ctf

Shirajuki’s CTF Resource/Archive

Mostly taken from https://dox.xil.se/ctf/readme.md?raw=true#

Tools

Android reversing

• adb
• Android APK Decompiler Online decompile tool
• apktool APK extractor, uses smali do disassemble dex
• dex2jar Dex to java decompiler, fails sometimes
• jadx-gui Alternative dex to java decompiler, might not fail when dex2jar fails

Binary exploitation / PWN

• Binary tools
  • Online Disassembler
  • ROP shell
  • Binvis
  • binwalk Analyze a blob and find files within
• Binary unpackers
  • Detect It Easy
  • FUU Fast Universal Unpacker
  • PEiD
  • Universal Extractor
• PWNtools
  • binjitsu
  • libc database
  • ROPGadget
  • How to preload libc fakes, implement them and use LD_PRELOAD, but it can be nice to copypaste
  • GDB-PEDA Make GDB great again!
  • radare2
  • ghidra

Ciphers/ Converters and decoders

• lots of cipher decoding
• base64 encoder/decoder
• hex, dec, bin and ascii converter

Code Formatters

• JS Beautifier
• JSON Formatter

Coding/ Learn2code

• CSES
• codechef

Crypto

• numpy powerful number cruncher
• pycrypto various crypto and hash implementations (sha-1, aes, …)
• pynacl python bindings to nacl (elliptic curve etc)
• fastecdsa fast elliptic curve cryptography in python
• Factoring RSA keys
  • factordb online factor tool/database.
  • sympy includes ntheory.factorint() which is the best allround factoring algo. Solves most ctf-cases.
  • yafu includes factor(), not good at pq that are similar for big modulo
  • primefac python module to factor large numbers, works in parallell
  • ECM factorization applet Horrible java applet but it can find p and q fast if they are close.
• quipqiup Substitution cracker
• sagemath I should get sagemath for python3 soon…
• Learning platforms:
  • cryptopals
  • cryptohack

Forensics tools

• Autopsy
• Volatility

Hash

• crackstation Cracks unsalted md5, sha1 etc.
• hashcat Powerful hash cracker
• HashPump Hash length extention attack tool

Markdown

• quick cheatsheet

Mathematics

• Gram-Schmidt
• Quadratic residue and Legendre symbol
• Elliptic Curves
  • Scalar-multiplication
• RSA
  • modular square roots
  • Lattice based attacks on RSA Coppersmith, Boneh Durfee etc
  • Lucas theorem
  • k in RSA

Network tools

• nmap
• Online port scanner
• Reverse IP domain search
• aircrack-ng
• Scapy

OSINT

• Reverse image search
• google image search

Signal decoding

• Digital radio transmission decoder
• PRAAT Used to map sound of keystrokes to keys
• Morse Sound Decoder

SSL tools

• heartleech snoop private key from heartbleed pcap data see writeup.
• python heartbleed

Stegano

• SmartDeblur
• StegOnline
• Stegsolve.jar
• StegCracker
• steghide
• zsteg

Password cracker

• jtr/John The Ripper Password cracker that supports many standard formats (/etc/shadow etc)
• fcrackzip

PRNG

• untwister Can recover seed from various PRNG such as Mersenne Twister, PHP, Ruby.

Web

• SQLMap
• SQLInjections
• XXE

Writeups

RSA

• common divisor