stego-toolkit - Collection of steganography tools - helps with CTF challenges

  •        438

This project is a Docker image useful for solving Steganography challenges as those you can find at CTF platforms like hackthebox.eu. The image comes pre-installed with many popular tools (see list below) and several screening scripts you can use check simple things (for instance, run check_jpg.sh image.jpg to get a report for a JPG file). First make sure you have Docker installed (how to). Then you can use the shell scripts bin/buid.sh and bin/run.sh in this repo to build the image and run the container. You will be dropped into a bash shell inside the container. It will have the data folder mounted, into which you can put the files to analyze.

https://github.com/DominicBreuker/stego-toolkit

Tags
Implementation
License
Platform

   




Related Projects

Cloakify - CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings; Evade DLP/MLS Devices; Defeat Data Whitelisting Controls; Social Engineering of Analysts; Evade AV Detection

  •    Python

CloakifyFactory & the Cloakify Toolset - Data Exfiltration & Infiltration In Plain Sight; Evade DLP/MLS Devices; Social Engineering of Analysts; Defeat Data Whitelisting Controls; Evade AV Detection. Text-based steganography using lists. Convert any file type (e.g. executables, Office, Zip, images) into a list of everyday strings. Very simple tools, powerful concept, limited only by your imagination. For a quick start on CloakifyFactory, see the cleverly titled file "README_GETTING_STARTED.txt" in the project for a walkthrough.

dive - A tool for exploring each layer in a docker image

  •    Go

dive is a tool for exploring a docker image, layer contents, and discovering ways to shrink the size of your Docker/OCI image. To analyze a Docker image simply run dive with an image tag / id / digest.

image-syncer - Docker image synchronization tool for Docker Registry V2 based services

  •    Go

image-syncer is a docker registry tools. With image-syncer you can synchronize docker images from some source registries to target registries, which include most popular public docker registry services. After v1.2.0, image-syncer supports both YAML and JSON format, and origin config file can be split into "auth" and "images" file. A full list of examples can be found under example, meanwhile the older version of configuration file is still supported via --config flag.

v0lt - Security CTF Toolkit (Not maintained anymore)

  •    Python

v0lt is an attempt to regroup every tool I used/use/will use in security CTF, Python style. A lot of exercises were solved using bash scripts but Python may be more flexible, that's why. Nothing to do with Gallopsled. It's a toy toolkit, with small but specific utils only.


gs-spring-boot-docker - Spring Boot with Docker :: Learn how to create a Docker container from a Spring Boot application with Maven or Gradle

  •    Java

This guide walks you through the process of building a Docker image for running a Spring Boot application. Docker is a Linux container management toolkit with a "social" aspect, allowing users to publish container images and consume those published by others. A Docker image is a recipe for running a containerized process, and in this guide we will build one for a simple Spring boot application.

android - Android Docker image

  •    Dockerfile

Android Docker image, based on the Bitrise Base Docker image ( https://github.com/bitrise-docker/android / bitriseio/docker-bitrise-base ), and extends it with pre-installed Android tools/setup. This docker image is pre-cached on the related bitrise.io Virtual Machines.

Image Steganography

  •    DotNet

'Image Steganography' allows you to embed text and files into images, with optional encryption.

source-to-image - A tool for building/building artifacts from source and injecting into docker images

  •    Go

Source-to-Image (S2I) is a toolkit and workflow for building reproducible Docker images from source code. S2I produces ready-to-run images by injecting source code into a Docker container and letting the container prepare that source code for execution. By creating self-assembling builder images, you can version and control your build environments exactly like you use Docker images to version your runtime environments.For a deep dive on S2I you can view this presentation.

Network Security Toolkit (NST)

  •    Javascript

Network Security Toolkit (NST) is a bootable ISO image (Live DVD) based on Fedora 18 providing easy access to best-of-breed Open Source Network Security Applications and should run on most x86/x86_64 platforms. The main intent of developing this toolkit was to provide the network security administrator with a comprehensive set of Open Source Network Security Tools. The majority of tools published in the article: Top 125 Security Tools by INSECURE.ORG are available in the toolkit. An advanc

ignite - Ignite a Firecracker microVM

  •    Go

Weave Ignite is an open source Virtual Machine (VM) manager with a container UX and built-in GitOps management. Ignite makes Firecracker easy to use by adopting its developer experience from containers. With Ignite, you pick an OCI-compliant image (Docker image) that you want to run as a VM, and then just execute ignite run instead of docker run. There’s no need to use VM-specific tools to build .vdi, .vmdk, or .qcow2 images, just do a docker build from any base image you want (e.g. ubuntu:18.04 from Docker Hub), and add your preferred contents.

infrakit - A toolkit for creating and managing declarative, self-healing infrastructure.

  •    Go

InfraKit is a toolkit for infrastructure orchestration. With an emphasis on immutable infrastructure, it breaks down infrastructure automation and management processes into small, pluggable components. These components work together to actively ensure the infrastructure state matches the user's specifications. InfraKit therefore provides infrastructure support for higher-level container orchestration systems and can make your infrastructure self-managing and self-healing. In this video, InfraKit was used to build a custom linux operating system (based on linuxkit). We then deployed a cluster of virtual machine instances on a local Mac laptop using the Mac Xhyve hypervisor (HyperKit). A cluster of 3 servers booted up in seconds. Later, after the custom OS image has been updated with a new public key, InfraKit detects the change and orchestrates a rolling update of the nodes. We then deploy the same OS image to a bare-metal ARM server running on Packet.net, where the server uses custom ipxe boot directly from the localhost. It demonstrates some of the key concepts and components in InfraKit and shows how InfraKit can be used to implement an integrated workflow from custom OS image creation to cluster deployment and Day N management. The entire demo is published as a playbook, and you can create your own playbooks too.

deploykit - A toolkit for creating and managing declarative, self-healing infrastructure.

  •    Go

InfraKit is a toolkit for infrastructure orchestration. With an emphasis on immutable infrastructure, it breaks down infrastructure automation and management processes into small, pluggable components. These components work together to actively ensure the infrastructure state matches the user's specifications. InfraKit therefore provides infrastructure support for higher-level container orchestration systems and can make your infrastructure self-managing and self-healing. In this video, InfraKit was used to build a custom linux operating system (based on linuxkit). We then deployed a cluster of virtual machine instances on a local Mac laptop using the Mac Xhyve hypervisor (HyperKit). A cluster of 3 servers booted up in seconds. Later, after the custom OS image has been updated with a new public key, InfraKit detects the change and orchestrates a rolling update of the nodes. We then deploy the same OS image to a bare-metal ARM server running on Packet.net, where the server uses custom ipxe boot directly from the localhost. It demonstrates some of the key concepts and components in InfraKit and shows how InfraKit can be used to implement an integrated workflow from custom OS image creation to cluster deployment and Day N management. The entire demo is published as a playbook, and you can create your own playbooks too.

DockerSlim (docker-slim) - Optimize and secure your Docker containers

  •    Go

Docker slim minify's and secure's Docker containers. Keep doing what you are doing. No need to change anything. Use the base image you want. Use the package manager you want. Don't worry about hand optimizing your Dockerfile. You shouldn't have to throw away your tools and your workflow to have small container images.

autopwn - Specify targets and run sets of tools against them

  •    Python

autopwn is designed to make a pentester's life easier and more consistent by allowing them to specify tools they would like to run against targets, without having to type them in a shell or write a script. This tool will probably be useful during certain exams as well.. It is recommended that you use the docker image while exposing TCP 5000 for autopwn clients to connect to. This is because the autopwn docker image is already setup (tools are installed and in the right place).

Digital Invisible Ink Toolkit

  •    Java

This project provides a simple Java-based steganography tool that can hide a message inside a 24-bit colour image so that knowing how it was embedded, or performing statistical analysis, does not make it any easier to find the concealed information.

awesome-docker - :whale: A curated list of Docker resources and projects

  •    Javascript

A curated list of Docker resources and projects Inspired by @sindresorhus' awesome and improved by these amazing contributors. The creators and maintainers of this list do not receive any form of payment to accept a change made by any contributor. This page is not an official Docker product in any way. It is a list of links to projects and is maintained by volunteers. Everybody is welcome to contribute. The goal of this repo is to index open-source projects, not to advertise for profit.

serverless-image-resizing - CloudFormation template to resize images on-the-fly using Amazon API Gateway, AWS Lambda, and Amazon S3

  •    Javascript

Resizes images on the fly using Amazon S3, AWS Lambda, and Amazon API Gateway. Using a conventional URL structure and S3 static website hosting with redirection rules, requests for resized images are redirected to a Lambda function via API Gateway which will resize the image, upload it to S3, and redirect the requestor to the resized image. The next request for the resized image will be served from S3 directly.Use the Amazon Linux Docker container image to build the package using your local system. This repo includes Makefile that will download Amazon Linux, install Node.js and developer tools, and build the extensions using Docker. Run make all.

jsteg - JPEG steganography

  •    Go

jsteg is a package for hiding data inside jpeg files, a technique known as steganography. This is accomplished by copying each bit of the data into the least-significant bits of the image. The amount of data that can be hidden depends on the filesize of the jpeg; it takes about 10-14 bytes of jpeg to store each byte of the hidden data. Note that the data is not demarcated in any way; the caller is responsible for determining which bytes of hidden it cares about. The easiest way to do this is to prepend the data with its length.

dockramp - A Client Driven Docker Image Builder

  •    Go

Docker 1.8.0 will introduce a new API endpoint for copying files and directories into a container. With this addition, anyone can now implement their own build system using the Docker Remote API. Dockramp is the first proof of concept for an alternative to docker build.Builds will no longer wait to begin while your client uploads a (sometimes large) context directory to the Docker daemon. In Dockramp, files and directories are only transfered when they need to be: on a COPY or EXTRACT instruction. You'll notice that builds start much faster than they ever would have using docker build.






We have large collection of open source products. Follow the tags from Tag Cloud >>


Open source products are scattered around the web. Please provide information about the open source projects you own / you use. Add Projects.