SsrfmapAutomatic SSRF fuzzer and exploitation tool
Flask UnsignCommand line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.
One gadgetThe best tool for finding one gadget RCE in libc.so.6
FlowerTCP flow analyzer with sugar for A/D CTF
On PwningMy solutions to some CTF challenges and a list of interesting resources about pwning stuff
Ctf Pwn TipsHere record some tips about pwn. Something is obsoleted and won't be updated. Sorry about that.
PwnablewebPwnableWeb is a suite of web applications for use in information security training.
Pwn SandboxA sandbox to protect your pwn challenges being pwned in CTF AWD.
VenomVenom - A Multi-hop Proxy for Penetration Testers
NullctfA Discord bot that provides ctf tools for collaboration in Discord servers!
CtfCTF write-ups by PDKT team with English and Indonesian language
CtfSome of my CTF solutions
GtfonowAutomatic privilege escalation for misconfigured capabilities, sudo and suid binaries
Rhme 2017Riscure Hack Me embedded hardware CTF 2017-2018.
Libc DatabaseBuild a database of libc offsets to simplify exploitation
CtfcracktoolsChina's first CTFTools framework.中国国内首个CTF工具框架,旨在帮助CTFer快速攻克难关
Oscp Ctfoscp-ctf is a small collection of basic Bash scripts that make life easier and save time whether you are in the OSCP labs, HackThebox or playing around with CTFs.
CtfsubmitterA flag submitter service with distributed attackers for attack/defense CTF games.
Sudo killerA tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo for linux privilege escalation.
SpellbookMicro-framework for rapid development of reusable security tools
Binary ExploitationGood to know, easy to forget information about binaries and their exploitation!
Rocket ShotBackwards program slice stitching for automatic CTF problem solving.
Ctfclictfcli is a tool to manage Capture The Flag events and challenges
PwntoolsCTF framework and exploit development library
CryptonLibrary consisting of explanation and implementation of all the existing attacks on various Encryption Systems, Digital Signatures, Key Exchange, Authentication methods along with example challenges from CTFs
Offport killerThis tool aims at automating the identification of potential service running behind ports identified manually either through manual scan or services running locally. The tool is useful when nmap or any scanning tool is not available and in the situation during which you did a manual port scanning and then want to identify the services running behind the identified ports.
Tiny Xss PayloadsA collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me
Docker WarDocker based Wargame Platform - To practice your CTF skills
Ctf(mostly web related) web challenge writeups between 2011 and 2015
SnoopSnoop — инструмент разведки на основе открытых данных (OSINT world)
FlagcheckerFor effective cheating detection in competitions. Utilizes Linux Kernel Module (LKM) for generating flags.
Ciphey⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡
Shellen🌸 Interactive shellcoding environment to easily craft shellcodes
FbctfPlatform to host Capture the Flag competitions
SpoilerwallSpoilerwall introduces a brand new concept in the field of network hardening. Avoid being scanned by spoiling movies on all your ports!
MemlabsEducational, CTF-styled labs for individuals interested in Memory Forensics
Exploit meVery vulnerable ARM/AARCH64 application (CTF style exploitation tutorial with 14 vulnerability techniques)
Awesome CtfA curated list of CTF frameworks, libraries, resources and softwares
Pentest EnvPentest environment deployer (kali linux + targets) using vagrant and chef.