The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning. Learn more →
Top 23 Python Ctf Projects
-
Ciphey
⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡
-
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
-
gef
GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux
-
-
cicd-goat
A deliberately vulnerable CI/CD environment. Learn CI/CD security through multiple challenges.
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
-
-
Name-That-Hash
🔗 Don't know what type of hash it is? Name That Hash will name that hash type! 🤖 Identify MD5, SHA256 and 300+ other hashes ☄ Comes with a neat web app 🔥
-
GraphQLmap
GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes. - Do not use for illegal testing ;)
-
CyberSecurity
A collection of essential and foundational cybersecurity knowledge, thoughtfully organized for easy comprehension. (by Berkanktk)
-
GTFONow
Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries using GTFOBins.
-
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
Project mention: CyberChef from GCHQ: The Cyber Swiss Army Knife | news.ycombinator.com | 2024-02-01I also discovered Ciphey. Neat little tool indeed, but it's being deprecated. It's mentioned in this issue[1] and being replaced with Ares[2]. Neither could decipher this strange encryption[3] I used it on :(
[1] https://github.com/Ciphey/Ciphey/issues/764
[2] https://github.com/bee-san/Ares
[3] "dEFLWWFKQWxRQW16RnkvbTZML0lsdz09" original text is "hacker"
The Pwntools library stands out as a sophisticated toolset for CTF enthusiasts and security researchers. It aids in creating and executing shellcode, designing payloads, and interacting with remote processes. For instance, the context feature allows developers to switch between different architectures effortlessly, while the 'tube' module streamlines the communication between local and remote processes. And it's not just limited to Linux; the library has support for various platforms including Windows, making it versatile and comprehensive.
There is also GEF, which is widely used by the reverse engineering and CTF community.
https://github.com/hugsy/gef
During the last weekend, a small cyber security club at my town organized their first online CTF competition. I offered to take care of the infrastructure since I've been tinkering with CTFd for a couple of weeks and surprisingly everything went well! (Except two server outages that didn't last long 😁) That's why I'm here sharing with you the process of how I set up, configured, and monitored a CTF platform that handled 150+ users simultaneously totally FOR FREE 💲
Project mention: Osint update of the Snoop Project tool search for user by nickname | news.ycombinator.com | 2024-01-02
In this blog post, we want to explore what happens if a development machine gets compromised, granting an attacker write access to source code repositories. To experience this first-hand, we're using CI/CD Goat, and one of the CTF challenges to play through the scenario of an attacker gaining access to sensitive data within build infrastructure.
NOTE:
The open source projects on this list are ordered by number of github stars.
The number of mentions indicates repo mentiontions in the last 12 Months or
since we started tracking (Dec 2020).
Python Ctf related posts
- Host your own CTF for free 💸 (CTFd Setup Guide)
- How to keep an HTTP connection alive for 9 hours
- Creating Competition Platforms
- PwnTools for Exploit Development
- What's going on with the widespread use of the log(X + 1) transform for NGS data?
- unable to install pwntools on mac m1
- web2shell - Automate converting webshells into reverse shells
-
A note from our sponsor - WorkOS
workos.com | 26 Apr 2024
Index
What are some of the best open-source Ctf projects in Python? This list will help you:
| Project | Stars | |
|---|---|---|
| 1 | Ciphey | 17,000 |
| 2 | pwntools | 11,447 |
| 3 | pwndbg | 6,700 |
| 4 | gef | 6,474 |
| 5 | CTFd | 5,303 |
| 6 | snoop | 2,683 |
| 7 | cicd-goat | 1,807 |
| 8 | ofrak | 1,794 |
| 9 | ctf | 1,743 |
| 10 | Name-That-Hash | 1,413 |
| 11 | GraphQLmap | 1,282 |
| 12 | Zeratool | 1,087 |
| 13 | RootTheBox | 874 |
| 14 | CyberSecurity | 745 |
| 15 | like-dbg | 727 |
| 16 | pwndra | 636 |
| 17 | basecrack | 497 |
| 18 | GTFONow | 491 |
| 19 | penelope | 408 |
| 20 | python-codext | 261 |
| 21 | jwtXploiter | 257 |
| 22 | Bropper | 180 |
| 23 | ghidra2dwarf | 169 |
Sponsored
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com