CTF Tools and Resources

CTF Tools and Resources

Useful tools and references, click on tool name to visit download page or access reference materials

--Tool names in italics are native to Kali

Multi-use tools

  • CyberChef : Great tool for multi-layer crypto challenges, basic stego, and deobfuscation

Stego Tools

  • StegOnline : Online tool to manipulate RGB values in an image, modify image for least significant bit (LSB)
  • Sonic Visualiser : Downloadable tool that visualizes and analyzes audio recordings, great for audio stego challenges
  • ffmpeg : Converts audio files to different formats and demodulates audio to find hidden messages, among other audio file manipulations
  • steghide : Basic command-line stego tool to extract embedded data from media files
  • PhonoPaper : Phone app that plays audio and therefore exposes hidden messages from equalizer-seeming images (link is to Google app store but it's also available in the Apple App Store)
  • PDF Parser : Python-based command-line tool that parses through PDF files and identifies fundamental elements

Decryption Tools

  • Cryptii : Online Caesar cipher decoder that allows you to manipulate case, foreign characters, decoding alphabet, and numbers

Password Crackers/Brute Force Tools

  • fcrackzip : Command-line tool for cracking legacy hashes on zip files, link provided is a comprehensive guide. Can be installed on Kali using :
    sudo apt-get install fcrackzip
    
  • dirb : Command-line tool that scans for existing and/or hidden web objects. Do not use this tool if the CTF organizers ask participants to not brute-force challenges.
  • John the Ripper : Command-line tool that cracks cleartext and hashed passwords

Reverse Engineering

  • Ghidra : Open-source reverse engineering tool developed by the National Security Agency compatible with Windows, Mac, and Linux

Javascript Deobfuscation

  • JSNice: Makes Javascript code more readable

  • JSBeautify.io: Makes Javascript code more readable, structures whitespace/code structure to be more legible

  • JSConsole: Allows testing of Javascript code