Repository files navigation

This is a collection of setup scripts to create an install of various security research tools.Of course, this isn't a hard problem, but it's really nice to have them in one place that's easily deployable to new machines and so forth.The install-scripts for these tools are checked every once in a while, so things should hopefully have a decent chance of working!

Installers for the following tools are included:

Category	Tool	Description
binary	angr	Next-generation binary analysis engine from Shellphish.
binary	angr-management	A GUI reverse engineering and decompilation tool.
binary	beef	Browser exploitation framework.
binary	crosstool	Cross-compilers and cross-architecture tools.
binary	cross2	A set of cross-compilation tools from a Japanese book on C.
binary	decomp2dbg	A plugin to introduce interactive symbols into your debugger from your decompiler.
binary	elfkickers	A set of utilities for working with ELF files.
binary	elfparser	Multiplatform CLI and GUI tool to show information about ELF files.
binary	evilize	Tool to create MD5 colliding binaries
binary	gdb	Up-to-date gdb with python2 bindings.
binary	gef	Enhanced environment for gdb.
binary	ghidra	Open-source reverse engineering and decompilation tool.
binary	honggfuzz	A general-purpose, easy-to-use fuzzer with interesting analysis options.
binary	ida	Decompilation and reversing tool (requires you to download it to ~/Downloads on your own!).
binary	manticore	Manticore is a prototyping tool for dynamic binary analysis, with support for symbolic execution, taint analysis, and binary instrumentation.
binary	one_gadget	Magic gadget search for libc.
binary	preeny	A collection of helpful preloads (compiled for many architectures!).
binary	pwninit	Script to automate starting pwning challenges.
binary	pwndbg	Enhanced environment for gdb. Especially for pwning.
binary	pwnsh	Useful shell scripts for assembly, exploitation, etc.
binary	pwntools	Useful CTF utilities.
binary	qemu	Latest version of qemu!
binary	qiling	A dynamic binary instrumentation framework.
binary	qira	Parallel, timeless debugger.
binary	rappel	A linux-based assembly REPL.
binary	ropper	Another gadget finder.
binary	rp++	Another gadget finder.
binary	seccomp-tools	Provides powerful tools for seccomp analysis
binary	shellnoob	Shellcode writing helper.
binary	taintgrind	A valgrind taint analysis tool.
binary	valgrind	A Dynamic Binary Instrumentation framework with some built-in tools.
binary	villoc	Visualization of heap operations.
binary	xrop	Gadget finder.
forensics	firmware-mod-kit	Tools for firmware packing/unpacking.
forensics	pdf-parser	Tool for digging in PDF files
forensics	peepdf	Powerful Python tool to analyze PDF documents.
forensics	scrdec18	A decoder for encoded Windows Scripts.
forensics	volatility	Analyzer for system memory dumps (classic python2 version; requires python2 tool).
forensics	volatility3	Analyzer for system memory dumps (latest version).
crypto	codext	Python codecs extension featuring CLI tools for encoding/decoding anything including AI-based guessing mode.
crypto	cribdrag	Interactive crib dragging tool (for crypto).
crypto	fastcoll	An md5sum collision generator.
crypto	foresight	A tool for predicting the output of random number generators. To run, launch "foresee".
crypto	featherduster	An automated, modular cryptanalysis tool. WARNING: needs python2 (which can be installed with ctf-tools).
crypto	galois	A fast galois field arithmetic library/toolkit.
crypto	hashpump-partialhash	Hashpump, supporting partially-unknown hashes.
crypto	hash-identifier	Simple hash algorithm identifier.
crypto	libc-database	Build a database of libc offsets to simplify exploitation.
crypto	msieve	Msieve is a C library implementing a suite of algorithms to factor large integers.
crypto	nonce-disrespect	Nonce-Disrespecting Adversaries: Practical Forgery Attacks on GCM in TLS.
crypto	pemcrack	SSL PEM file cracker.
crypto	pkcrack	PkZip encryption cracker.
crypto	reveng	CRC finder.
crypto	rsactftool	RSA attack tool.
crypto	ssh_decoder	A tool for decoding ssh traffic. You will needruby1.8 fromhttps://launchpad.net/~brightbox/+archive/ubuntu/ruby-ng to run this. Run withssh_decoder --help for help, as running it with no arguments causes it to crash.
crypto	sslsplit	SSL/TLS MITM.
crypto	xortool	XOR analysis tool.
crypto	yafu	Automated integer factorization.
web	burpsuite	Web proxy to do naughty web stuff.
web	commix	Command injection and exploitation tool.
web	mitmproxy	CLI Web proxy and python library.
web	subbrute	A DNS meta-query spider that enumerates DNS records, and subdomains.
web	webgrep	grep for Web pages, with JS deobfuscation, CSS unminifying and OCR on images.
stego	steganabara	Another image stenography solver.
stego	stegano-tools	A collection of text and image steganography tools (incl LSB, PVD, PIT).
stego	stegdetect	Stenography detection/breaking tool.
stego	stegsolve	Image stenography solver.
stego	stegosaurus	A steganography tool for embedding arbitrary payloads in Python bytecode (pyc or pyo) files.
stego	zsteg	detect stegano-hidden data in PNG & BMP.
misc	jdgui	Java decompiler.
misc	python2	For when you really need it...
misc	social-analyzer	Social media reconnaisance tool...
misc	veles	Binary data analysis and visualization tool.
misc	xspy	Tiny tool to spy on X sessions.

There are also some installers for non-CTF stuff to break the monotony!

Category	Tool	Description
game	df	Dwarf Fortress! Something to help you relax after a CTF!
web	tor-browser	Useful when you need to hit a web challenge from different IPs.

To use, do:

# set up the path/path/to/ctf-tools/bin/manage-tools setupsource~/.bashrc# list the available toolsmanage-tools list# install gdb, allowing it to try to sudo install dependenciesmanage-tools -s install gdb# install pwntools, but don't let it sudo install dependenciesmanage-tools install pwntools# install qemu, but use "nice" to avoid degrading performance during compilationmanage-tools -n install qemu# uninstall gdbmanage-tools uninstall gdb# uninstall all toolsmanage-tools uninstall all# search for a toolmanage-tools search preload

Where possible, the tools keep the installs very self-contained (i.e., in to tool/ directory), and most uninstalls are just calls togit clean (NOTE, this isNOT careful; everything under the tool directory, including whatever you were working on, is blown away during an uninstall).

Python and Ruby tools are installed in a tool-specific virtual environment.If you want to add other packages to this environment, look under thectf-tools/TOOL/pipx orctf-tools/TOOL/gems directories.

Something not working?I didn't write (almost) any of these tools, but hit upthe discord if you're desperate.Maybe some kind soul will help!

You can get most of these tools in prebuilt containers fromhttps://hub.docker.com/r/ctftools.For example:

$echo hi| docker run -i ctftools/taintgrind taintgrind --taint-stdin=yes /bin/cat/home/ctf/tools/taintgrind/valgrind-3.21.0/build/bin/valgrind --tool=taintgrind --taint-stdin=yes /bin/cat==8== Taintgrind, the taint analysis tool==8== Copyright (C) 2010-2018, and GNU GPL'd, by Wei Ming Khoo.==8== Using Valgrind-3.21.0 and LibVEX; rerun with -h for copyright info==8== Command: /bin/cat==8==0xFFFFFFFF: _syscall_read | Read:3 | 0x0 | 4a5a000_unknownobjhi==8==

You can build a docker image with:

git clone https://github.com/zardus/ctf-toolscd ctf-toolsdocker build -t ctf-tools --build-arg PREINSTALLED=some-tool.

And run it with:

docker run -it ctf-tools

The built image will have ctf-tools cloned and ready to go and your tool installed.

Kali Linux (Sana and Rolling), due to manually setting certain libraries to not use the latest version available (sometimes being out of date by years) causes some tools to not install at all, or fail in strange ways.Overriding these libraries breaks other tools included in Kali so your only solution is to either live with some of Kali's tools being broken, use docker, or running another distribution separately such as Ubuntu.

To add a tool (say, namedtoolname), do the following:

1. Create atoolname directory.
2. Create aninstall script.
3. Add it to the readme.
4. (optional) if special uninstall steps are required, create anuninstall script.

The install script will be run with$PWD beingtoolname. It should install the tool into this directory, in as contained a manner as possible.Ideally, full uninstallation should be possible with agit clean.

The install script should create abin directory and put its executables there.These executables will be automatically linked into the mainbin directory for the repo.They could be launched from any directory, so don't make assumptions about the location of$0!

The individual tools are all licensed under their own licenses.As for ctf-tools itself, it is licensed under BSD 2-Clause License.If you find it useful, star it on github (https://github.com/zardus/ctf-tools).

Good luck!

There's a curated list of CTF tools, but without installers, here:https://github.com/apsdehal/aWEsoMe-cTf.

There's a Vagrant config with a lot of the bigger frameworks here:https://github.com/thebarbershopper/epictreasure.

As tools get officially packaged, we switch to just suggesting that you apt install them!

Previously, this repository included some scripts that were wrappers arounddocker pull.We trust that you can do that yourself :-)

Previously, this repository included library installers.Because of how bespoke library install preferences are (e.g., unlike a tool, it's not clear if per-library venvs are a desired thing), we've stopped shipping them, and link them here for posterity.