This is intended to be a checklist for tools to have ready: Genaral Skills and Forensics:
- Gimp
- Audacity
- Ghidra
- JDGUI
- Burp Community Edition
- Wireshark
- ILSpy
- SSTV decoder
- Zenmap (NMAP Gui)
- crunch (installed by default on Kali)
- tshark (gets installed w/ wireshark)
- pngcheck (for identifyingp problems in corrupted png files)
- binwalk
- volatility (for memory forensics)
- Radare (R2)
- ILSpy
- Java JDK
- Python
- pngcheck
- binwalk
- multimon-ng
- nmap
- metasploit
- netcat
- nikto
- dirbuster
- Hashcat (prefered option if you have a gpu)
- John the ripper (comes with the following tools ** zip2john (extracting password hashes from encrypted zip files) ** office2john ( a python file for extracting password hashes from protected MS office documents)
- git-dumper (for pulling git repository from a web site - as used in the Shrek Fans Only writeup https://spotless.tech/utctf-ctf-2020-shrek-fans-only.html)
- crib-drag.py (https://github.com/SpiderLabs/cribdrag) an interactive crib dragging tool for cryptanalysis on ciphertext generated with reused or predictable stream cipher keys (as used in the One True Problem writeup https://github.com/SemahBA/UTCTF-Writeups/tree/master/Cryptography/One%20True%20Problem
- pwntools (see https://cryptohack.org/challenges/general/ #5 for example of using pwntools)
- katana
SAMPLES: Binaries https://github.com/JonathanSalwan/binary-samples (binary samples from many architectures to check detection tools)
- ltrace (apt-get install ltrace)
- obj-dump
- strings
- gdb
- binwalk
- grep