hosted multi processor disassembler and debugger. Win. Dbg Windows Debugger distributed by Microsoft. Apktool a tool for reversing Android apk files. Live Cd Hacker Tools' title='Live Cd Hacker Tools' />PE Tool provide a handful of useful tools for working with Windows PE executables. UPX Ultimate Packer for e. Xecutablesdex. 2jar AndroidRadare. Unix like reverse engineering framework and commandline tools. Strace a system call tracer and another debugging tool. CTF or Capture the Flag is a traditional competition or war game in any hacker conferences like DEFCON, ROOTCON, HITB and some hackathons. CTF games are usually. Distribution Alternatives to live CD creation File saving Application saving Boot methods Fedora 9 Netinstaller downloads an ISO image and makes USB, UNetbootin. Are you a coder or whitehat hacker looking to make some money on the side Bug bounty hunting might be the perfect gig for you. Biggest list of free hacking tools for you to hack proficiently. The latest craze among Millennials is the old school TV antennaat least according to a piece last month in The Wall Street Journal. Combined with standalone. Objdump part of GNU Binutils. PEID used to determine if any obfuscator was used to pack the executable file. The open source packer that is often used is the UPX packer. Tools for Static Code Analysis. RIPS a static code analyzer for auditing vulnerabilities in PHP applications. HP Fortify Static Code Analyzer also known as Fortify SCA which is a commercial software that is a multi language auditor for vulnerabilities. OWASP Code Crawler a static code review tool for. NET and J2. EEJAVA code which supports the OWASP Code Review Project. OWASP LAPSE Project security auditing tool for detecting vulnerabilities in Java EE Applications. Flawfinder a static source code analyzer that examines CC source code and reports possible security weaknesses. Forensics. Strings allows you to search and extract ASCII and UNICODE strings from a binary. Clash-of-Clans-RH10-fast-Max-Namensanderung-_57.jpg' alt='Live Cd Hacker Tools' title='Live Cd Hacker Tools' />SANS SIFT SANS Investigative Forensic Toolkit SIFT is an Ubuntu Live CDPro. Discover Basic evidence analyzer and data imaging tool. Volatility memory forensics framework. The Sleuth Kit open source digital forensics tool. FTK Imager data preview and imaging tool. IPhone Analyzer used for i. Phone Forensics but only supports i. OS 2, i. OS 3, i. OS 4 and i. OS 5 devices. Xplico network forensics tool. Binwalk firmware analysis tool which allows you to extract the firmware image. Exif. Tool a platform independent Perl library plus a command line application for reading, writing and editing meta information in a wide variety of file formats like EXIF, GPS, IPTC, XMP, JFIF, Geo. TIFF, ICC Profile, Photoshop IRB, Flash. Pix, AFCP and ID3, as well as the maker notes of many digital cameras by Canon, Casio, FLIR, Fuji. Film, GE, HP, JVCVictor, Kodak, Leaf, MinoltaKonica Minolta, Nikon, Nintendo, OlympusEpson, PanasonicLeica, PentaxAsahi, Phase One, Reconyx, Ricoh, Samsung, Sanyo, SigmaFoveon and Sonydd a command line utility for Unix and Linux which allows you to copy and convert files. CAINE Computer Aided INvestigative Environment is a Live GNULinux distribution which is aimed for digital forensics. Autopsy GUI to the command line digital investigation analysis tools in The Sleuth Kit. Any Hex Editors will do. DEFT Linux Digital Evidence Forensics Toolkit Linux distribution. Windows Sysiternals consist of Windows system utilities that contain various useful programs. Crypto. Hashdump. Sage. John The Ripper is a free and fast password cracker available for many flavors of Unix, Windows, DOS, Be. OS, and Open. VMSCryptool open source e learning tool illustrating cryptographic and cryptanalytic conceptscrypo. CTF competitions have this website opened while playing. Steganography. Steghide a stega tool that can be used for embedding or extracting data in various kinds of image and audio files. Ffmpeg cross platform software to record, convert and stream audio and video. Gimp GNU Image Manipulation Program. Audacity free audio auditor and recorder. Stepic python image steganography. Pngcheck PNG tester and debugger which verifies the integrity of PNG, JNG and MNG files by checking the internal 3. CRCs checksums and decompressing the image dataOpen. Stego free steganography solution. Out. Guess. Steg. FSMP3. Stego allows you to hide text in MP3 files. Atomic. Parsley command line program for reading, parsing and setting metadata into MPEG 4 files. Foremost a console program used for file recovery. For Web Vulnerability Hunting or Web Exploitation. Burp Suite commonly used for web application security testing and usually for finding manual web vulnerabilities which has an intercepting proxy and customizable plugins. OWASP ZAP an Open Web Application Security Project similar to Burp but free and open source. WPScan a blackbox Word. Press Vulnerability Scanner. W3af open source web application security scanner. OWASP Dirbuster directory bruteforce or discovery tool. Bizploit open source ERP Penetration Testing framework. Networkingaircrack ng Suite an open source WEPWPAWPA2 cracking tool which is usually bundled in most pentesting distributionsreaver Wi. Fi Protected Setup attacker tool. Kismet 8. 02. 1. Pixiewps a tool used to bruteforce offline the WPS pin exploiting the low or non existing entropy of some APs pixie dust attackNmap an open source port scanner which has plugins for vulnerability assessment and net discovery. Wireshark network sniffer and network protocol analyzer for Unix and Windows. Netcat the TCPIP swiss army. Captipper a python tool to analyze, explore, and revive HTTP malicious traffic. Scapy a powerful interactive packet manipulation program.