|
| 1 | +--- |
| 2 | +title: Crypto CTF Tools |
| 3 | +--- |
| 4 | +# CRYPTO CTF PRACTICE (De-duplicated + Ranked) |
| 5 | + |
| 6 | +## ⭐ Tier 1 — You’ll use these constantly (CTF core) |
| 7 | + |
| 8 | +- **CyberChef** – drag-and-drop “Swiss army knife” for encodings, XOR, hashes, AES, and transforms |
| 9 | + [https://gchq.github.io/CyberChef/](https://gchq.github.io/CyberChef/) |
| 10 | + |
| 11 | +- **dCode** – best all-in-one classical cipher solver (Caesar, Vigenère, substitution, etc.) |
| 12 | + [https://www.dcode.fr/](https://www.dcode.fr/) |
| 13 | + |
| 14 | +- **Cryptii** – interactive encoder/decoder playground for quick conversions and cipher testing |
| 15 | + [https://cryptii.com/](https://cryptii.com/) |
| 16 | + |
| 17 | +- **quipqiup** – automatic substitution cipher breaker (insanely useful) |
| 18 | + [https://quipqiup.com/](https://quipqiup.com/) |
| 19 | + |
| 20 | +- **SageCell (SageMath online)** – quick modular arithmetic, RSA math, CRT, inverses |
| 21 | + [https://sagecell.sagemath.org/](https://sagecell.sagemath.org/) |
| 22 | + |
| 23 | +- **FactorDB** – checks if RSA moduli / big integers are already factorable/known |
| 24 | + [http://factordb.com/](http://factordb.com/) |
| 25 | + |
| 26 | + |
| 27 | +--- |
| 28 | + |
| 29 | +## 🔥 Tier 2 — Most relevant for Krypton-style questions |
| 30 | + |
| 31 | +- **OverTheWire Krypton** – classical crypto wargame (frequency analysis, Vigenère, etc.) |
| 32 | + [https://overthewire.org/wargames/krypton/](https://overthewire.org/wargames/krypton/) |
| 33 | + |
| 34 | +- **CryptoHack** – hands-on modern crypto challenges (RSA, AES, ECC, padding, MACs) |
| 35 | + [https://cryptohack.org/challenges/](https://cryptohack.org/challenges/) |
| 36 | + |
| 37 | +- **Cryptopals** – legendary structured crypto challenge set teaching real crypto attacks |
| 38 | + [https://cryptopals.com/](https://cryptopals.com/) |
| 39 | + |
| 40 | +- **Root-Me Cryptanalysis** – strong cryptanalysis challenge bank (classical + modern) |
| 41 | + [https://www.root-me.org/en/Challenges/Cryptanalysis/](https://www.root-me.org/en/Challenges/Cryptanalysis/) |
| 42 | + |
| 43 | +- **picoCTF Crypto** – beginner-friendly crypto problems for practice and speed |
| 44 | + [https://play.picoctf.org/practice?category=2&page=1](https://play.picoctf.org/practice?category=2&page=1) |
| 45 | + |
| 46 | +- **RingZer0 Crypto** – mixed crypto challenge set (classical + RSA-style) |
| 47 | + [https://ringzer0ctf.com/challenges](https://ringzer0ctf.com/challenges) |
| 48 | + |
| 49 | +- **TryToDecrypt** – puzzle-style crypto decoding challenges |
| 50 | + [https://www.trytodecrypt.com/decrypt.php?id=1](https://www.trytodecrypt.com/decrypt.php?id=1) |
| 51 | + |
| 52 | +- **HBH Decryption** – small set of decoding challenges |
| 53 | + [https://hbh.sh/challenges/decryption](https://hbh.sh/challenges/decryption) |
| 54 | + |
| 55 | +- **CryptoTool** – educational crypto suite (visual + interactive) |
| 56 | + [https://www.cryptool.org/en/](https://www.cryptool.org/en/) |
| 57 | + |
| 58 | + |
| 59 | +--- |
| 60 | + |
| 61 | +## 🧠 Tier 3 — RSA / public-key tools (very common in CTFs) |
| 62 | + |
| 63 | +- **RsaCtfTool** – automated RSA attack suite (Wiener, common modulus, low exponent, etc.) |
| 64 | + [https://github.com/RsaCtfTool/RsaCtfTool](https://github.com/RsaCtfTool/RsaCtfTool) |
| 65 | + |
| 66 | +- **rsatool** – generates/inspects RSA keys and extracts parameters (n, e, p, q) |
| 67 | + [https://github.com/ius/rsatool](https://github.com/ius/rsatool) |
| 68 | + |
| 69 | +- **id0-rsa** – RSA-focused challenge site teaching classic RSA vulnerabilities |
| 70 | + [https://id0-rsa.pub/](https://id0-rsa.pub/) |
| 71 | + |
| 72 | +- **Msieve** – advanced integer factorization tool (when RSA modulus is hard) |
| 73 | + [https://sourceforge.net/projects/msieve/](https://sourceforge.net/projects/msieve/) |
| 74 | + |
| 75 | +- **YAFU** – fast factorization tool for large composites (when FactorDB fails) |
| 76 | + [https://sourceforge.net/projects/yafu/](https://sourceforge.net/projects/yafu/) |
| 77 | + |
| 78 | +- **pemcrack** – attacks weak/guessable passphrases protecting PEM private keys |
| 79 | + [https://github.com/robertdavidgraham/pemcrack](https://github.com/robertdavidgraham/pemcrack) |
| 80 | + |
| 81 | + |
| 82 | +--- |
| 83 | + |
| 84 | +## 🧾 Tier 4 — Classical cipher analysis helpers (Krypton-tier) |
| 85 | + |
| 86 | +- **Guballa Vigenère Solver** – strong automatic Vigenère cracker |
| 87 | + [https://www.guballa.de/vigenere-solver](https://www.guballa.de/vigenere-solver) |
| 88 | + |
| 89 | +- **Guballa Substitution Solver** – interactive substitution solver with good heuristics |
| 90 | + [https://www.guballa.de/substitution-solver](https://www.guballa.de/substitution-solver) |
| 91 | + |
| 92 | +- **Boxentriq Analysis** – frequency analysis + classical cipher helper suite |
| 93 | + [https://www.boxentriq.com/analysis](https://www.boxentriq.com/analysis) |
| 94 | + |
| 95 | +- **Rumkin Atbash** – quick Atbash decoder (and other simple ciphers) |
| 96 | + [https://rumkin.com/tools/cipher/atbash/](https://rumkin.com/tools/cipher/atbash/) |
| 97 | + |
| 98 | +- **MyGeocachingProfile Vigenère** – Vigenère encoder/decoder + basic solver |
| 99 | + [https://www.mygeocachingprofile.com/codebreaker.vigenerecipher.aspx](https://www.mygeocachingprofile.com/codebreaker.vigenerecipher.aspx) |
| 100 | + |
| 101 | + |
| 102 | +--- |
| 103 | + |
| 104 | +## ⚔️ Tier 5 — XOR + stream cipher helpers (sometimes critical) |
| 105 | + |
| 106 | +- **xortool** – detects repeating-key XOR and helps recover key lengths/keys |
| 107 | + [https://github.com/hellman/xortool](https://github.com/hellman/xortool) |
| 108 | + |
| 109 | +- **xor.pw** – quick XOR helper for short ciphertexts |
| 110 | + [https://xor.pw/](https://xor.pw/) |
| 111 | + |
| 112 | +- **cribdrag** – crib dragging tool for OTP reuse / stream cipher reuse attacks |
| 113 | + [https://github.com/SpiderLabs/cribdrag](https://github.com/SpiderLabs/cribdrag) |
| 114 | + |
| 115 | + |
| 116 | +--- |
| 117 | + |
| 118 | +## 🔐 Tier 6 — Hash cracking / hash identification (sometimes “crypto”) |
| 119 | + |
| 120 | +- **Kali hash-identifier** – guesses the hash algorithm from format/length |
| 121 | + [https://www.kali.org/tools/hash-identifier/](https://www.kali.org/tools/hash-identifier/) |
| 122 | + |
| 123 | +- **CrackStation** – fast lookup for unsalted hashes |
| 124 | + [https://crackstation.net/](https://crackstation.net/) |
| 125 | + |
| 126 | +- **OnlineHashCrack** – web-based cracking service (hit-or-miss) |
| 127 | + [https://www.onlinehashcrack.com/](https://www.onlinehashcrack.com/) |
| 128 | + |
| 129 | +- **md5decrypt.net** – database-based cracking for common hashes |
| 130 | + [https://md5decrypt.net/en/](https://md5decrypt.net/en/) |
| 131 | + |
| 132 | +- **hashkill** – password cracking suite (less common now vs hashcat/john) |
| 133 | + [https://github.com/gat3way/hashkill](https://github.com/gat3way/hashkill) |
| 134 | + |
| 135 | + |
| 136 | +--- |
| 137 | + |
| 138 | +## 🧨 Tier 7 — Crypto implementation attacks (rare but huge when they appear) |
| 139 | + |
| 140 | +- **hash_extender** – performs hash length extension attacks (MD5/SHA1 constructions) |
| 141 | + [https://github.com/iagox86/hash_extender](https://github.com/iagox86/hash_extender) |
| 142 | + |
| 143 | +- **HashPump-partialhash** – another length extension tool variant |
| 144 | + [https://github.com/mheistermann/HashPump-partialhash](https://github.com/mheistermann/HashPump-partialhash) |
| 145 | + |
| 146 | +- **padding-oracle-attacker** – automates CBC padding oracle attacks |
| 147 | + [https://github.com/KishanBagaria/padding-oracle-attacker](https://github.com/KishanBagaria/padding-oracle-attacker) |
| 148 | + |
| 149 | +- **python-paddingoracle** – framework for implementing padding oracle attacks |
| 150 | + [https://github.com/mwielgoszewski/python-paddingoracle](https://github.com/mwielgoszewski/python-paddingoracle) |
| 151 | + |
| 152 | + |
| 153 | +--- |
| 154 | + |
| 155 | +## 🧪 Tier 8 — Niche but still valid crypto/CTF tools |
| 156 | + |
| 157 | +- **PKCrack** – attacks legacy ZipCrypto encryption for older ZIP files |
| 158 | + [https://www.unix-ag.uni-kl.de/~conrad/krypto/pkcrack.html](https://www.unix-ag.uni-kl.de/~conrad/krypto/pkcrack.html) |
| 159 | + |
| 160 | +- **reveng** – CRC reversing tool (rare but useful) |
| 161 | + [https://reveng.sourceforge.io/](https://reveng.sourceforge.io/) |
| 162 | + |
| 163 | +- **hashclash** – collision-generation research toolkit (very rare in CTFs) |
| 164 | + [https://marc-stevens.nl/research/hashclash/](https://marc-stevens.nl/research/hashclash/) |
| 165 | + |
| 166 | +- **Python random-module cracker** – attacks weak Python `random` usage in challenges |
| 167 | + [https://github.com/tna0y/Python-random-module-cracker](https://github.com/tna0y/Python-random-module-cracker) |
| 168 | + |
| 169 | + |
| 170 | +--- |
| 171 | + |
| 172 | +## 🎧 Tier 9 — Weird-signal / puzzle decoders (occasional) |
| 173 | + |
| 174 | +- **Morse translator** – quick Morse encoding/decoding |
| 175 | + [https://morsecode.world/international/translator.html](https://morsecode.world/international/translator.html) |
| 176 | + |
| 177 | +- **DialABC sound detect** – detects DTMF tones from audio files |
| 178 | + [http://dialabc.com/sound/detect/](http://dialabc.com/sound/detect/) |
| 179 | + |
| 180 | + |
| 181 | +--- |
| 182 | + |
| 183 | +## 📚 Tier 10 — Meta resource lists (good references) |
| 184 | + |
| 185 | +- **John Hammond CTF Katana (Crypto)** – curated crypto CTF resources and tools |
| 186 | + [https://github.com/JohnHammond/ctf-katana?tab=readme-ov-file#cryptography](https://github.com/JohnHammond/ctf-katana?tab=readme-ov-file#cryptography) |
| 187 | + |
| 188 | +- **gregalletti CTF_tools (Crypto)** – categorized list of crypto tooling links |
| 189 | + [https://github.com/gregalletti/CTF_tools?tab=readme-ov-file#cryptography-](https://github.com/gregalletti/CTF_tools?tab=readme-ov-file#cryptography-) |
| 190 | + |
| 191 | + |
| 192 | +--- |
0 commit comments