Thursday, October 2, 2014

Useful tools for CTF

I've selected useful and must-have tools for CTF games and computer security competitions. Most of this tools are often indispensable during the games (especially task-based/jeopardy CTF games).
I've combined tools by categories just like in CTF games: Reverse, Steganography, Networking, Forensics, Cryptography, Scripting.
Most of tools are cross-platform, but some of them are only for Windows or Linux.
Here the light and dark editions of cheat sheets/posters with tools:
Утилиты, программы и тулзы для CTF игр
This is the first version of useful CTF tools cheat sheets. I'm planning to update them with new useful tools.
Thanks to shr for a good advice to add the links for tools. Here are the links to the tools from cheat sheets:

Reverse Engineering:
IDA Pro -
Immunity Debugger -
OllyDbg -
radare2 -
Hopper -
nm - unix/linux tool
objdump - linux tool
strace - linux tool
ILSpy -
FFDec -
dex2jar -
uncompyle2 -
Hex editors:
HxD -
Neo -
Bless -
wxHexEditor -
Exe unpackers - Unpacking Kit 2012 -

Wireshark, tshark -
OpenVPN -
OpenSSL -
tcpdump -
netcat -
nmap -

OpenStego -
OutGuess -
SilentEye -
Steghide -
StegFS -
pngcheck -
Audacity -
MP3Stego -
ffmpeg (for video analysis) -

dd - unix/linux tool
strings - unix/linux tool
scalpel -
TrID -
binwalk -
foremost -
ExifTool -
Digital Forensics Framework (DFF) -
Computer Aided INvestigative Environment (CAINE) Linux forensics live distribution -
The Sleuth Kit (TSK) -
Volatility -

Scripting / PPC (Professional Programming and Coding):
Text editors:
Sublime Text -
Notepad++ -
vim -
emacs -

Cryptool -
hashpump -
Sage -
John the Ripper -
xortool -
Online tools:
Modules for python - pycrypto -


  1. Hope you don't mind me copying and pasting this on my site also. Really good useful tools that you provided. I have only really used a small portion of it but I do see the value in all that was posted. The only one I will probably add for forensics is maybe PDFParonoia...have used it to analyzed pdf's although I know volatility will probably provide more value.

  2. stegsolve is also a really nice tool for stegano:

  3. I think some plugin for Firefox to useful

    - Live HTTP:
    - Tamper Data:

    Or Tool analyse HTTP traffic:
    - CapTipper:

  4. CryptoFox Addon For firefox its also a Good Tool For Decoding and encoding ^^