SaaSHub helps you find the best software and product alternatives Learn more →
Top 23 Python Ctf Projects
-
Ciphey
⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡
-
InfluxDB
InfluxDB – Built for High-Performance Time Series Workloads. InfluxDB 3 OSS is now GA. Transform, enrich, and act on time series data directly in the database. Automate critical tasks and eliminate the need to move data externally. Download now.
-
-
It's written for exploit development, but even for debugging a C program. It makes things a lot nicer.
https://pwndbg.re/
-
gef
GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux
-
apt install python3-pip -y -q && apt install python3.10-venv -y && apt install python-is-python3 -y -q && apt install docker -y && apt install docker-compose -y git clone https://github.com/CTFd/CTFd.git cd CTFd/ python -m venv venv source venv/bin/activate pip install -r requirements.txt docker-compose up
-
Project mention: Ask HN: Website with 6^16 subpages and 80k+ daily bots | news.ycombinator.com | 2024-10-24
> gzip bomb (100kB size, unpacked around 20GB)
Not possible (unless you're talking double gzip). gzip's max compression ratio is 1032:1[1]. So 100kB can expand to at most ~103MB with single gzip.
Brotli allows much larger compression. Here's[2] a brotli bomb I created that's 81MB compressed and 100TB uncompressed. That's a 1.2M:1 compression ratio.
[1] https://stackoverflow.com/a/16794960
[2] https://github.com/google/google-ctf/blob/main/2019/finals/m...
-
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
-
cicd-goat
A deliberately vulnerable CI/CD environment. Learn CI/CD security through multiple challenges.
-
-
-
Name-That-Hash
🔗 Don't know what type of hash it is? Name That Hash will name that hash type! 🤖 Identify MD5, SHA256 and 300+ other hashes ☄ Comes with a neat web app 🔥
-
GraphQLmap
GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes. - Do not use for illegal testing ;)
-
how-to-exploit-a-double-free
How to exploit a double free vulnerability in 2021. Use After Free for Dummies
-
-
CyberSecurity
A collection of essential and foundational cybersecurity knowledge, thoughtfully organized for easy comprehension. (by Berkanktk)
-
-
-
-
-
GTFONow
Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries using GTFOBins.
-
-
-
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
Python Ctf discussion
Python Ctf related posts
-
Host your CTF using CTFd!
-
Ask HN: Website with 6^16 subpages and 80k+ daily bots
-
Registration Open for NSA Codebreaker Challenge 2024
-
Host your own CTF for free 💸 (CTFd Setup Guide)
-
How to keep an HTTP connection alive for 9 hours
-
Creating Competition Platforms
-
PwnTools for Exploit Development
-
A note from our sponsor - SaaSHub
www.saashub.com | 13 May 2025
Index
What are some of the best open-source Ctf projects in Python? This list will help you:
# | Project | Stars |
---|---|---|
1 | Ciphey | 19,090 |
2 | pwntools | 12,573 |
3 | pwndbg | 8,595 |
4 | gef | 7,490 |
5 | CTFd | 6,014 |
6 | google-ctf | 4,666 |
7 | snoop | 3,338 |
8 | cicd-goat | 2,065 |
9 | ofrak | 1,944 |
10 | ctf | 1,809 |
11 | Name-That-Hash | 1,554 |
12 | GraphQLmap | 1,447 |
13 | how-to-exploit-a-double-free | 1,347 |
14 | Zeratool | 1,123 |
15 | CyberSecurity | 1,090 |
16 | RootTheBox | 995 |
17 | penelope | 916 |
18 | like-dbg | 749 |
19 | pwndra | 678 |
20 | GTFONow | 569 |
21 | basecrack | 553 |
22 | python-codext | 284 |
23 | jwtXploiter | 270 |