1 of 1

Best Tooling For CTF

In addition a knowledge of basic Linux commands, access to the following tools (or equivalent tools) are recommended as preparation for an entry level Capture-the-Flag (CTF) competition. Use what ever works for you!

General Competition Tools:
- B asic Linux Commands
- Kali Linux
- Google Chrome SSH – Lightweight SSH Browser addon:
- Number / Text Conversion Tools:
  - Number Converter ( Binary, Octal, Decimal, Hex)
  - Hex to ASCII (text)
  - Binary to Text
  - Text to Numbers (Hex, Decimal, Binary)
  - Base64 (Text, Hex, Video, Audio, etc. )
  - Base2-Base36 – Base2 to Base36 Converter
Open Source Intelligence:
- Google, Google Maps, Google Dorks (operators)
- whois.domaintools.com – Domain owners, name servers info, IP addresses
- www.robtex.com – Host name, IP , DNS and registry information
- Jeffrey’s Image Meta Data Viewer – Image Meta Data info
Steganography Tools:
- StegOnline – web-based open-source port of StegSolve.
- Hex Editor – browser based hex editor
- ‘strings‘ – Linux command to view visible text characters
- ‘binwalk‘ – Linux command to extract embedded files and executables
- Digital Invisible Ink Toolkit – hide/extract files from inside an image
- Steghide – open source steganography software (Linux)
- Stegosuite – a free steganography tool written in Java (Linux).
- pngcheck – look for/correct broken chunks.
- GeorgeOM.net – Geo Explore Colour & Bit Planes (Go to “Browse Bit Planes”)
Crytography Decoders:
- XOR Decorder – Calculate exclusive ‘OR’ operation
- Caesar Cipher – Shift Cipher
- ROT13 – Shift Cipher
- A1Z26 – Replace Letters with Numbers
- Vigenere Cipher (requires a key)
- Atbash Cipher (simple)
- Vernan (One-time Pad)
- Rail Fence Cipher (ZigZag)
Password Cracking:
1. Hash-Identifier – Identifies hash type (Kali)
2. Hashcat – HASH cracking tool (Kali)
3. Crackstation – Browser based Hash Cracker: (https://crackstation.net/)
4. md5sum – calculates/verifies 128-bit MD5 hashes,
5. John the Ripper – Detect and crack weak PWs (Kali).
6. Rockyou.txt WordList (download) – contains 14m unique PWs (Kali).
Web Exploitation:
1. /robots.txt – lists pages or files that search engines can’t request,
2. Dirbuster – brute force discovery of hidden directories/files (Kali)
3. Development Tools – Browser option use to inspect source and cookies.
4. User Agent Extension – allows browser to switch user agent .
Log Analysis:
- See Basic Linux Commands
Scanning:
1. Nmap – utility for network discovery and auditing
2. Dirbuster – Scan web sites for hidden web pages
3. Metasploit Framework – scan for known vulnerabilities (Kali)
4. Recon-ng – perform recon on remote targets (Kali).
5. W3bin.com – Info on who is hosting a website
Network Traffic Analysis:
1. Wireshark – GUI based traffic capture and analysis tool (Kali, Windows or Mac OS).
2. tcpdump – packet analyzer utility for Linux command line
3. WinDump – Windows version on tcpdump.
4. ngrep – search for strings in network packets
Enumeration and Exploitation:
1. ‘File’ Command – determine a file type (including executables)
2. ‘Strings’ Command – Display text comments in an executable.
3. Hex Editor – view executable for visible text stings
4. ‘xxd -r’ Command – convert a hex dump back to its original binary form
5. Ghidra – reverse engineering tool developed by the NSA
6. Objdump -d – Linux command line dis-assembler
7. Netcat – utility that reads and writes data across network
8. uncompyle6 – translates Python bytecode back into source
9. GDB – Inspect memory w/in the code being debugged
10. Pwntools – a CTF framework and exploit development library.
Wireless Exploitation:
1. Wigle.Net – Wifi info database for hotspots from around the world
2. Kali Linux – Linux suite of cybersecurity tools
3. Wireshark – network packet analysis
4. Aircrack- ng – tools to assess WiFi network security
5. ‘ifconfig‘ command – configure and query TCP/IP network interface parameters
6. Stumbler (set SSID to ANY) active mode (Windows)
7. Kismet : both war-drive and sniffer. Uses passive mode (Linux)

References:

Best Tooling For CTF

General Competition Tools:
- B asic Linux Commands
- Kali Linux
- Google Chrome SSH – Lightweight SSH Browser addon:
- Number / Text Conversion Tools:
  - Number Converter ( Binary, Octal, Decimal, Hex)
  - Hex to ASCII (text)
  - Binary to Text
  - Text to Numbers (Hex, Decimal, Binary)
  - Base64 (Text, Hex, Video, Audio, etc. )
  - Base2-Base36 – Base2 to Base36 Converter
Open Source Intelligence:
- Google, Google Maps, Google Dorks (operators)
- whois.domaintools.com – Domain owners, name servers info, IP addresses
- www.robtex.com – Host name, IP , DNS and registry information
- Jeffrey’s Image Meta Data Viewer – Image Meta Data info
Steganography Tools:
- StegOnline – web-based open-source port of StegSolve.
- Hex Editor – browser based hex editor
- ‘strings‘ – Linux command to view visible text characters
- ‘binwalk‘ – Linux command to extract embedded files and executables
- Digital Invisible Ink Toolkit – hide/extract files from inside an image
- Steghide – open source steganography software (Linux)
- Stegosuite – a free steganography tool written in Java (Linux).
- pngcheck – look for/correct broken chunks.
- GeorgeOM.net – Geo Explore Colour & Bit Planes (Go to “Browse Bit Planes”)
Crytography Decoders:
- XOR Decorder – Calculate exclusive ‘OR’ operation
- Caesar Cipher – Shift Cipher
- ROT13 – Shift Cipher
- A1Z26 – Replace Letters with Numbers
- Vigenere Cipher (requires a key)
- Atbash Cipher (simple)
- Vernan (One-time Pad)
- Rail Fence Cipher (ZigZag)
Password Cracking:
1. Hash-Identifier – Identifies hash type (Kali)
2. Hashcat – HASH cracking tool (Kali)
3. Crackstation – Browser based Hash Cracker: (https://crackstation.net/)
4. md5sum – calculates/verifies 128-bit MD5 hashes,
5. John the Ripper – Detect and crack weak PWs (Kali).
6. Rockyou.txt WordList (download) – contains 14m unique PWs (Kali).
Web Exploitation:
1. /robots.txt – lists pages or files that search engines can’t request,
2. Dirbuster – brute force discovery of hidden directories/files (Kali)
3. Development Tools – Browser option use to inspect source and cookies.
4. User Agent Extension – allows browser to switch user agent .
Log Analysis:
- See Basic Linux Commands
Scanning:
1. Nmap – utility for network discovery and auditing
2. Dirbuster – Scan web sites for hidden web pages
3. Metasploit Framework – scan for known vulnerabilities (Kali)
4. Recon-ng – perform recon on remote targets (Kali).
5. W3bin.com – Info on who is hosting a website
Network Traffic Analysis:
1. Wireshark – GUI based traffic capture and analysis tool (Kali, Windows or Mac OS).
2. tcpdump – packet analyzer utility for Linux command line
3. WinDump – Windows version on tcpdump.
4. ngrep – search for strings in network packets
Enumeration and Exploitation:
1. ‘File’ Command – determine a file type (including executables)
2. ‘Strings’ Command – Display text comments in an executable.
3. Hex Editor – view executable for visible text stings
4. ‘xxd -r’ Command – convert a hex dump back to its original binary form
5. Ghidra – reverse engineering tool developed by the NSA
6. Objdump -d – Linux command line dis-assembler
7. Netcat – utility that reads and writes data across network
8. uncompyle6 – translates Python bytecode back into source
9. GDB – Inspect memory w/in the code being debugged
10. Pwntools – a CTF framework and exploit development library.
Wireless Exploitation:
1. Wigle.Net – Wifi info database for hotspots from around the world
2. Kali Linux – Linux suite of cybersecurity tools
3. Wireshark – network packet analysis
4. Aircrack- ng – tools to assess WiFi network security
5. ‘ifconfig‘ command – configure and query TCP/IP network interface parameters
6. Stumbler (set SSID to ANY) active mode (Windows)
7. Kismet : both war-drive and sniffer. Uses passive mode (Linux)