├── .gitignore
├── .travis.yml
└── README.md


/.gitignore:
--------------------------------------------------------------------------------
  1 | 
  2 | # Created by https://www.gitignore.io/api/linux,emacs,vim,osx,windows
  3 | 
  4 | ### Linux ###
  5 | *~
  6 | 
  7 | # temporary files which can be created if a process still has a handle open of a deleted file
  8 | .fuse_hidden*
  9 | 
 10 | # KDE directory preferences
 11 | .directory
 12 | 
 13 | # Linux trash folder which might appear on any partition or disk
 14 | .Trash-*
 15 | 
 16 | 
 17 | ### Emacs ###
 18 | # -*- mode: gitignore; -*-
 19 | *~
 20 | \#*\#
 21 | /.emacs.desktop
 22 | /.emacs.desktop.lock
 23 | *.elc
 24 | auto-save-list
 25 | tramp
 26 | .\#*
 27 | 
 28 | # Org-mode
 29 | .org-id-locations
 30 | *_archive
 31 | 
 32 | # flymake-mode
 33 | *_flymake.*
 34 | 
 35 | # eshell files
 36 | /eshell/history
 37 | /eshell/lastdir
 38 | 
 39 | # elpa packages
 40 | /elpa/
 41 | 
 42 | # reftex files
 43 | *.rel
 44 | 
 45 | # AUCTeX auto folder
 46 | /auto/
 47 | 
 48 | # cask packages
 49 | .cask/
 50 | dist/
 51 | 
 52 | # Flycheck
 53 | flycheck_*.el
 54 | 
 55 | # server auth directory
 56 | /server/
 57 | 
 58 | # projectiles files
 59 | .projectile
 60 | 
 61 | ### Vim ###
 62 | # swap
 63 | [._]*.s[a-w][a-z]
 64 | [._]s[a-w][a-z]
 65 | # session
 66 | Session.vim
 67 | # temporary
 68 | .netrwhist
 69 | *~
 70 | # auto-generated tag files
 71 | tags
 72 | 
 73 | 
 74 | ### OSX ###
 75 | *.DS_Store
 76 | .AppleDouble
 77 | .LSOverride
 78 | 
 79 | # Icon must end with two \r
 80 | Icon
 81 | 
 82 | 
 83 | # Thumbnails
 84 | ._*
 85 | 
 86 | # Files that might appear in the root of a volume
 87 | .DocumentRevisions-V100
 88 | .fseventsd
 89 | .Spotlight-V100
 90 | .TemporaryItems
 91 | .Trashes
 92 | .VolumeIcon.icns
 93 | .com.apple.timemachine.donotpresent
 94 | 
 95 | # Directories potentially created on remote AFP share
 96 | .AppleDB
 97 | .AppleDesktop
 98 | Network Trash Folder
 99 | Temporary Items
100 | .apdisk
101 | 
102 | 
103 | ### Windows ###
104 | # Windows image file caches
105 | Thumbs.db
106 | ehthumbs.db
107 | 
108 | # Folder config file
109 | Desktop.ini
110 | 
111 | # Recycle Bin used on file shares
112 | $RECYCLE.BIN/
113 | 
114 | # Windows Installer files
115 | *.cab
116 | *.msi
117 | *.msm
118 | *.msp
119 | 
120 | # Windows shortcuts
121 | *.lnk
122 | 


--------------------------------------------------------------------------------
/.travis.yml:
--------------------------------------------------------------------------------
 1 | language: ruby
 2 | rvm:
 3 |   - 2.2
 4 | before_script:
 5 |   - gem install awesome_bot
 6 | script:
 7 |   - awesome_bot README.md
 8 | notifications:
 9 |   email: false
10 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # Tools
 2 | 
 3 | > Tools of the trade
 4 | 
 5 | ## General
 6 | 
 7 | + Good Linux machine or VM either via VMware, VirtualBox, or vagrant - would suggest Ubuntu 14.04 LTS
 8 | + Python (both 2.7 and 3)
 9 | + Hex Editor (ghex recommended)
10 | 
11 | ## Binary exploitation/reversing
12 | 
13 | + [IDA](https://www.hex-rays.com/products/ida/index.shtml) (Demo, if not Pro)
14 | + [gdb](https://www.gnu.org/software/gdb/)
15 | + [PEDA](https://github.com/longld/peda) - makes gdb far more usable
16 | + [qira](http://qira.me/) - if you can get it to work & understand it
17 | + [checksec](https://github.com/slimm609/checksec.sh) - peda can give the same info though
18 | + [pwntools](https://pwntools.readthedocs.io/en/stable/) - makes pwning easier
19 | + [radare2](https://github.com/radare/radare2) - reverse engineering framework
20 | + [angr](https://github.com/angr/angr) - a binary analysis framework with a great symbolic execution engine
21 | + [fupy](https://github.com/gdelugre/fupy) - fast and dirty python decompiler
22 | + [JD-GUI](https://github.com/java-decompiler/jd-gui) - java decompiler
23 | + [Java Decompilers](http://www.javadecompilers.com) - Online decompiler for Java and Android APKs
24 | + [syms2elf](https://github.com/danigargu/syms2elf) - A plugin for Hex-Ray's IDA Pro and radare2 to export the symbols recognized to the ELF symbol table 
25 | 
26 | ## Cryptography
27 | 
28 | + [Rumkin ciphers](http://rumkin.com/tools/cipher/) - multiple (ancient) crypto stuff
29 | + [quipqiup](https://quipqiup.com/) - solving cryptograms
30 | + [xortool](https://github.com/hellman/xortool) - solving multi-byte xor cipher
31 | + [rsatool](https://github.com/ius/rsatool) - to calculate rsa params
32 | + [featherduster](https://github.com/nccgroup/featherduster) -  An automated, modular cryptanalysis tool
33 | + [attackrsa](https://github.com/rk700/attackrsa) -  An all-in-one tool including many common attacks against RSA problems in CTF
34 | + [RsaCTFtool](https://github.com/sourcekris/RsaCtfTool) - An automated tool to crack public keys of rsa using various standard techniques
35 | + [Untwister](https://github.com/altf4/untwister) - A seed recovery tool for various PRNGs
36 | 
37 | ## Forensics
38 | + [Foremost](http://foremost.sourceforge.net/) - recover hidden files
39 | + [Binwalk](https://github.com/ReFirmLabs/binwalk) - find offsets of files which are concatenated contiguously
40 | + [Autopsy](https://github.com/sleuthkit/autopsy) - find deleted files from harddisk dumps
41 | + [Wireshark](https://www.wireshark.org/) - analyze network captures
42 | + [Stegsolve](http://www.ww.caesum.com/handbook/Stegsolve.jar)
43 | + [Cloudshark](https://www.cloudshark.org) - Analyze network captures online
44 | + [John The Ripper](http://www.openwall.com/john/) - password cracking tool
45 | + [Stegosaurus](https://bitbucket.org/jherron/stegosaurus/src) - tool that allows embedding arbitrary payloads in Python bytecode (pyc or pyo) files
46 | 
47 | ## Web exploitation
48 | + [GitTools](https://github.com/internetwache/GitTools) - downloads exposed .git repo of vulnearable websites
49 | + [SQLMap](https://github.com/sqlmapproject/sqlmap) - automated sql injection
50 | + [Hackbar](https://addons.mozilla.org/en-US/firefox/addon/hackbar/) - indispensible addon for web exploitation in firefox
51 | + [CookieManager](https://addons.mozilla.org/en-US/firefox/addon/cookies-manager-plus/) - addon for firefox
52 | + [Postman](https://chrome.google.com/webstore/detail/postman/fhbjgbiflinjbdggehcddcbncdddomop?hl=en) - add on for chrome.
53 | + [requests](https://github.com/requests/requests) - python library used for sending HTTP requests
54 | + [Wfuzz](http://www.edge-security.com/wfuzz.php) - to detect directories and pages on the server using common wordlists.
55 | + [XSS Payloads](https://github.com/nettitude/xss_payloads)
56 | 


--------------------------------------------------------------------------------