Ctf
Explore 53 curated tools and resources
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Commercial
Resources
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
Free
Resources
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Commercial
Application Security
Check Point CloudGuard WAF
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.
Commercial
Application Security
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
Commercial
Cloud Security
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
Commercial
Application Security
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Commercial
Cloud Security
LATEST ADDITIONS
A compilation of Red Teaming resources including cheatsheets, notes, scripts, and practice platforms for cybersecurity learning and skill development.
A lightweight and portable Docker container for penetration testers and CTF players
Framework for creating jeopardy CTF challenges with configurable structure and efficient integration.
A non-commercial wargame site offering pwn challenges related to system exploitation with different difficulty levels.
A lightweight CTF platform inspired by motherfuckingwebsite.com with a focus on challenge difficulty.
Archive of information, tools, and references regarding CTF competitions.
A security dataset and CTF platform with full and attack-only versions pre-indexed for Splunk.
echoCTF is a computer security framework for running cybersecurity exercises and competitions like Capture the Flag, used for network penetration testing and security auditing.
A Docker image with tools for solving Steganography challenges and screening scripts for analyzing files.
A repository of CTF challenges and resources from various cybersecurity competitions.
Node package for preparing CTF events with OWASP Juice Shop challenges for popular CTF frameworks.
A free, safe, and legal training ground for ethical hackers to test and expand their skills
A tool for scraping CTF writeups from ctftime.org and organizing them for easy access.
A cheatsheet for understanding privilege escalation with examples, not for enumeration using Linux Commands.
A simple security capture the flag framework for running contests
An annual jeopardy-style capture-the-flag contest with challenges related to cybersecurity.
A CTF platform inspired by motherfuckingwebsite.com, emphasizing simplicity and lightweight features.
Mellivora Mellivora is a PHP-based CTF engine with a wide range of features for managing Capture The Flag competitions.
Collection of CTF writeups from September 2018 onwards, including various CTFs and HackTheBox.
SecGen creates vulnerable virtual machines and hacking challenges for learning security penetration testing techniques.
CTF toolkit for rapid exploit development and prototyping.
Very vulnerable ARM/ARM64[AARCH64] application with various levels of vulnerabilities for exploitation training.
A collection of CTF source files and write-ups that anyone can contribute to
A write-up of the reverse engineering challenge from the 2019 BambooFox CTF competition
Security cheatsheets to aid penetration testers and security enthusiasts in remembering useful but not frequently used commands.
Stay updated on Gh0st Networks lab activities, CTF challenges, and join the slack team for support.
Platform for hosting Jeopardy and 'King of the Hill' style Capture the Flag competitions.
Platform for users to test cybersecurity skills by exploiting vulnerabilities.
A Capture The Flag (CTF) platform for testing computer security skills
Blue-team capture the flag competition for improving cybersecurity skills.
A repository of CTF source files and write-ups for CTFs from 2014, allowing contributions and corrections.
A comprehensive and immersive 13-week course by NYU Tandon's OSIRIS Lab introducing students to offensive security with practical applications and research projects.
Real-time capture the flag (CTF) scoring engine for computer wargames with a fun game-like environment for learning cybersecurity skills.
A sample security dataset and CTF platform for information security professionals, researchers, students, and enthusiasts.
A collection of CTF source files and write-ups that anyone can contribute to.
A repository of CTF source files and write-ups from 2015, addressing common issues in CTF write-ups.
Scoring server for Cyber Capture the Flag events with a focus on problem modification and hint offerings.
A deliberately weak and insecure implementation of GraphQL for testing and practicing GraphQL security
A live archive of DEF CON CTF challenges, vulnerable by design, for hackers to play safely.
CTFd is a Capture The Flag framework with extensive features for creating and managing CTF competitions.
Insights on Red Teaming for Pacific Rim CCDC 2016 competition, focusing on preparation, operations plan, and automation.
Cross-site scripting labs for web application security enthusiasts
A collection of write-ups from Capture The Flag hacking competitions
A collection of writeups of CTF challenges I solved, including explanations of the challenges and how I solved them.
Detailed explanations of steps taken to solve challenges in Capture The Flag competitions.
A low-interaction honeypot that logs IP addresses, usernames, and passwords used by clients connecting via SSH, primarily used for gathering intelligence on brute force attacks.
Educational CTF-styled challenges for Memory Forensics.
A cybersecurity challenge where you play the role of an incident response consultant investigating an intrusion at Precision Widgets of North Dakota.
