Leaderboard

Interesanta aceasta chestie. Vreau sa fac un tutorial mai detaliat pe forum despre cum se exploateaza

ctf-tools This is a collection of setup scripts to create an install of various security research tools. Of course, this isn't a hard problem, but it's really nice to have them in one place that's easily deployable to new machines and so forth. Installers for the following tools are included: Category Tool Description binary afl State-of-the-art fuzzer. binary angr Next-generation binary analysis engine from Shellphish. binary barf Binary Analysis and Reverse-engineering Framework. binary bindead A static analysis tool for binaries. binary checksec Check binary hardening settings. binary codereason Semantic Binary Code Analysis Framework. binary crosstool-ng Cross-compilers and cross-architecture tools. binary cross2 A set of cross-compilation tools from a Japanese book on C. binary elfkickers A set of utilities for working with ELF files. binary elfparser Quickly determine the capabilities of an ELF binary through static analysis. binary evilize Tool to create MD5 colliding binaries binary gdb Up-to-date gdb with python2 bindings. binary gef Enhanced environment for gdb. binary hongfuzz A general-purpose, easy-to-use fuzzer with interesting analysis options. binary libheap gdb python library for examining the glibc heap (ptmalloc) binary panda Platform for Architecture-Neutral Dynamic Analysis. binary pathgrind Path-based, symbolically-assisted fuzzer. binary peda Enhanced environment for gdb. binary preeny A collection of helpful preloads (compiled for many architectures!). binary pwndbg Enhanced environment for gdb. Especially for pwning. binary pwntools Useful CTF utilities. binary python-pin Python bindings for pin. binary qemu Latest version of qemu! binary qira Parallel, timeless debugger. binary radare2 Some crazy thing crowell likes. binary ropper Another gadget finder. binary rp++ Another gadget finder. binary shellnoob Shellcode writing helper. binary shellsploit Shellcode development kit. binary snowman Cross-architecture decompiler. binary taintgrind A valgrind taint analysis tool. binary villoc Visualization of heap operations. binary virtualsocket A nice library to interact with binaries. binary wcc The Witchcraft Compiler Collection is a collection of compilation tools to perform binary black magic on the GNU/Linux and other POSIX platforms. binary xrop Gadget finder. forensics binwalk Firmware (and arbitrary file) analysis tool. forensics dislocker Tool for reading Bitlocker encrypted partitions. forensics exetractor Unpacker for packed Python executables. Supports PyInstaller and py2exe. forensics firmware-mod-kit Tools for firmware packing/unpacking. forensics pdf-parser Tool for digging in PDF files forensics peepdf Powerful Python tool to analyze PDF documents. forensics scrdec A decoder for encoded Windows Scripts. forensics testdisk Testdisk and photorec for file recovery. crypto cribdrag Interactive crib dragging tool (for crypto). crypto foresight A tool for predicting the output of random number generators. To run, launch "foresee". crypto featherduster An automated, modular cryptanalysis tool. crypto hashkill Hash cracker. crypto hashpump A tool for performing hash length extension attaacks. crypto hashpump-partialhash Hashpump, supporting partially-unknown hashes. crypto hash-identifier Simple hash algorithm identifier. crypto littleblackbox Database of private SSL/SSH keys for embedded devices. crypto msieve Msieve is a C library implementing a suite of algorithms to factor large integers. crypto pemcrack SSL PEM file cracker. crypto pkcrack PkZip encryption cracker. crypto python-paddingoracle Padding oracle attack automation. crypto reveng CRC finder. crypto ssh_decoder A tool for decoding ssh traffic. You will need ruby1.8 from https://launchpad.net/~brightbox/+archive/ubuntu/ruby-ng to run this. Run with ssh_decoder --help for help, as running it with no arguments causes it to crash. crypto sslsplit SSL/TLS MITM. crypto xortool XOR analysis tool. crypto yafu Automated integer factorization. web burpsuite Web proxy to do naughty web stuff. web commix Command injection and exploitation tool. web dirb Web path scanner. web dirsearch Web path scanner. web mitmproxy CLI Web proxy and python library. web sqlmap SQL injection automation engine. web subbrute A DNS meta-query spider that enumerates DNS records, and subdomains. stego sound-visualizer Audio file visualization. stego steganabara Another image steganography solver. stego stegdetect Steganography detection/breaking tool. stego stegsolve Image steganography solver. stego zsteg detect stegano-hidden data in PNG & BMP. android apktool Dissect, dis-assemble, and re-pack Android APKs android android-sdk The android SDK (adb, emulator, etc). misc z3 Theorem prover from Microsoft Research. misc jdgui Java decompiler. misc veles Binary data analysis and visulalization tool. Sursa: https://github.com/zardus/ctf-tools

Testing

< .I. > "<stim ca/ma-ta-i grasa=alert('testingboss suge pula')>"

Pentru ce jignirile?