Tools

Here are some tools that might be of use to solve various challenges, more will be added soon...

Additionally we would higly recommend checking out CTF resources like CTF101 to get an introduction to different topics you might encounter.

Ghidra

A powerful reverse engineering tool developed by the NSA, Ghidra enables deep binary analysis by decompiling executables, supporting multiple architectures, and providing advanced code visualization capabilities.

pwndbg and GEF

Advanced GDB debugging plugins that transform the debugging experience with enhanced visual interfaces, real-time register tracking, and simplified exploit development workflows.

Burp Suite and Postman

Web application security and API testing platforms for intercepting, analyzing, and manipulating HTTP/HTTPS requests during web-based CTF challenges.

pwntools

Comprehensive Python library specifically designed for binary exploitation, providing utilities for remote process interaction, shellcode generation, and rapid exploit development.

Wireshark

Network protocol analyzer for detailed packet inspection, supporting hundreds of protocols and critical for network forensics and traffic analysis challenges.

VirtualBox and Docker

Virtualization solutions for creating isolated testing environments, with VirtualBox offering full virtual machines and Docker providing lightweight, reproducible container deployments.

SageMath

Mathematical software system ideal for cryptography and number theory challenges, built on Python with advanced computational capabilities. We recommend 3 possible approaches to downloading it:

• Using Conda on Linux/WSL2
• Using Homebrew on Mac
• Deploy in docker container

Building from source has proven to be overly time consuming and unreliable.

IDA Free

Professional-grade disassembler and debugger used extensively in reverse engineering, offering advanced static and dynamic analysis tools.

Radare2

Open-source reverse engineering framework supporting multiple architectures, providing powerful binary analysis and debugging capabilities.

CyberChef

Web-based encryption, encoding, and data transformation tool perfect for cryptography and steganography challenges.

Volatility

Memory forensics framework for analyzing system memory dumps, critical for forensic and memory-based CTF challenges.

NMAP

Network discovery and security auditing tool for port scanning, service detection, and network reconnaissance.

John the Ripper

Password cracking tool designed to test password strength and break cryptographic hashes across various algorithms.

Binwalk

Firmware analysis tool for extracting and analyzing embedded file systems, particularly useful in reverse engineering challenges.