awesome-ctf - A curated list of CTF frameworks, libraries, resources and softwares

  •        43

A curated list of Capture The Flag (CTF) frameworks, libraries, resources, softwares and tutorials. This list aims to help starters as well as seasoned CTF players to find everything related to CTFs at one place.Please take a quick look at the contribution guidelines first.

http://github.com/apsdehal/awesome-ctf
https://github.com/apsdehal/awesome-ctf

Tags
Implementation
License
Platform

   




Related Projects

RootTheBox - A Game of Hackers (CTF Scoreboard & Game Manager)

  •    HTML

Root the Box is a real-time scoring engine for computer wargames where hackers can practice and learn. The application can be easily configured and modified for any CTF game. Root the Box attempts to engage novice and experienced players alike by combining a fun game-like environment, with realistic challenges that convey knowledge applicable to the real-world, such as penetration testing, incident response, digital forensics and threat hunting. Just as in traditional CTF games, each team or player targets challenges of varying difficulty and sophistication, attempting to collect flags. Root the Box brings additional options to the game. It can be configured to allow the creation of "Botnets" by uploading a small bot program to target machines, which grant periodic rewards with (in-game) money for each bot in the botnet; the larger the botnet the larger the reward. Money can be used to unlock new levels, buy hints to flags, download a target's source code, or even "SWAT" other players by bribing the (in-game) police. Player's "bank account passwords" can also be publically displayed by the scoring engine, allowing players to crack each other's passwords and steal each other's money.

h4cker - This repository is primarily maintained by Omar Santos and includes resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more

  •    Java

This repository includes thousands of cybersecurity-related references and resources and it is maintained by Omar Santos. This GitHub repository has been created to provide supplemental material to several books, video courses, and live training created by Omar Santos and other co-authors. It provides over 6,000 references, scripts, tools, code, and other resources that help offensive and defensive security professionals learn and develop new skills. This GitHub repository provides guidance on how build your own hacking environment, learn about offensive security (ethical hacking) techniques, vulnerability research, exploit development, reverse engineering, malware analysis, threat intelligence, threat hunting, digital forensics and incident response (DFIR), includes examples of real-life penetration testing reports, and more. These courses serve as comprehensive guide for any network and security professional who is starting a career in ethical hacking and penetration testing. It also can help individuals preparing for the Offensive Security Certified Professional (OSCP), the Certified Ethical Hacker (CEH), CompTIA PenTest+ and any other ethical hacking certification. This course helps any cyber security professional that want to learn the skills required to becoming a professional ethical hacker or that want to learn more about general hacking methodologies and concepts.

awesome-pentest - A collection of awesome penetration testing resources, tools and other shiny things

  •    

A collection of awesome penetration testing resources. Penetration testing is the practice of launching authorized, simulated attacks against computer systems and their physical infrastructure to expose potential security weaknesses and vulnerabilities.

VHostScan - A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages

  •    Python

A virtual host scanner that can be used with pivot tools, detect catch-all scenarios, aliases and dynamic default pages. First presented at SecTalks BNE in September 2017 (slidedeck). Dependencies will then be installed and VHostScan will be added to your path. If there is an issue regarding running python3 setup.py build_ext, you will need to reinstall numpy using pip uninstall numpy and pip install numpy==1.12.0. This should resolve the issue as there are sometimes issues with numpy being installed through setup.py.

awesome-infosec - A curated list of awesome infosec courses and training resources.

  •    

A curated list of awesome information security resources, inspired by the awesome-* trend on GitHub. Those resources and tools are intended only for cybersecurity professional and educational use in a controlled environment.


Awesome-Hacking - A collection of various awesome lists for hackers, pentesters and security researchers

  •    

A collection of awesome lists for hackers, pentesters & security researchers. Follow Hack with GitHub on your favorite social media to get daily updates on interesting GitHub repositories related to Security.

awesome-web-security - 🐶 A curated list of Web Security materials and resources.

  •    

🐶 Curated list of Web Security materials and resources.Needless to say, most of websites on-line are suffered from various type of bugs, which might eventually lead to vulnerabilities. Why would this happen so often? Many factors can be involved, including misconfiguration, shortage of engineers' security skills, and etc. Therefore, here is the curated list of Web Security materials and resources for learning the cutting edge penetrating techniques.

awesome-security - A collection of awesome software, libraries, documents, books, resources and cools stuffs about security

  •    

A collection of awesome software, libraries, documents, books, resources and cool stuff about security. Inspired by awesome-php, awesome-python.

write-ups-2017 - Wiki-like CTF write-ups repository, maintained by the community. 2017

  •    Python

This repository aims to solve those problems. It’s a collection of CTF source files and write-ups that anyone can contribute to. Did you just publish a CTF write-up? Let us know, and we’ll add a link to your post — or just add the link yourself and submit a pull request. Spot an issue with a solution? Correct it, and send a pull request.

resources - A general collection of information, tools, and tips regarding CTFs and similar security competitions

  •    

This repository aims to be an archive of information, tools, and references regarding CTF competitions. CTFs, especially for beginners, can be very daunting and almost impossible to approach. With some general overviews of common CTF topics and more in-depth research and explanation in specific technologies both beginners and veterans can learn, contribute, and collaborate to expand their knowledge.

android-security-awesome - A collection of android security related resources

  •    

A collection of android security related resources. Other amazingly awesome lists can be found in the awesome-awesomeness list.

Penetration-Testing - List of awesome penetration testing resources, tools and other shiny things

  •    

List of awesome penetration testing resources, tools and other shiny things

awesome-linux - :penguin: A list of awesome projects and resources that make Linux even more awesome

  •    

We all know that Linux is awesome, but here's a list of especially awesome things related to the Linux ecosystem. You might also want to check awesome-c, awesome-shell, awesome-sysadmin, and awesome-security.

juice-shop - OWASP Juice Shop is an intentionally insecure webapp for security trainings written entirely in Javascript which encompasses the entire OWASP Top Ten and other severe security flaws

  •    Javascript

OWASP Juice Shop is an intentionally insecure web application written entirely in JavaScript which encompasses the entire range of OWASP Top Ten and other severe security flaws. Each packaged distribution includes some binaries for SQLite bound to the OS and node.js version which npm install was executed on.

fbctf - Platform to host Capture the Flag competitions

  •    Hack

The Facebook CTF is a platform to host Jeopardy and “King of the Hill” style Capture the Flag competitions.The FBCTF platform was designed with flexibility in mind, allowing for different types of installations depending on the needs of the end user. The FBCTF platform can be installed either in Development Mode, or Production Mode.

ctf-literature - Collection of free books, papers and articles related to CTF challenges.

  •    HTML

Collection of free books, papers and articles related to CTF challenges.

write-ups-2014 - Wiki-like CTF write-ups repository, maintained by the community. 2014

  •    Python

This repository aims to solve those problems. It’s a collection of CTF source files and write-ups that anyone can contribute to. Did you just publish a CTF write-up? Let us know, and we’ll add a link to your post — or just add the link yourself and submit a pull request. Spot an issue with a solution? Correct it, and send a pull request.

write-ups-2015 - Wiki-like CTF write-ups repository, maintained by the community. 2015

  •    CSS

This repository aims to solve those problems. It’s a collection of CTF source files and write-ups that anyone can contribute to. Did you just publish a CTF write-up? Let us know, and we’ll add a link to your post — or just add the link yourself and submit a pull request. Spot an issue with a solution? Correct it, and send a pull request.