References for various tools or resources for playing CTF's or conducting pentests
- ghidra | Reverse Engineering Framework
- gdb | Gnu Debugger for binaries
- radare2 | Dynamic Binary Analysis
- Imhex | Hex Editor especially for Reversing
- strings | Extract all strings from a file
- metasploit | Exploit Toolkit
- searchsploit / exploitdb | Let's you search exploit db in the command line
- sqlmap | Exploit tool for sql injection.
- gobuster | Path / Folder enumeration in URL's
- Burp Suite (Free Community Edition) | Web Proxy
- Zap | Web Proxy
- CeWL | Custom Wordlist Generator
- ffuf | Enumeration Tool for URL's
- hydra | Bruteforce Tool
- Wireshark | Network Packet Analyzer / Listener
- Netcat | Commandlinetool to interact with services
- Swaks | Tool to interact with SMTP
- nmap | classic port scanner
- plink.exe | can be used to port forward on windows machines
- chisel | network pivoting tool
- perl-image-exiftool | Tool to view metadata of images
- foremost | Let's you extract hidden data from a file
- imagemagick | Similar to exiftool. Let's you view image meta data
- stegextract | Extracts hidden information in images
- stegsolve | Similar to stegextract, extract hidden information in images
- stegoveritas | Tool for stego does a lot
- binwalk | Extracting Files in another File
- imgclip | Extracts text from image
- tldr | Better man pages / short intro to the command and examples
- sqsh | Client for MSSQL
- beam | OpenVPN File Manager
- john (John The Ripper) | Password Cracker
- hashcat | Password Cracker
- hashid | Hash Identifier
- Volatility | Memory Forensic Tool
- Webhooks | Web-based application to capture incoming requests
- Debuggex | Reggex Viewer
- ngrok | Tool for hosting a local port to the outside (still need to check to out)
- Impacket | Network Toolkit in Python
- PowerView | Tool for interacting with Active Directory
To see some useful tricks and tips see tips.md