Category	Tool	Description
binary	afl	State-of-the-art fuzzer.
binary	angr	Next-generation binary analysis engine from Shellphish.
binary	barf	Binary Analysis and Reverse-engineering Framework.
binary	bindead	A static analysis tool for binaries.
binary	checksec	Check binary hardening settings.
binary	codereason	Semantic Binary Code Analysis Framework.
binary	crosstool-ng	Cross-compilers and cross-architecture tools.
binary	cross2	A set of cross-compilation tools from a Japanese book on C.
binary	elfkickers	A set of utilities for working with ELF files.
binary	elfparser	Quickly determine the capabilities of an ELF binary through static analysis.
binary	evilize	Tool to create MD5 colliding binaries
binary	gdb	Up-to-date gdb with python2 bindings.
binary	panda	Platform for Architecture-Neutral Dynamic Analysis.
binary	pathgrind	Path-based, symbolically-assisted fuzzer.
binary	peda	Enhanced environment for gdb.
binary	preeny	A collection of helpful preloads (compiled for many architectures!).
binary	pwntools	Useful CTF utilities.
binary	python-pin	Python bindings for pin.
binary	qemu	Latest version of qemu!
binary	qira	Parallel, timeless debugger.
binary	radare2	Some crazy thing crowell likes.
binary	rp++	Another gadget finder.
binary	shellnoob	Shellcode writing helper.
binary	shellsploit	Shellcode development kit.
binary	snowman	Cross-architecture decompiler.
binary	taintgrind	A valgrind taint analysis tool.
binary	villoc	Visualization of heap operations.
binary	virtualsocket	A nice library to interact with binaries.
binary	xrop	Gadget finder.
forensics	binwalk	Firmware (and arbitrary file) analysis tool.
forensics	dislocker	Tool for reading Bitlocker encrypted partitions.
forensics	exetractor	Unpacker for packed Python executables. Supports PyInstaller and py2exe.
forensics	firmware-mod-kit	Tools for firmware packing/unpacking.
forensics	pdf-parser	Tool for digging in PDF files
forensics	scrdec	A decoder for encoded Windows Scripts.
forensics	testdisk	Testdisk and photorec for file recovery.
crypto	cribdrag	Interactive crib dragging tool (for crypto).
crypto	foresight	A tool for predicting the output of random number generators. To run, launch "foresee".
crypto	hashpump	A tool for performing hash length extension attaacks.
crypto	hashpump-partialhash	Hashpump, supporting partially-unknown hashes.
crypto	hash-identifier	Simple hash algorithm identifier.
crypto	littleblackbox	Database of private SSL/SSH keys for embedded devices.
crypto	msieve	Msieve is a C library implementing a suite of algorithms to factor large integers.
crypto	pemcrack	SSL PEM file cracker.
crypto	pkcrack	PkZip encryption cracker.
crypto	python-paddingoracle	Padding oracle attack automation.
crypto	reveng	CRC finder.
crypto	ssh_decoder	A tool for decoding ssh traffic. You will need ruby1.8 from https://launchpad.net/~brightbox/+archive/ubuntu/ruby-ng to run this. Run with ssh_decoder --help for help, as running it with no arguments causes it to crash.
crypto	sslsplit	SSL/TLS MITM.
crypto	xortool	XOR analysis tool.
crypto	yafu	Automated integer factorization.
web	burpsuite	Web proxy to do naughty web stuff.
web	commix	Command injection and exploitation tool.
web	dirs3arch	Web path scanner.
web	sqlmap	SQL injection automation engine.
web	subbrute	A DNS meta-query spider that enumerates DNS records, and subdomains.
stego	sound-visualizer	Audio file visualization.
stego	steganabara	Another image steganography solver.
stego	stegdetect	Steganography detection/breaking tool.
stego	stegsolve	Image steganography solver.
android	apktool	Dissect, dis-assemble, and re-pack Android APKs

There are also some installers for non-CTF stuff to break the monotony!

Category	Tool	Description
game	Dwarf Fortress	Something to help you relax after a CTF!

Usage
To use, do:
Where possible, the tools keep the installs very self-contained (i.e., in to tool/ directory), and most uninstalls are just calls to git clean ( NOTE , this is NOT careful; everything under the tool directory, including whatever you were working on, is blown away during an uninstall). To support python dependencies, however, make sure to create a virtualenv before installing and using tools (i.e., mkvirtualenv --system-site-packages ctf . The --system-site-packages is there for easier reuse of apt-gotten python packages where necessary).

Docker
By popular demand, a Dockerfile has been included. You can build a docker image with:
And run it with:
The built image will have ctf-tools cloned and ready to go, but you will still need to install the tools themselves (see above).

Vagrant
You can build a Vagrant VM with:
And connect to it via:

Adding Tools
To add a tool (say, named toolname ), do the following:

1. Create a toolname directory.
2. Create an install script.
3. (optional) if special uninstall steps are required, create an uninstall script.

Install Scripts
The install script will be run with $PWD being toolname . It should install the tool into this directory, in as contained a manner as possible. Ideally, full uninstallation should be possible with a git clean .
The install script should create a bin directory and put its executables there. These executables will be automatically linked into the main bin directory for the repo. They could be launched from any directory, so don't make assumptions about the location of $0 !