pwndbg - Exploit Development and Reverse Engineering with GDB Made Easy

•    Python

---

Exploit Development and Reverse Engineering with GDB Made Easy

gdb peda gdbinit pwndbg reverse-engineering debugging ctf gef hack disassembler ida-pro binary-ninja defcon capture-the-flag malware malware-analysis pwnable

pwntools - CTF framework and exploit development library

•    Python

---

Pwntools is a CTF framework and exploit development library. Written in Python, it is designed for rapid prototyping and development, and intended to make exploit writing as simple as possible. You can now do a live demo of Pwntools, right in your browser.

ctf exploit pwntools ctf-framework shellcode rop pwnable defcon capture-the-flag wargame

Exploit-Writeups - A collection where my current and future writeups for exploits/CTF will go

•    

---

Welcome to my collection of exploit writeups. This repo is where my current and future writeups for public exploits, vulnerability research, and CTF challenge solves will go. Below is a directory of the current writeups that I've published. An overview of the PS4 kernel exploit codenamed "namedobj", which targets a type confusion vulnerability in the sys_namedobj_* Sony system calls. This overview covers the basic exploit strategy required to leverage the type confusion bug into a fully fledged exploit.

exploitation exploit-development capture-the-flag vulnerabilities

dcipher - Decipher hashes using online rainbow & lookup table attack services.

•    Javascript

---

Decipher hashes using online rainbow & lookup table attack services. Returns the plaintext value of a hash.

dcipher hash decipher crack cracking password rainbow-table ctf capture-the-flag nodejs md5 sha lookup table

dcipher-cli - Crack hashes using online rainbow & lookup table attack services, right from your terminal

•    Javascript

---

Crack hashes using online rainbow & lookup table attack services, right from your terminal.

dcipher hash decipher crack cracking password rainbow-table ctf capture-the-flag nodejs cli md5 sha table

cracknet - A

•    CSharp

---

A .net Crackme Challenge made for the SecTalks Brisbane 2017 CTF Event. Note that this is a debug build and not a release build, due to compiler instructions. Only the executable needs to be included for the challenge.

ctf ctf-writeups ctf-solutions capture-the-flag reverse-engineering decompile challenges ctf-challenges security vulnerable-application vulnerable radare2 ida challenge writeup

stegextract - Detect hidden files and text in images

•    Shell

---

Bash script to extract hidden files and strings from images. Stegextract extracts any trailing data after the image's closing bytes, and any hidden files (or other images) embedded within the image. Short byte combinations such as JPEG's FFD8 FFE0 might sometimes create false positives. Manually reviewing the hexdump is sometimes inevitable in cases of highly complex embedded files. Stegextract is not the solution for any color/pixel/filter/LSB related Steganography, nor does it try to be. It relies on magic numbers, hexdumps and binary data alone. Currently supports PNG, JPG, and GIF.

steganography ctf stego capture-the-flag extraction extract-images images hidden-files penetration-testing bash steg

phdctf-2017 - PHDays Online CTF 2017. Developed with ♥ by Hackerdom team

•    C

---

PHDays CTF2017 is an online international challenge in the information security. Developed by Hackerdom team for PHDays VII forum. The contest is driven by classic rules (Attack-Defense CTF) Each team is given a set of vulnerable services. Organizers regulary fill services with private information — the flags. The goal of each team is to find vulnerabilities, fix them in their services and exploit them in order to get flags from other teams.

ctf attack-defense hackerdom phdays vulnerabilities capture-the-flag

juice-shop-ctf - Capture-the-Flag (CTF) environment setup tools for OWASP Juice Shop

•    Javascript

---

The NPM package juice-shop-ctf-cli lets you create a archive files for conveniently import OWASP Juice Shop challenges into different Capture the Flag frameworks. This allows you to populate a CTF game server in a matter of minutes. Then follow the instructions of the interactive command line tool.

owasp ctf ctfd application-security capture-the-flag pentesting hacking owasp-juice-shop ctfd-database ctfd-setup web-security web-application-security webappsec pentest security vulnerable vulnerability broken cli

game-of-thrones-hacking-ctf - Game of Thrones hacking CTF (Capture the flag)

•    

---

This is a challenge-game to measure your hacking skills. Set in Game of Thrones fantasy world. Get the 7 kingdom flags and the 4 extra content flags (3 secret flags + final battle flag). There are 11 in total.

hacking ctf capture-the-flag vmware virtualbox pentesting game-of-thrones cybersecurity ova challenge-vm

ctfnmap - An easy way to manage nmap scans during a CTF

•    Go

---

An easy way to manage nmap scans during a CTF

security scanner memes nmap capture-the-flag

basecrack - Decode All Bases - Base Scheme Decoder

•    Python

---

BaseCrack is a tool written in Python that can decode all alphanumeric base encoding schemes. This tool can accept single user input, multiple inputs from a file, input from argument, multi-encoded bases, bases in image EXIF data, bases on images with OCR and decode them incredibly fast. Decode Base16, Base32, Base36, Base58, Base62, Base64, Base64Url, Base85, Ascii85, Base91, Base92 and more with the best base encoding scheme decoding tool in town. It's useful for CTFs, Bug Bounty Hunting, and Cryptography (NOTE: Base Encoding is not an "Encryption" hence it doesn't fall under the Cryptography category, it's useful as base scheme encoding are often used in cryptography tools/projects/challenges).

cryptography base64 tool decoder base32 base58 base16 decode infosec ctf capture-the-flag bugbounty base ctf-tools encoder-decoder decoders cryptography-tools decode-strings cryptography-project