Ctf

Open-source projects categorized as Ctf Edit details
Language filter: + Python + JavaScript + Go + Shell + TypeScript + C + Ruby
Related topics: #Security #ctf-tools #Python #Hacking #ctf-challenges

Top 23 Ctf Open-Source Projects

  • Awesome-Hacking-Resources

    A collection of hacking / penetration testing resources to make you better!

    Project mention: Cybersecurity Repositories | reddit.com/r/netsecstudents | 2022-05-31

    Hacking Resources

  • Ciphey

    ⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡

    Project mention: How do I get Ciphey to use more cores for decryption? | reddit.com/r/hacking | 2022-02-16

    repo: https://github.com/Ciphey/Ciphey

  • Scout APM

    Less time debugging, more time building. Scout APM allows you to find and fix performance issues with no hassle. Now with error monitoring and external services monitoring, Scout is a developer's best friend when it comes to application development.

  • pwntools

    CTF framework and exploit development library

    Project mention: Awesome CTF : Top Learning Resource Labs | reddit.com/r/TutorialBoy | 2021-11-13

    Pwntools - CTF Framework for writing exploits.

  • awesome-ctf

    A curated list of CTF frameworks, libraries, resources and softwares

    Project mention: Cybersecurity Repositories | reddit.com/r/netsecstudents | 2022-05-31

    CTF

  • juice-shop

    OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

    Project mention: Capture the flag: A Node.js web app vulnerability practice | reddit.com/r/javascript | 2022-05-20

    Take a look at juice-shop as well.

  • MBE

    Course materials for Modern Binary Exploitation by RPISEC

    Project mention: BOF: How to calculate the exact number of NOPS and length of ESP | reddit.com/r/oscp | 2021-11-07

    It's not super current, but I really recommend the [Modern Binary Exploitation}(https://github.com/RPISEC/MBE) course produced by RPISEC if you haven't seen it. It approaches things in a nice structured way.

  • pwndbg

    Exploit Development and Reverse Engineering with GDB Made Easy

    Project mention: Hacked GDB Dashboard Puts It All on Display | news.ycombinator.com | 2022-03-24

    There are a lot of these types of tools already in the reverse engineering community (in order of lowest chance of breaking when you throw really weird stuff at it):

    GEF: https://gef.readthedocs.io/en/master/

    PWNDBG: https://github.com/pwndbg/pwndbg

    PEDA: https://github.com/longld/peda

    They also come with a slew of different features to aid in RE/exploit dev, but many of them are also useful for debugging really weird issues.

  • JetBrains

    Developer Ecosystem Survey 2022. Take part in the Developer Ecosystem Survey 2022 by JetBrains and get a chance to win a Macbook, a Nvidia graphics card, or other prizes. We’ll create an infographic full of stats, and you’ll get personalized results so you can compare yourself with other developers.

  • gef

    GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging features for exploit developers & reverse engineers

    Project mention: Debugging with GDB | news.ycombinator.com | 2022-03-21

    I still struggle with GDB but my excuse is that I seldom use it.

    When I was studying reverse engineering though, I came across a really cool kit (which I've yet to find an alternative for lldb, which would be nice given: rust)

    I'd recommend checking it out, if for no other reason than it makes a lot of things really obvious (like watching what value lives in which register).

    https://github.com/hugsy/gef

    LLDB's closest alternative to this is called Venom, but it's not the same at all. https://github.com/ovh/venom

  • CTFd

    CTFs as you need them

    Project mention: Intentionally vulnerable networks for hackers | reddit.com/r/hacking | 2022-03-07

    TryHackMe and CTFd might be worth a look.

  • google-ctf

    Google CTF

  • pspy

    Monitor linux processes without root permissions

    Project mention: I passed with 100 points on second attempt AMA | reddit.com/r/oscp | 2022-06-14

    I also forgot https://github.com/DominicBreuker/pspy obviously for linux privesc

  • one_gadget

    The best tool for finding one gadget RCE in libc.so.6

    Project mention: Awesome CTF : Top Learning Resource Labs | reddit.com/r/TutorialBoy | 2021-11-13

    one_gadget - A tool to find the one gadget execve('/bin/sh', NULL, NULL) call.

  • ctf

    Ctf solutions from p4 team

    Project mention: Question about ECDSA | reddit.com/r/cryptography | 2022-06-24

  • SUDO_KILLER

    A tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo for linux privilege escalation.

  • hackthebox-writeups

    Writeups for HacktheBox 'boot2root' machines

  • snoop

    Snoop — инструмент разведки на основе открытых данных (OSINT world)

    Project mention: Tool das alle mit E-Mail verknüpfte Accounts auflistet? | reddit.com/r/de_EDV | 2022-06-22

  • Stowaway

    👻Stowaway -- Multi-hop Proxy Tool for pentesters

    Project mention: Stowaway -- Multi-hop Proxy Tool for pentesters | reddit.com/r/CKsTechNews | 2022-05-07

  • reverse-shell-generator

    Hosted Reverse Shell generator with a ton of functionality. -- (Great for CTFs)

    Project mention: bash reverse shell not working | reddit.com/r/hacking | 2022-05-24

  • Name-That-Hash

    🔗 Don't know what type of hash it is? Name That Hash will name that hash type! 🤖 Identify MD5, SHA256 and 300+ other hashes ☄ Comes with a neat web app 🔥

    Project mention: Need some information about a password hash | reddit.com/r/Hacking_Tutorials | 2021-09-11

    This is what I use to identify hashes I am unfamiliar with. https://github.com/HashPals/Name-That-Hash

  • MemLabs

    Educational, CTF-styled labs for individuals interested in Memory Forensics

  • Zeratool

    Automatic Exploit Generation (AEG) and remote flag capture for exploitable CTF problems

    Project mention: GitHub - ChrisTheCoolHut/Zeratool: Automatic Exploit Generation (AEG) and remote flag capture for exploitable CTF problems | reddit.com/r/bag_o_news | 2021-12-26

  • CaptfEncoder

    Captfencoder is a rapid cross platform network security tool suite, providing network security related code conversion, classical cryptography, cryptography, asymmetric encryption, miscellaneous tools, and aggregating all kinds of online tools.

  • GraphQLmap

    GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes.

    Project mention: How to use undocumented web APIs | news.ycombinator.com | 2022-03-10
NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020). The latest post mention was on 2022-06-24.

Ctf related posts

Index

What are some of the best open-source Ctf projects? This list will help you:

Project Stars
1 Awesome-Hacking-Resources 12,120
2 Ciphey 10,071
3 pwntools 9,153
4 awesome-ctf 6,978
5 juice-shop 6,941
6 MBE 4,824
7 pwndbg 4,668
8 gef 4,647
9 CTFd 4,049
10 google-ctf 2,733
11 pspy 2,732
12 one_gadget 1,599
13 ctf 1,570
14 SUDO_KILLER 1,535
15 hackthebox-writeups 1,511
16 snoop 1,460
17 Stowaway 1,433
18 reverse-shell-generator 1,264
19 Name-That-Hash 1,057
20 MemLabs 1,043
21 Zeratool 870
22 CaptfEncoder 849
23 GraphQLmap 845
Find remote jobs at our new job board 99remotejobs.com. There are 4 new remote jobs listed recently.
Are you hiring? Post a new remote job listing for free.

Sponsored
Static code analysis for 29 languages.
Your projects are multi-language. So is SonarQube analysis. Find Bugs, Vulnerabilities, Security Hotspots, and Code Smells so you can release quality code every time. Get started analyzing your projects today for free.
www.sonarqube.org