ctf-tools
This is a collection of setup scripts to create an install of various security research tools. Of course, this isn't a hard problem, but it's really nice to have them in one place that's easily deployable to new machines and so forth. The install-scripts for these tools are checked regularly, the results can be found on the build status page. Installers for the following tools are included: - afl: State-of-the-art fuzzer. - angr: Next-generation binary analysis engine from Shellphish. - barf: Binary Analysis and Reverse-engineering Framework. - bindead: A static analysis tool for binaries. - capstone: Multi-architecture disassembly framework. - checksec: Check binary hardening settings. - codereason: Semantic Binary Code Analysis Framework. - crosstool-ng: Cross-compilers and cross-architecture tools. - cross2: A set of cross-compilation tools from a Japanese book on C. - elfkickers: A set of utilities for working with ELF files. - elfparser: Quickly determine the capabilities of an ELF bin
FEATURES
ALTERNATIVES
A security framework for process isolation and sandboxing based on capability-based security principles.
Mellivora Mellivora is a PHP-based CTF engine with a wide range of features for managing Capture The Flag competitions.
Porting GNU/Linux userland tools to the bionic/Linux userland of Android to provide access to the audit stream for Android applications with minimal overhead.
SerpApi is a Google Search API that allows you to scrape Google and other search engines with ease.
Interactive computational environment for code execution, text, and media combination.
PLC-side fuzzing tool for uncovering vulnerabilities in ICS control applications.
Vim syntax-highlighting plugin for YARA rules with support up to v4.3.
A tool to extract links from responses and filter them via decoding/sorting
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Check Point CloudGuard WAF
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.