Tools

1. Cryptography

 

  • CyberChef: A tool for encoding, decoding, and performing cryptographic operations.
  • Hashcat & John the Ripper: Password-cracking tools useful for hash challenges.
  • RSACTFTool: Specializes in breaking weak RSA encryption.
  • OpenSSL: A versatile tool for encryption, decryption, and certificate management.

2. Forensics

 

  • Autopsy & Sleuth Kit: Comprehensive digital forensics platforms for file analysis and recovery.
  • Binwalk: Extracts and analyzes firmware and binary files.
  • ExifTool: Extracts metadata from files, useful for examining hidden data in images.
  • Volatility: A memory analysis tool for exploring memory dumps.
  • Metadata2Go: Useful for examining metadata in image files to detect clues, such as GPS coordinates or camera details, that might reveal hidden information.

3. Binary Exploitation

 

  • Ghidra & Radare2: Advanced reverse engineering tools for analyzing binary files.
  • GDB (GNU Debugger): Essential for debugging and examining binaries in real-time.
  • pwntools: A Python library that simplifies exploit development.
  • ROPgadget: Helps find "Return-Oriented Programming" (ROP) gadgets within binaries for crafting exploits.

4. Reverse Engineering

 

  • IDA Free & Ghidra: Powerful disassemblers for analyzing executable files.
  • Hopper: A reverse engineering tool for decompiling binaries, useful for beginners.
  • Radare2: Open-source framework for reverse engineering and binary manipulation.
  • strings: Extracts readable strings from binary files to find clues or hints.

5. Web Exploitation

 

  • Burp Suite Community Edition: A web proxy and scanner for inspecting HTTP requests.
  • sqlmap: An automated SQL injection tool.
  • Nikto: A web server scanner that identifies vulnerabilities and misconfigurations.
  • Gobuster or Dirbuster: Directory brute-forcers for discovering hidden directories or files.

6. Networking / Traffic Analysis

 

  • Wireshark: Analyzes packet captures, crucial for identifying network traffic patterns.
  • Tcpdump: Command-line tool for capturing network packets.
  • NetworkMiner: A network forensics tool for analyzing packet captures.
  • Scapy: A Python library for network packet manipulation and analysis.

7. Steganography

 

  • Steghide: A tool for hiding or extracting data from images and audio files.
  • OpenStego: A free, open-source tool for embedding hidden messages within image files, as well as extracting them.
  • zsteg: A tool for detecting hidden data in PNG and BMP files.
  • Outguess: Another steganography tool commonly used for embedding data in images.

8. OSINT (Open Source Intelligence)

 

  • Maltego: Visual link analysis tool for mapping relationships and connections.
  • theHarvester: A tool for gathering information on domains, emails, IPs, and URLs.
  • Recon-ng: A full-featured web reconnaissance framework.
  • Google Dorks: Leveraging Google search for specific inurl, intitle, and other operators.

 

 

  

 

*Some sites appear in multiple categories, indicating that they offer resources across various topics.