# Important Tools Solving CTF Field Guide challenges # Syllabus > [TOC] ## Capture The Flag (CTF) Field Guide -- Захвати [первым] флаг, полевой гид > *«Knowing is not enough; we must apply. Willing is not enough; we must do.»* -- ***Johann Wolfgang von Goethe*** > **CTF** -- расщифровывается как "Catch The Flag", что, в свою очередь, буквально переводится "возьми флаг *[первым]*", суть выражения в том, что данная игра является на скорость, в нашём случае - кто быстрее получит доступ к закрытому серверу, например, тот победил. --- ## HEX Editors - [hexdump](https://www.systutorials.com/docs/linux/man/1-hexdump/) --- ## Networking - [Wireshark, tshark](https://www.wireshark.org/download.html) - [tcpdump/libpcap](https://www.tcpdump.org/) - [Netcat](https://nc110.sourceforge.io/) - [telnet](https://linux.die.net/man/1/telnet) - [nmap](https://nmap.org/) --- ## Forensics (криминалистика) - [dd](https://linux.die.net/man/1/dd) - [strings](https://linux.die.net/man/1/strings) - [scalpel](https://github.com/sleuthkit/scalpel) - [TrID](https://mark0.net/soft-trid-e.html) - [binwalk](https://github.com/ReFirmLabs/binwalk) - [foremost](http://foremost.sourceforge.net/) - [ExifTool](https://exiftool.org/) - [DFF](https://tools.kali.org/forensics/dff) - [CAINE](https://www.caine-live.net/) - [The Sleuth Kit (TSK)](https://www.sleuthkit.org/sleuthkit/download.php) - [Volatility](https://www.volatilityfoundation.org/) --- ## Cryptography - [CrypTool](https://www.cryptool.org/en/) - [hashpump](https://github.com/bwall/HashPump) - [Sage](https://www.sagemath.org/) - [John the Ripper](https://www.openwall.com/john/) - [hashcat](https://hashcat.net/hashcat/) - [xortool](https://github.com/hellman/xortool) - Online tools (Web) - Modules for python --- ## Steganography - [OpenStego](https://www.openstego.com/) ↗️ - [OUTDATED] ~~[OutGuess](https://web.archive.org/web/20150415220609/http://www.outguess.org/download.php)~~ - [Steghide](https://sourceforge.net/projects/steghide/files/) ↗️ - [StegFS](https://sourceforge.net/projects/stegfs/) ↗️ - [pngcheck](http://www.libpng.org/pub/png/apps/pngcheck.html) ↗️ - [GIMP](https://www.gimp.org/downloads/) - [Audacity](https://sourceforge.net/projects/audacity/) ↗️ - [Mp3Stego](https://www.petitcolas.net/steganography/mp3stego/) ↗️ - [FFmpeg](https://www.ffmpeg.org/download.html) ↗️ - [npiet](https://www.bertnase.de/npiet/) ↗️ --- ## Own Tools (самописные программы/скрипты) --- ## Reverse & PWN - [GDB](https://www.gnu.org/software/gdb/download/) ↗️ - [IDA Pro](https://www.hex-rays.com/products/ida/support/download/) ↗️ - [Ghidra](https://ghidra-sre.org/) ↗️ - [Immunity Debugger](https://debugger.immunityinc.com/) ↗️ - [OllyDbg](http://www.ollydbg.de/) ↗️ - [radare2](https://www.radare.org/n/radare2.html) ↗️ - [Hopper](https://www.hopperapp.com/index.html) ↗️ - [nm](https://linux.die.net/man/1/nm) ↗️ - [objdump](https://linux.die.net/man/1/objdump) ↗️ - [strace](https://linux.die.net/man/1/strace) ↗️ - [Villoc](https://github.com/n30m1nd/villoc)  ↗️ --- ### .NET - [ILSpy](https://github.com/icsharpcode/ILSpy)  ↗️ - [.NET Reflector](https://www.red-gate.com/products/dotnet-development/reflector/) ↗️ - [Telerik JustDecompile](https://www.telerik.com/products/decompiler.aspx) ↗️ - [Mono.Cecil](https://cecil.pe/) ↗️ - [Reflexil](http://reflexil.net/) ↗️ --- ### Flash - [JPEXS](https://github.com/jindrapetrik/jpexs-decompiler)  ↗️ --- ### Python - [uncomplye2](https://github.com/wibiti/uncompyle2)  ↗️ --- ### Rust --- ### Go --- ### Java/Android - [Java Decompiler (JD-GUI)](https://java-decompiler.github.io/#jd-gui-overview)  ↗️ - [Lee Benfield's CFR](http://www.benf.org/other/cfr/) ↗️ - [JetBrains' Fernflower](https://github.com/JetBrains/intellij-community/tree/master/plugins/java-decompiler/engine)  ↗️ - [Procyon](https://bitbucket.org/mstrobel/procyon/downloads/) ↗️ - [Bytecode Viewer](https://github.com/Konloch/bytecode-viewer)  ↗️ - [Dexer](https://github.com/sailro/Dexer)  ↗️ - [dex2jar](https://github.com/pxb1988/dex2jar)  ↗️ --- ## EXE Unpackers ## Resource Unpackers --- ## Compilers & Package Managers ### Java --- ### Python - [EN] [Pipenv](https://pipenv.readthedocs.io/en/latest/) ↗️ - [EN] [Poetry](https://python-poetry.org/) ↗️ --- ### JavaScript/TypeScript - [Babel]() --- ### Rust - [EN] [Cargo](https://doc.rust-lang.org/cargo/) ↗️ --- ### Go - [EN] [Glide](https://glide.sh/) --- ## OSINT --- ## Online Tools - [EN] [CrypTool-Online](https://www.cryptool.org/en/cryptool-online) ↗️ - [EN] [Online Assembler & Disassembler](https://disasm.pro/) ↗️ - [EN] [Cipher Tools](http://rumkin.com/tools/cipher/) ↗️ - [EN] [Beeceptor](https://beeceptor.com/) ↗️ - [EN] [Dirb](http://dirb.sourceforge.net/) ↗️ / [EN] [DirBuster](https://gitlab.com/kalilinux/packages/dirbuster) ↗️ / [EN] [Gobuster](https://github.com/OJ/gobuster)  ↗️ - [EN] [IIS ShortName Scanner](https://github.com/irsdl/IIS-ShortName-Scanner)  ↗️ - [EN] [XSS Payloads](http://www.xss-payloads.com/index.html) ↗️ - [EN] [theHarvester](https://github.com/laramies/theHarvester)  ↗️ - [EN] [Wfuzz](https://wfuzz.readthedocs.io/en/latest/) ↗️ --- ## References - [EN] [CTF Field Guide](https://trailofbits.github.io/ctf/)  ↗️ ---