#Ctf
Showing 60 of 1204 repositories tagged #ctf, ranked by stars
An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.
⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡
A collection of hacking / penetration testing resources to make you better!
CTF framework and exploit development library
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
A curated list of CTF frameworks, libraries, resources and softwares
Exploit Development and Reverse Engineering with GDB & LLDB Made Easy
Come and join us, we need you!
GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux
CTFs as you need them
Platform to host Capture the Flag competitions
Monitor linux processes without root permissions
Course materials for Modern Binary Exploitation by RPISEC
ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Google CTF
CTF竞赛权威指南
【Hello CTF】题目配套,免费开源的CTF入门教程,针对0基础新手编写,同时兼顾信息差的填补,对各阶段的CTFer都友好的开源教程,致力于CTF和网络安全的开源生态!
Hosted Reverse Shell generator with a ton of functionality. -- (Great for CTFs)
Snoop — инструмент разведки на основе открытых данных (OSINT world)
A huge chunk of my personal notes since I started playing CTFs and working as a Red Teamer.
😎 🔗 Awesome list about all kinds of resources for learning Ethical Hacking and Penetration Testing.
This cheasheet is aimed at the CTF Players and Beginners to help them understand the fundamentals of Privilege Escalation with examples.
Automatic SSRF fuzzer and exploitation tool
👻Stowaway -- Multi-hop Proxy Tool for pentesters
Fully featured and community-driven hacking environment
Web CTF CheatSheet 🐈
Agent skills for solving CTF challenges - web exploitation, binary pwn, crypto, reverse engineering, forensics, OSINT, and more
CTF challenge (mostly pwn) files, scripts etc
A tool designed to exploit a privilege escalation vulnerability in the sudo program on Unix-like systems. It takes advantage of a specific misconfiguration or flaw in sudo to gain elevated privileges on the system, essentially allowing a regular user to execute commands as the root user.
A collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me
The best tool for finding one gadget RCE in libc.so.6
A deliberately vulnerable CI/CD environment. Learn CI/CD security through multiple challenges.
Venom - A Multi-hop Proxy for Penetration Testers
Wiki-like CTF write-ups repository, maintained by the community. 2017
红/蓝队环境自动化部署工具 | Red/Blue team environment automation deployment tool
The next-generation CTF Swiss Army Knife powered by Rust & Tauri. Features a visual node-based workflow and local AI intelligence for extreme performance and automation.China's first CTFTools framework.
OFRAK: unpack, modify, and repack binaries.
Writeups for HacktheBox 'boot2root' machines
跨平台密码学工具箱。包含编解码,编码转换,加解密, 哈希,MAC,签名,大数运算,压缩,二维码功能,CTF等功能。
基于 AI Agent + MCP 工具链 + 渗透 Skill 编排, 配合大语言模型, 自然语言输入 → 自动完成「信息收集 → 漏洞发现 → 漏洞利用 → 报告生成」全流程。
Turn Claude Code into your offensive security research assistant. Specialized AI subagents for authorized penetration testing plan engagements, analyze recon, research exploits, build detections, audit STIGs, and write reports.
A AI general-purpose state-space search engine, validated first on autonomous penetration testing.
Penelope Shell Handler
Educational, CTF-styled labs for individuals interested in Memory Forensics
Build a database of libc offsets to simplify exploitation
Ctf solutions from p4 team
Here record some tips about pwn. Something is obsoleted and won't be updated. Sorry about that.
🚫 Advanced tool for security researchers to bypass 403/40X restrictions through smart techniques and adaptive request manipulation. Fast. Precise. Effective.
Macro-header for compile-time C obfuscation (tcc, win x86/x64)
基于Memprocfs和Volatility的可视化内存取证工具
GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes. - Do not use for illegal testing ;)
各种安全相关思维导图整理收集。渗透步骤,web安全,CTF,业务安全,人工智能,区块链安全,数据安全,安全开发,无线安全,社会工程学,二进制安全,移动安全,红蓝对抗,运维安全,风控安全,linux安全
🔗 Don't know what type of hash it is? Name That Hash will name that hash type! 🤖 Identify MD5, SHA256 and 300+ other hashes ☄ Comes with a neat web app 🔥
BurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite). 支持多种加密算法或直接执行JS代码的用于爆破前端加密的BurpSuite插件
Library consisting of explanation and implementation of all the existing attacks on various Encryption Systems, Digital Signatures, Key Exchange, Authentication methods along with example challenges from CTFs
A curated list of awesome privilege escalation
Everything for pentest. | 渗透测试知识库,以 AI Agent 可执行的格式沉淀安全方法论。
The GZ::CTF project, an open source CTF platform.
A collection of essential and foundational cybersecurity knowledge, thoughtfully organized for easy comprehension.