Différences

Ci-dessous, les différences entre deux révisions de la page.

Lien vers cette vue comparative

Les deux révisions précédentes Révision précédente
Prochaine révision
Révision précédente
ctf:public:tools [2016/10/15 22:16]
arthaum
ctf:public:tools [2020/11/07 19:26] (Version actuelle)
benaimg hoppscotch
Ligne 24: Ligne 24:
   * [[https://github.com/arthaud/formatstring|python-formatstring]], a library to exploit format string vulnerabilities in python   * [[https://github.com/arthaud/formatstring|python-formatstring]], a library to exploit format string vulnerabilities in python
   * [[http://www.nasm.us/|nasm]], an assembler for x86 and amd64.   * [[http://www.nasm.us/|nasm]], an assembler for x86 and amd64.
 +  * [[https://github.com/sashs/Ropper|ropper]], a tool to find gadgets to write ROP chains
  
 ===== Cryptography ===== ===== Cryptography =====
Ligne 41: Ligne 42:
 ===== Web ===== ===== Web =====
  
-  * [[http://jsbeautifier.org/|jsbeautifier]], to help you deobfuscate javascript +==== Client Side ==== 
-  * [[https://www.free-decompiler.com/flash/|jpexs flash decompiler]], a flash decompiler + 
-  * [[http://docs.python-requests.org/en/master/|python requests]], a library to craft http requests in python+  * [[http://jsbeautifier.org/|jsbeautifier]], a tool to beautify/deobfuscate javascript. 
 +  * [[https://www.free-decompiler.com/flash/|jpexs flash decompiler]], a flash decompiler
 +  * [[http://utf-8.jp/public/jjencode.html|jjencode]], to encode/decode javascript using symbols only. 
 + 
 +==== Server side ==== 
 + 
 +  * [[http://docs.python-requests.org/en/master/|python requests]], a library to craft http requests in python.
   * [[https://www.owasp.org/index.php/Category:OWASP_DirBuster_Project|DirBuster]], a multi threaded java application designed to brute force directories and files names.   * [[https://www.owasp.org/index.php/Category:OWASP_DirBuster_Project|DirBuster]], a multi threaded java application designed to brute force directories and files names.
   * [[https://addons.mozilla.org/en-US/firefox/addon/tamper-data/|tamper data]], a firefox plugin to modify HTTP requests directly in your browser.   * [[https://addons.mozilla.org/en-US/firefox/addon/tamper-data/|tamper data]], a firefox plugin to modify HTTP requests directly in your browser.
   * [[https://portswigger.net/burp/|Burp Suite]], an integrated platform for performing security testing of web applications.   * [[https://portswigger.net/burp/|Burp Suite]], an integrated platform for performing security testing of web applications.
 +  * [[http://sqlmap.org/|sqlmap]], the best tool to perform automatic SQL injections.
 +  * [[http://wapiti.sourceforge.net/|wapiti]], a vulnerability scanner in python.
 +  * [[https://hoppscotch.io/ |hoppscotch.io]], a web app that does the same thing as curl and postman
 +===== Miscellaneous =====
  
 +  * [[http://www.openwall.com/john/|john the ripper]], a password cracker.
 +  * [[https://hashcat.net/hashcat/|hashcat]], another password cracker.