Tools

Here is a list of tools used by the pony7 team during security contests.

A lot of tools are used to reverse and exploit a binary.

The tools we use to reverse a binary:

• GDB, the GNU Debugger. Mostly used to run a program step by step.
• gdb-peda, a python exploit development assistance for GDB. It improves a lot gdb, especially by showing you the values pointed by addresses in registers or on the stack.
• objdump and readelf, programs to display information about executables.
• strace, a program that prints all system calls.
• ltrace is similar to strace, but it prints all dynamic library calls.
• IDA Pro, a disassembler and debugger. The awesome decompiler can give you a pseudocode of the binary.
• angr, a python framework for analyzing binaries. It focuses on both static and dynamic symbolic analysis, making it applicable to a variety of tasks.

Then, we have tools to write exploits. These are tools to launch a process or open a socket, and craft shellcodes or ROP chains:

• pwntools (python2) and python3-pwntools (python3): a CTF framework and exploit development library in python.
• Metasploit, a penetration testing software. Mostly used in the team to automatically generate shellcodes.
• python-formatstring, a library to exploit format string vulnerabilities in python
• nasm, an assembler for x86 and amd64.
• ropper, a tool to find gadgets to write ROP chains

• python hashlib, a library that implements common hash functions in python.
• pycrypto, a library that implements symmetric/asymmetric key encryption in python. This tool is not maintained anymore, and has vulnerabilities so don't use it in production.
• dcode.fr, a website that has great tools to decode ceasar cipher, vigenère cipher and others.
• hash_extender, a tool to perform hash length extension attacks. It supports common hash functions.
• pkcrack, a tool to perform known plaintext attacks on zip files. Don't forget to send a postcard to the author if you like it.

• wireshark, the well known network protocol analyzer.
• volatility, a memory forensics framework for incident response and malware analysis.
• foremost, a tool to extract embedded media files.

• jsbeautifier, a tool to beautify/deobfuscate javascript.
• jpexs flash decompiler, a flash decompiler.
• jjencode, to encode/decode javascript using symbols only.

• python requests, a library to craft http requests in python.
• DirBuster, a multi threaded java application designed to brute force directories and files names.
• tamper data, a firefox plugin to modify HTTP requests directly in your browser.
• Burp Suite, an integrated platform for performing security testing of web applications.
• sqlmap, the best tool to perform automatic SQL injections.
• wapiti, a vulnerability scanner in python.
• hoppscotch.io, a web app that does the same thing as curl and postman

• john the ripper, a password cracker.
• hashcat, another password cracker.