Capture The Flag (CTF) Field Guide

|---[ CTF Schedules / Primers / Tool Lists ]

[CTFtime.org - All about CTF (Capture The Flag)] :: (https://ctftime.org/)
[securityCTF - CTF Announcements] :: (https://www.reddit.com/r/securityCTF/)
[CTF Field Guide] :: (https://github.com/trailofbits/ctf)
[CSC Learn - CTF Instructions] :: (https://bobbyluig.gitbooks.io/csc-learn/)
[Square CTF Tips] :: (http://squarectf.com/tips.html)
[Awesome CTF] :: (https://github.com/apsdehal/awesome-ctf/)
[CTF Candy] :: (https://github.com/flawwan/CTF-Candy)
[CTF-Katana] :: (https://github.com/JohnHammond/ctf-katana/)
[G0tmi1k's Blog - How to Guides, Scripts and Videos] :: (https://blog.g0tmi1k.com/)
[NeverEnding Security CTF Field Guide] :: (https://neverendingsecurity.wordpress.com/2015/04/20/ctf-field-guide/)
[Host/Network Security Wiki] :: (https://github.com/osirislab/Project-Ideas/wiki)
[Vagrant CTF Box] :: (https://github.com/wuntee/vagrant-ctf/)
[Vagrant CTF Box 64-bit] :: (https://github.com/ctfhacker/ctf-vagrant-64)
[CTF Tool Lists] :: (https://github.com/zardus/ctf-tools)
[CTF Tool Downloads] :: (https://github.com/MrMugiwara/CTF-Tools)
[NeverLAN CTF Resources] :: (https://neverlanctf.com/resources)
[CTF Resources - Go. Hunt. Cap Flags.] :: (https://www.doyler.net/security-not-included/ctf-resources)
[CTFTime Write-ups Link Builder] :: (https://github.com/mzfr/lswriteups)

|---[ Hacking Challenges / Vulnerable Systems / Practice CTFs ]

[Hack The Box - The #1 Cybersecurity Performance Center] :: (https://www.hackthebox.com/)
[Hacking-Lab.com] :: (https://hacking-lab.com/)
[Hack This Site - Training ground for hackers] :: (https://www.hackthissite.org/)
[Root Me - Hacking and Information Security learning platform] :: (https://www.root-me.org/)
[TryHackMe - A free online platform using hands-on exercises and labs through your browser] :: (https://tryhackme.com)
[Backdoor - Security Platform by SDSLabs] :: (https://backdoor.sdslabs.co/)
[Crackmes - Reverse Engineering Challenges] :: (https://crackmes.one/)
[CryptoHack - Fun cryptography challenges] :: (https://cryptohack.org/)
[SmashTheStack - A variety of wargames maintained by the SmashTheStack Community] :: (http://smashthestack.org/)
[Hacker101- CTF from HackerOne] :: (https://www.hacker101.com/)
[VulnHub - Vulnerable By Design] :: (https://www.vulnhub.com/)
[MicroCorruption - Embedded Security CTF] :: (https://microcorruption.com/login)
[Slavehack 2 - Online Hacking Game] :: (https://www.slavehack2.com/)
[s0urce.io - The Hacking Game] :: (http://s0urce.io/)
[OverTheWire - Wargames] :: (http://overthewire.org/wargames/)
[NightHawk CTF] :: (https://ctf.nihwk.net/)
[CSAW 365 CTF] :: (https://365.csaw.io/)
[XCTF Training Portal] :: (http://oj.xctf.org.cn/web/practice/)
[try2hack - Security-Oriented Challenges] :: (http://www.try2hack.nl/)
[picoCTF - Computer Security Game] :: (https://picoctf.com/)
[CTFS.ME - Learn CTF] :: (https://ctfs.me/)
[The Journey Begins] :: (http://gracker.org)
[echoCTF.RED - Online CTF with a variety of targets to attack] :: (https://echoctf.red/)
[Exploit Exercises - Variety of VMs to learn variety of computer security issues] :: (https://exploit-exercises.lains.space/)
[Exploit.Education - Variety of VMs to learn variety of computer security issues] :: (http://exploit.education)
[Hone Your Ninja Skills - Web challenges starting from basic ones] :: (https://honeyourskills.ninja/)
[Over The Wire - Wargame maintained by OvertheWire Community] :: (http://overthewire.org/wargames/)
[IO - Wargame for binary challenges] :: (http://io.netgarage.org/)
[Microcorruption - Embedded security CTF] :: (https://microcorruption.com)
[PWN Challenge - Binary Exploitation Wargame] :: (http://pwn.eonew.cn/)
[Pwnable.kr - Pwn Game] :: (http://pwnable.kr/)
[Pwnable.tw - Binary wargame] :: (https://pwnable.tw/)
[Pwnable.xyz - Binary Exploitation Wargame] :: (https://pwnable.xyz/)
[Reversin.kr - Reversing challenge] :: (http://reversing.kr/)
[Ringzer0Team - Ringzer0 Team Online CTF] :: (https://ringzer0team.com/)
[ROP Wargames - ROP Wargames] :: (https://github.com/xelenonz/game)
[Viblo CTF - Various amazing CTF challenges, in many different categories] :: (https://ctf.viblo.asia)
[W3Challs - A penetration testing training platform offering computer challenges in various categories] :: (https://w3challs.com)
[WebHacking - Hacking challenges for web] :: (http://webhacking.kr)

|---[ CTF Platforms ]

|---[ Time Zone Information ]

[Time Zone Converter] :: (https://savvytime.com/converter)
[Time Zone Map] :: (https://www.timeanddate.com/time/map/)
[Time Zone Abbreviations] :: (https://www.timeanddate.com/time/zones/)

|---[ Notes / Files ]

[PrivateBin] :: (https://paste.ccc.ac/)
[Paste-Bin Ubuntu] :: (https://paste.ubuntu.com/)
[ProtectedText - Encrypted notes, access anywhere] :: (https://www.protectedtext.com)
[Edit Pad - Online Text Editor & Wordpad for Notes] :: (http://www.editpad.org/)
[DropMeFiles - One-click File Sharing Service] :: (https://dropmefiles.com)

|---[ Communication Servers ]

[Team Collaboration (Messaging, File Sharing)] :: (https://slack.com/)
[Team Collaboration (Project Management)] :: (https://trello.com/)
[Discord (Voice & Text Chat)] :: (https://discordapp.com/login)
[Freenode Webchat IRC] :: (https://webchat.freenode.net/)
[Kiwi IRC] :: (https://kiwiirc.com/client)
[Discover Discord Servers] :: (https://disboard.org/)

|---[ Music / Streaming ]

[Mixcloud - Making Radio Better] :: (https://www.mixcloud.com/)

|---[ Reconnaissance ]

[ReqBin Online Curl] :: (https://reqbin.com/curl/)
[CURL Converter] :: (https://curlconverter.com/)
[Online WGET Tool] :: (https://wget.alanreed.org/)
[Network-Tools] :: (http://network-tools.com/)
[MXToolbox] :: (https://mxtoolbox.com/NetworkTools.aspx)
[CentralOps] :: (http://centralops.net/co/)
[UltraTools] :: (https://www.ultratools.com/)
[PolySwarm - Scan URLs for threats] :: (https://polyswarm.io/)
[URLVoid] :: (http://www.urlvoid.com/)
[URL Scan] :: (https://urlscan.io/)
[URLQuery] :: (http://urlquery.net/)
[URL Parser / Query String Splitter] :: (https://www.freeformatter.com/url-parser-query-string-splitter.html)
[ScanURL] :: (http://scanurl.net/)
[Web-Sniffer] :: (http://web-sniffer.net/)
[Safeweb (Norton)] :: (https://safeweb.norton.com/)
[Lookup IP Address Location (IPv4/IPv6)] :: (http://whatismyipaddress.com/ip-lookup)
[IPVoid] :: (http://www.ipvoid.com/)
[ToolsVoid] :: (http://www.toolsvoid.com/)
[SecurityTrails - Extensive DNS data] :: (https://securitytrails.com/)
[DNSDumpster - Search DNS records] :: (https://dnsdumpster.com/)
[DNS Stuff] :: (http://www.dnsstuff.com/tools)
[DNS Goodies] :: (http://dnsgoodies.com/)
[RobTex] :: (https://www.robtex.net/)
[Metre.net] :: (http://metre.net/)
[Open Source Intelligence (OSINT)] :: (https://inteltechniques.com/menu.html)
[LeakIX - Search publicly indexed information] :: (https://leakix.net/)
[Hunter.io (Email Hunter)] :: (https://hunter.io/)
[DorkSearch - Google Dorking] :: (https://dorksearch.com/)
[Whois] :: (http://network-tools.com/default.asp?prog=whois)
[Whois Request] :: (http://whoisrequest.com/)
[Whois History] :: (http://whoisrequest.org/history/)
[PublicWWW - Marketing and affiliate marketing research] :: (https://publicwww.com/)
[Internet Archive (Wayback Machine)] :: (https://archive.org/web/)

|---[ Crypto / Converters ]

[CyberChef - The Cyber Swiss Army Knife] :: (https://gchq.github.io/CyberChef/)
[BIN, HEX, DEC, BASE64 Translator] :: (https://paulschou.com/tools/xlate/)
[FeatherDuster] :: (https://github.com/nccgroup/featherduster)
[Base64 Encode] :: (https://www.base64encode.org/)
[Base64 Decode] :: (https://www.base64decode.org/)
[Cryptii - Converter between multiple format systems] :: (https://cryptii.com/text/select)
[dCode - The Ultimate Toolkit to Solve Games & Riddles] :: (https://www.dcode.fr/tools-list)
[Hash Extender - Perform hash length extension attacks] :: (https://github.com/iagox86/hash_extender)
[QuipQuip - Break substitution ciphers or vigenere ciphers (without key)] :: (https://quipqiup.com)
[RSACTFTool - Recover RSA private key with various attacks] :: (https://github.com/Ganapati/RsaCtfTool)
[RSATool - Generate private key with knowledge of p and q] :: (https://github.com/ius/rsatool)
[XORTool - Analyze multi-byte xor ciphers] :: (https://github.com/hellman/xortool)
[AES - Symmetric Ciphers Online] :: (http://aes.online-domain-tools.com/)
[ASCII Converter (Hex/Dec/Bin/Base64/ASCII)] :: (https://www.branah.com/ascii-converter)
[Hex Dec Bin Oct converter for programmers] :: (http://calc.50x.eu/)
[Rot13 Converter] :: (http://www.rot13.com/)
[Hex to ASCII Text Converter] :: (https://www.rapidtables.com/convert/number/hex-to-ascii.html)
[Number Base Converter] :: (https://www.rapidtables.com/convert/number/index.html)
[URL Encoding] :: (http://www.blooberry.com/indexdot/html/topics/urlencoding.htm)
[URL Encode/Decode] :: (http://www.url-encode-decode.com/)
[Online Encrypt Decrypt String] :: (https://codebeautify.org/encrypt-decrypt)
[Cipher Tools] :: (http://rumkin.com/tools/cipher/)
[Reverse String] :: (https://codebeautify.org/reverse-string)
[Morse Code Translator] :: (https://morsecode.scphillips.com/translator.html)
[Morse Code Table Cheat Sheet] :: (https://terablitz.com/radio/morse-code-table-cheat-sheet/)
[Maritime Signals Code] :: (https://www.dcode.fr/maritime-signals-code)

|---[ Forensics / Recovery ]

[Hashbot - A forensic web tool] :: (https://www.hashbot.com/)
[ZIP File Password Removal] :: (https://passwordrecovery.io/zip-file-password-removal/)
[Barcode Decoder Online] :: (https://zxing.org/w/decode.jspx)
[Repair Image Online Tool] :: (https://online.officerecovery.com/pixrecovery/)

|---[ Steganography ]

[AperiSolve - Aperi'Solve is a platform which performs layer analysis on image (open-source)] :: (https://aperisolve.fr/)
[Convert - Convert images b/w formats and apply filters] :: (http://www.imagemagick.org/script/convert.php)
[Image Steganography Online - Hhide images inside the lower "bits" of other images] :: (https://incoherency.co.uk/image-steganography)
[StegOnline - Conceal/reveal files hidden within bits (open-source)] :: (https://georgeom.net/StegOnline/upload)
[Steganography Online] :: (https://stylesuxx.github.io/steganography/)
[Steganographic Decoder] :: (https://futureboy.us/stegano/decinput.html)

|---[ Binary Exploitation / Coding ]

[Compiler Explorer Online] :: (https://godbolt.org/)
[Online GDB] :: (https://www.onlinegdb.com/)
[Try It Online (TIO) - Online Interpreter] :: (https://tio.run/)
[Compile and Execute Assembly Online] :: (https://www.tutorialspoint.com/compile_assembly_online.php)
[Online Terminals, Compilers & Interpreters] :: (http://www.tutorialspoint.com/codingground.htm)
[Execute Python Online (Python v2.7.13)] :: (https://www.tutorialspoint.com/execute_python_online.php)
[Python 3 Terminal Online] :: (https://www.tutorialspoint.com/python3_terminal_online.php)
[Execute Ruby Online (Ruby v2.4.1)] :: (https://www.tutorialspoint.com/execute_ruby_online.php)
[PowerShell Terminal Online] :: (https://www.tutorialspoint.com/powershell_terminal_online.php)
[Python Decompiler] :: (https://python-decompiler.com/)
[Esoteric Languages (ESO Lang) Wiki] :: (https://esolangs.org/wiki/language_list)
[Hello world!] :: (https://esolangs.org/wiki/Hello_world)
[Hello world in Esoteric languages] :: (https://esolangs.org/wiki/Hello_world_program_in_esoteric_languages)
[The Hello World Collection] :: (http://helloworldcollection.de/)
[Search code] :: (https://searchcode.com/)
[Grep App - Search git repos] :: (https://grep.app/)

|---[ Reversing ]

[32-bit Opcode Reference] :: (http://ref.x86asm.net/coder32.html)
[64-bit Opcode Reference] :: (http://ref.x86asm.net/coder64.html)
[Intel x86 Assembler Instruction Set Opcode Table] :: (http://sparksandflames.com/files/x86InstructionChart.html)
[ODA - The Online Disassembler] :: (https://www.onlinedisassembler.com/odaweb/)
[Online TrID] :: (http://mark0.net/onlinetrid.aspx)
[Executable Online Viewer] :: (https://exe.urih.com/)
[Visual Analysis of Binary Files] :: (https://binvis.io/#/)
[Online Strings Utility] :: (https://www.fileformat.info/tool/strings.htm)
[File Signatures] :: (http://www.garykessler.net/library/file_sigs.html)
[Wotsit.org - The Programmer's File & Data Resource] :: (http://devel.archefire.org/mirrors/www.wotsit.org/)
[FileFormat.Info - The Digital Rosetta Stone] :: (http://www.fileformat.info/)
[Zamzar - File formats descriptions and meanings] :: (http://www.zamzar.com/fileformats/)
[File Magic Numbers] :: (https://gist.github.com/leommoore/f9e57ba2aa4bf197ebc5)
[Magic Bytes - JavaScript Library] :: (https://github.com/LarsKoelpin/magic-bytes)
[HexEd.it - Browser based hex editor] :: (https://hexed.it/)

|---[ Malware Analysis ]

[VirusTotal - Virus, Malware and URL Scanner] :: (http://www.virustotal.com)
[PolySwarm - Scan files for threats] :: (https://polyswarm.io/)
[VirSCAN.org] :: (http://virscan.org/)
[Jotti's Malware Scan] :: (https://virusscan.jotti.org/en)
[Deepviz Malware Analyzer] :: (https://sandbox.deepviz.com/)
[Malware Analysis by Malwr.com] :: (https://malwr.com/)
[NoDistribute - Online Virus Scanner w/o Distribution] :: (http://nodistribute.com/)
[CyberTracker - MalwareHunterTeam] :: (http://cybertracker.malwarehunterteam.com/)
[Advanced File Analysis] :: (https://valkyrie.comodo.com/)
[Static Analysis Framework] :: (https://mastiff-online.korelogic.com/)
[ThreatExpert File Analysis] :: (http://www.threatexpert.com/submit.aspx)
[Microsoft Malware Protection Center] :: (https://www.microsoft.com/en-us/security/portal/submission/submit.aspx)
[Hybrid-Analysis - Malware/File Analysis] :: (https://www.hybrid-analysis.com/)
[Reverse.IT - Malware/File Analysis] :: (https://www.reverse.it)
[File Analyzer] :: (https://www.file-analyzer.net/)
[Document Analyzer] :: (http://www.document-analyzer.net/)
[Office Document Malware Analysis] :: (https://www.quicksand.io/)
[Scan Documents for Embedded Executables/Payloads] :: (https://www.cryptam.com/)
[Malware Tracker aka PDF-Examiner] :: (https://www.malwaretracker.com/pdf.php)
[APK Analyzer] :: (https://www.apk-analyzer.net/)
[Linux Sandbox] :: (https://detux.org/)

|---[ Additonal Tools ]

Type	ASCII Signature	HEX Signature
CAB	MSCF	4D 53 43 46
CLASS	Êþº¾	CA FE BA BE
DEB	!<arch>.	21 3C 61 72 63 68 3E
EXE	MZ	4D 5A
ELF	.ELF	7F 45 4C 46
NES	NES	4E 45 53 1A
RPM	í«îÛ	ED AB EE DB
BMP	BM	42 4D
GIF	GIF89a	47 49 46 38 39 61
ICO	....	00 00 01 00
JPG	ÿØÿà..JFIF..	FF D8 FF E0 00 10 4A 46 49 46 00 01
PNG	.PNG....	89 50 4E 47 0D 0A 1A 0A
WEBP	WEBP	57 45 42 50
FLAC	fLaC	66 4C 61 43
MIDI	MThd	4D 54 68 64
MP3	ÿû	FF FB
OGG	OggS	4F 67 67 53
WAV	WAVE	57 41 56 45
AVI	AVI.	41 56 49 20
MKV	.Eß£	1A 45 DF A3
MPG	....	00 00 01 BA
PDF	%PDF-	25 50 44 46 2d
RTF	{\rtf1	7B 5C 72 74 66 31
UTF	ï»¿	EF BB BF
XML	<?xml	3c 3f 78 6d 6c 20
ISO	CD001	43 44 30 30 31
7z	7z¼¯'	37 7A BC AF 27 1C
LZ4	."M.	04 22 4D 18
RAR	Rar!....	52 61 72 21 1A 07 01 00
TAR	ustar.00	75 73 74 61 72 00 30 30
TAR.GZ	..	1F 8B
TAR.XZ	²7zXZ..	FD 37 7A 58 5A 00 00
TAR.Z	..	1F A0
XAR	xar!	78 61 72 21
ZIP	PK..	50 4B 03 04
CAP	4Í²¡	34 CD B2 A1
PCAP	¡²ÃÔ	A1 B2 C3 D4
PCAP	ÔÃ²¡	D4 C3 B2 A1
PCAPNG	....	0A 0D 0D 0A

Letter	Morse	Digit	Morse	Punctuation Mark	Morse
A	• –	0	– – – – –	Full–stop (period)	• – • – • –
B	– • • •	1	• – – – –	Comma	– – • • – –
C	– • – •	2	• • – – –	Colon	– – – • • •
D	– • •	3	• • • – –	Question mark (query)	• • – – • •
E	•	4	• • • • –	Apostrophe	• – – – – •
F	• • – •	5	• • • • •	Hyphen	– • • • • –
G	– – •	6	– • • • •	Slash ("/")	– • • – •
H	• • • •	7	– – • • •	Brackets (parentheses)	– • – – • –
I	• •	8	– – – • •	Quotation marks	• – • • – •
J	• – – –	9	– – – – •	At sign	• – – • – •
K	– • –			Equals sign	– • • • –
L	• – • •
M	– –
N	– •
O	– – –
P	• – – •
Q	– – • –
R	• – •
S	• • •
T	–
U	• • –
V	• • • –
W	• – –
X	– • • –
Y	– • – –
Z	– – • •

Number	Letter
1	-
2	A B C
3	D E F
4	G H I
5	J K L
6	M N O
7	P Q R S
8	T U V
9	W X Y Z
0	-