Essential tools and reference materials for CTF competition
Industry-standard penetration testing distribution with hundreds of pre-installed security tools. Includes everything from network scanners to exploit frameworks, making it the go-to platform for CTF competitions.
Visit Kali LinuxProfessional web application security testing tool. Essential for web exploitation challenges, offering proxy interception, vulnerability scanning, and manual testing capabilities. Free Community Edition available.
Visit Burp SuiteFree reverse engineering framework developed by the NSA. Powerful disassembler and decompiler supporting multiple architectures. Excellent alternative to commercial tools like IDA Pro for binary analysis.
Visit GhidraIndustry-standard network protocol analyzer. Essential for network security and forensics challenges. Allows deep inspection of network traffic and supports hundreds of protocols with powerful filtering capabilities.
Visit WiresharkPython library for rapid exploit development. Simplifies interaction with binaries, network connections, and shellcode generation. Widely used in CTF competitions for binary exploitation challenges.
Visit pwntoolsWeb-based data manipulation tool for encryption, encoding, compression, and data analysis. Invaluable for cryptography and forensics challenges, offering hundreds of operations in a single interface.
Visit CyberChefAuthoritative list of the most critical web application security risks. Essential reading for web exploitation challenges. Provides detailed explanations, examples, and remediation strategies for common vulnerabilities.
Visit OWASPComprehensive archive of exploits and vulnerable software. Searchable database maintained by Offensive Security. Essential reference for finding proof-of-concept exploits and understanding vulnerability details.
Visit Exploit DBExcellent YouTube channel covering binary exploitation, reverse engineering, and CTF walkthroughs. Clear explanations and practical demonstrations make complex topics accessible to learners at all levels.
Visit LiveOverflowHigh-quality Hack The Box machine walkthroughs on YouTube. Detailed explanations of enumeration, exploitation, and privilege escalation techniques. Excellent for learning practical penetration testing methodology.
Visit IppSecComprehensive guide covering all major CTF categories with tools, techniques, and examples. Open-source resource maintained by the CTF community. Excellent starting point for understanding CTF challenges.
Visit CTF Field GuideReddit community focused on network security, penetration testing, and cybersecurity news. Active discussion of tools, techniques, and industry developments. Great place to ask questions and learn from experienced practitioners.
Visit r/netsecSpecialized platform focused on binary exploitation and reverse engineering challenges. Progressive difficulty from basic buffer overflows to advanced heap exploitation. Excellent for developing pwn skills.
Visit pwnable.krInteractive cryptography learning platform with challenges covering modern and classical cryptography. Learn by solving problems with immediate feedback. Covers everything from basic ciphers to advanced cryptographic protocols.
Visit CryptoHackFocused platform dedicated to teaching return-oriented programming. Progressive challenges from basic ROP to advanced techniques like SROP. Perfect for mastering ROP exploitation on x86 and x64 architectures.
Visit ROP EmporiumInteractive embedded security CTF focusing on MSP430 microcontroller exploitation. Learn assembly, reverse engineering, and exploitation in a unique embedded context. Excellent for understanding low-level security.
Visit MicroCorruption