Une liste d'outils à utiliser dans nos CTFs
- Burpsuite (intercept proxy): https://portswigger.net/burp/
- Firebug (javascript debugger): https://addons.mozilla.org/en-US/firefox/addon/firebug/
- http request inspection : https://requestb.in/
- Hopper Dissasembler (tool used to analyze a binary file's source code): https://www.hopperapp.com/download.html
- .NET deobfuscator and unpacker : https://github.com/0xd4d/de4dot
- .NET decompiler : https://www.jetbrains.com/decompiler/
- C++ decompiler : https://github.com/yegord/snowman
- Python decompiler : https://github.com/wibiti/uncompyle2
- Experimental program showing what software do : https://github.com/p-e-w/maybe
- Windows debugger with kernel driver to bypass most anti-reverse tech : http://www.cheatengine.org/
- Unfashionable one click to pwn tool : http://www.fastandeasyhacking.com/
- Classic https stripping for MITM : https://moxie.org/software/sslstrip/
- Arpspoofing : https://linux.die.net/man/8/arpspoof
- Nifty tool to enumerate domain name : https://github.com/darkoperator/dnsrecon (rtfm and use -g)
- Doitall recon : https://github.com/1N3/Sn1per
- Webapp frameworks enumeration : https://wappalyzer.com/
- Nmap with a GUI : https://nmap.org/zenmap/
- John The Ripper (Password cracker): http://www.openwall.com/john/
- hashcat (Password Cracker w/ GPGPU support): https://hashcat.net/hashcat/
- when wolframalpha is not enough : http://www.sagemath.org/index.html
- when you have many number you know should have a relationship but you don't know which : https://oeis.org/
- wxHexEditor (an hexadecimal editor to view hidden code in files): http://www.wxhexeditor.org/
- xmount (mounts .E01 files): https://www.scribd.com/doc/102289586/Mounting-E01-images-of-Physical-Disks-in-Linux-Ubuntu-12-04
- pdfinfo(a tool to view information in a pdf file)
- quick check for photo alterations (w/ compression analysis) : http://fotoforensics.com/
- Best font for extended reversing (or how to stay sane) : https://github.com/adobe-fonts/source-code-pro
- Best libre diff tool : http://kdiff3.sourceforge.net/
- For all your conversion needs : https://kt.pe/tools.html#conv/
- API for getting info about ip/location : https://ifconfig.co/