NOTE: I do not own these tools nor do I claim to. This is just a place to store tools I find useful to use on CTF events. If you are unsure how to use a tool listed below or one you found: Remember to use the -h command on a tool or read the man page. Links provided at the time are to the legitmate website, but always take precautions when clicking.
- Network scanning tools
- Reverse Engineering Tools
- OSINT Tools
- Netcat: Unix tool that reads and writes data across network connections using TCP or UDP protocol. [Taken from Kali Linux's tool page] URL: https://github.com/lanmaster53/recon-ng
- Note Taking Applications - Linux/Windows/Apple
- hashid: Run this to check a hash that you obtain to tell what it is. This will help to avoid having to bruteforce with hashcat/johntheripper.
- pdfinfo: Allows you to see all of the metadata on a PDF
- QRCode Tools
- strace - (edit this later with details)
- C2 tools (Note: I do not own these, but use them for CTFs when needed. Found these out from someone and going to try them in an upcoming CTF if able.):
- Binwalk: Analyzing, reverse engineering, & extracting firmware images URL: https://github.com/ReFirmLabs/binwalk?tab=readme-ov-file (Note: This is also installed on Kali linux by default)
- strace - Review the github for the most information, but related to ptrace. URL: https://github.com/strace/strace
- Recon-ng: Osint tool you link API keys to get information from social media sites on a company or person. NOTE: You will need to add your own API keys as they do not provide that.
- Exiftool: ExifTool is used to read and write metadata in various file types, such as JPEG images [Description taken from TryHackMe]. Also helps with OSINT as you can take the coordinates of the image to track down where it was taken.URL: https://github.com/exiftool/exiftool
- CherryTree - Linux: Note taking tool that is built into Kali linux. Useful to keep notes for your CTF. Worth installing on any linux system. URL: https://github.com/giuspen/cherrytree/releases
- Obsidian - Windows/Apple/Linux URL: https://obsidian.md/
- QRCodeRaptor - This allows you to upload QR codes or use your built in camera to scan a QR Code. It's a safe way to scan vs using your phone. Can be used in a real life case or CTF. URL: https://qrcoderaptor.com/
- Sliver (No GUI) - URL: https://github.com/BishopFox/sliver
- Havoc (Has GUI) - URL: https://github.com/HavocFramework/Havoc