Getting Started with CTFs

CTF Competitions

• DEFCON CTF
• picoCTF
• Ghost in the Shellcode
• ROOTCON Campus Tour CTF
• ROOTCON CTF
• CSAW CTF
• HSCTF
• UCSB iCTF
• Smash the Stack
• Embedded Security CTF
• DefCamp CTF
• HITCON CTF

CTF Guides and Resources

• Trail of Bits CTF Guide – one of the best guides for newbies
• Practice CTF List / Permanent CTF List – a good collection and resource of CTFs that are long-running
• Awesome CTF – a curated list of Capture The Flag (CTF) frameworks, libraries, resources and software
• Vulnhub – vulnerable machines you can practice or for your pentest laboratory
• CTF Resources – a repository and an archive of general topics for CTF and is somehow the same with Trail of Bits CTF Guide
• Reddit’s securityCTF – securityCTF
• Forensics Wiki – computer forensics

CTF Frameworks or All-In One Tools for CTF

• PwnTools – a CTF framework and exploit development library used by Gallopsled in every CTF
• ctf-tools – a Github repository of open source scripts for your CTF needs like binwalk and apktool
• Metasploit Framework – aside from being a penetration testing framework and software, Metasploit has modules for automatic exploitation and tools for crafting your exploits like find_badchars.rb, egghunter.rb, patter_offset.rb, pattern_create.rb, etc.
• ROPgadget – used for ROP exploitation
• Peda – Python Exploit Development Assistance for GDB
• Google – where you can ask some questions

Reverse Engineering Tools, Decompilers and Debuggers

• Immunity Debugger – a debugger similar to OllyDbg that has some cool plugins with the use of Python
• OllyDbg – the most disassembly-based and GUI debugger for Windows
• SWFScan – allows you to decompile Flash files
• gdb – GNU Debugger
• IDA Pro – Windows, Linux or Mac OS X hosted multi-processor disassembler and debugger
• WinDbg – Windows Debugger distributed by Microsoft
• Apktool – a tool for reversing Android apk files
• PE Tool – provide a handful of useful tools for working with Windows PE executables
• UPX – Ultimate Packer for eXecutables
• dex2jar (Android)
• Radare2 – Unix-like reverse engineering framework and commandline tools
• Strace – a system call tracer and another debugging tool
• Objdump – part of GNU Binutils
• PEID – used to determine if any obfuscator was used to pack the executable file. The open source packer that is often used is the UPX packer

Tools for Static Code Analysis

• RIPS – a static code analyzer for auditing vulnerabilities in PHP applications
• HP Fortify Static Code Analyzer – also known as Fortify SCA which is a commercial software that is a multi-language auditor for vulnerabilities
• OWASP Code Crawler – a static code review tool for .NET and J2EE/JAVA code which supports the OWASP Code Review Project
• OWASP LAPSE Project – security auditing tool for detecting vulnerabilities in Java EE Applications
• Flawfinder – a static source code analyzer that examines C/C++ source code and reports possible security weaknesses

Forensics

• Strings – allows you to search and extract ASCII and UNICODE strings from a binary
• SANS SIFT – SANS Investigative Forensic Toolkit (SIFT) is an Ubuntu Live CD
• ProDiscover Basic – evidence analyzer and data imaging tool
• Volatility – memory forensics framework
• The Sleuth Kit – open source digital forensics tool
• FTK Imager – data preview and imaging tool
• IPhone Analyzer – used for iPhone Forensics but only supports iOS 2, iOS 3, iOS 4 and iOS 5 devices
• Xplico – network forensics tool
• Binwalk – firmware analysis tool which allows you to extract the firmware image
• ExifTool – a platform-independent Perl library plus a command-line application for reading, writing and editing meta information in a wide variety of file formats like EXIF, GPS, IPTC, XMP, JFIF, GeoTIFF, ICC Profile, Photoshop IRB, FlashPix, AFCP and ID3, as well as the maker notes of many digital cameras by Canon, Casio, FLIR, FujiFilm, GE, HP, JVC/Victor, Kodak, Leaf, Minolta/Konica-Minolta, Nikon, Nintendo, Olympus/Epson, Panasonic/Leica, Pentax/Asahi, Phase One, Reconyx, Ricoh, Samsung, Sanyo, Sigma/Foveon and Sony
• dd – a command line utility for Unix and Linux which allows you to copy and convert files
• CAINE – Computer Aided INvestigative Environment is a Live GNU/Linux distribution which is aimed for digital forensics
• Autopsy – GUI to the command line digital investigation analysis tools in The Sleuth Kit
• Any Hex Editors will do
• DEFT Linux – Digital Evidence & Forensics Toolkit Linux distribution
• Windows Sysiternals – consist of Windows system utilities that contain various useful programs

Crypto

• Hashdump
• Sage
• John The Ripper – is a free and fast password cracker available for many flavors of Unix, Windows, DOS, BeOS, and OpenVMS
• Cryptool – open source e-learning tool illustrating cryptographic and cryptanalytic concepts
• crypo.in.ua – online decoder and encoder for crypto and most people who are joining CTF competitions have this website opened while playing

Steganography

• Steghide – a stega tool that can be used for embedding or extracting data in various kinds of image and audio files
• Ffmpeg – cross-platform software to record, convert and stream audio and video
• Gimp – GNU Image Manipulation Program
• Audacity – free audio auditor and recorder
• Stepic – python image steganography
• Pngcheck – PNG tester and debugger which verifies the integrity of PNG, JNG and MNG files (by checking the internal 32-bit CRCs [checksums] and decompressing the image data)
• OpenStego – free steganography solution
• OutGuess
• StegFS
• MP3Stego – allows you to hide text in MP3 files
• AtomicParsley – command line program for reading, parsing and setting metadata into MPEG-4 files
• Foremost – a console program used for file recovery

For Web Vulnerability Hunting or Web Exploitation

• Burp Suite – commonly used for web application security testing and usually for finding manual web vulnerabilities which has an intercepting proxy and customizable plugins
• OWASP ZAP – an Open Web Application Security Project similar to Burp but free and open source
• WPScan – a blackbox WordPress Vulnerability Scanner
• W3af – open source web application security scanner
• OWASP Dirbuster – directory bruteforce or discovery tool
• Bizploit – open source ERP Penetration Testing framework

Networking

• aircrack-ng Suite – an open source WEP/WPA/WPA2 cracking tool which is usually bundled in most pentesting distributions
• reaver – WiFi Protected Setup attacker tool
• Kismet – 802.11 layer2 wireless network detector, sniffer, and intrusion detection system
• Pixiewps – a tool used to bruteforce offline the WPS pin exploiting the low or non-existing entropy of some APs (pixie dust attack)
• Nmap – an open source port scanner which has plugins for vulnerability assessment and net discovery
• Wireshark – network sniffer and network protocol analyzer for Unix and Windows
• Netcat -the TCP/IP swiss army
• Captipper – a python tool to analyze, explore, and revive HTTP malicious traffic
• Scapy – a powerful interactive packet manipulation program

For Your Protection in Attack in Defend

• Snort – lightweight and free network intrusion detection system for UNIX and Windows
• Iptables
• Any Antivirus and Two-Way firewall will do
• Chellam – Wi-Fi IDS/Firewall for Windows which detect Wi-Fi attacks, such as Honeypots, Evil Twins, Mis-association, and Hosted Network based backdoors etc., against a Windows based client without the need of custom hardware or drivers
• peepdf – Python tool to explore PDF files in order to find out if the file can be harmful or not
• Android IMSI-Catcher Detector – Android app for detecting IMSI-Catchers

Some Linux Distributions Ideal for CTF

• Santoku Linux – GNU/Linux distribution or distro designed for helping you in every aspect of your mobile forensics, mobile malware analysis, reverse engineering and security testing needs
• Kali Linux – a fully packed penetration testing Linux distribution based on Debian
• BackBox Linux – a simplistic penetration testing distro based on Ubuntu
• CAINE – Computer Aided I

• Nvestigative Environment is a Live GNU/Linux distribution which is aimed for digital forensics
• DEFT Linux – Digital Evidence & Forensics Toolkit Linux distribution