/CTF-Helpful-Notes

Storing things that would help on CTFs

CTF-Notes - Storing tools/links that would help on CTFs. WIP

NOTE: I do not own these tools nor do I claim to. This is just a place to store tools I find useful to use on CTF events. If you are unsure how to use a tool listed below or one you found: Remember to use the -h command on a tool or read the man page. Links provided at the time are to the legitmate website, but always take precautions when clicking.

Tools

  • Network scanning tools
      • Nmap: https://github.com/nmap/nmap
  • Reverse Engineering Tools
      • Binwalk: Analyzing, reverse engineering, & extracting firmware images URL: https://github.com/ReFirmLabs/binwalk?tab=readme-ov-file (Note: This is also installed on Kali linux by default)
      strace - Review the github for the most information, but related to ptrace. URL: https://github.com/strace/strace
  • OSINT Tools
      • Recon-ng: Osint tool you link API keys to get information from social media sites on a company or person. NOTE: You will need to add your own API keys as they do not provide that.
      Exiftool: ExifTool is used to read and write metadata in various file types, such as JPEG images [Description taken from TryHackMe]. Also helps with OSINT as you can take the coordinates of the image to track down where it was taken.URL: https://github.com/exiftool/exiftool
  • Netcat: Unix tool that reads and writes data across network connections using TCP or UDP protocol. [Taken from Kali Linux's tool page] URL: https://github.com/lanmaster53/recon-ng
  • Note Taking Applications - Linux/Windows/Apple
      • CherryTree - Linux: Note taking tool that is built into Kali linux. Useful to keep notes for your CTF. Worth installing on any linux system. URL: https://github.com/giuspen/cherrytree/releases
      Obsidian - Windows/Apple/Linux URL: https://obsidian.md/
  • hashid: Run this to check a hash that you obtain to tell what it is. This will help to avoid having to bruteforce with hashcat/johntheripper.
  • pdfinfo: Allows you to see all of the metadata on a PDF
  • QRCode Tools
      • QRCodeRaptor - This allows you to upload QR codes or use your built in camera to scan a QR Code. It's a safe way to scan vs using your phone. Can be used in a real life case or CTF. URL: https://qrcoderaptor.com/
  • strace - (edit this later with details)
  • C2 tools (Note: I do not own these, but use them for CTFs when needed. Found these out from someone and going to try them in an upcoming CTF if able.):
      • Sliver (No GUI) - URL: https://github.com/BishopFox/sliver
      Havoc (Has GUI) - URL: https://github.com/HavocFramework/Havoc