Virtual Machines / Distributions
Reverse Engineering REMnux
Flare-VM
Android Androl4b
Generic pentesting Kali linux
Edmonton Police Service Technological Crimes Unit (TCU) VM
Lists (You may also want to have a look at the preinstalled tools of the VMs)
Awesome lists zardus/ctf-tools
psdehal/awesome-ctf
MrMugiwara/CTF-Tools
SandySekharan/CTF-tool
Misc werew/CTFtools
Online tools
Encoding/Decoding CyberChef
dCode
Image forensics Forensically
FotoForensics
File formats/Binary analysis Kaitai
FileFormat.Info
Deobfuscators/beautifiers JStillery
Reverse Engineering Compiler Explorer
Java Decompilers
Crypto cryptool.org
rumkin.com
CyberChef
dCode
Program analysis (reverse engineering, pwning, etc.)
Reverse engineering frameworks radare2 Unix-like opensource reversing framework
ghidra A software reverse engineering (SRE) suite of tools developed by NSA
Ida Probably the most used reversing software
angr Python binary analysis framework
Debuggers gdb The GNU Project Debugger
pwndbg Exploit Development and Reverse Engineering with GDB (peda 2.0)
x64dbg Open-source debugger for windows
Symbolic/Concolic execution and
SAT/SMT solvers
angr Python binary analysis framework
Klee Symbolic Execution Engine using LLVM bitcode
Manticore Symbolic execution tool for analysis of binaries and smart contracts
z3 Open source Microsoft's theorem prover
Triton DBA framework for concolic execution, taint analysis etc.
ROP Ropper Gadget and ropchains finder for different architectures
One Gadget Tool for finding one gadget RCE in libc.so.6
Dynamic instrumentation tools Pin Intel's dynamic binary instrumentation framework for IA-32, x86-64 and MIC
Valgrind Dynamic binary instrumentation using VEX (intended for heavyweight binary analysis)
Frida Inject snippets of JavaScript or your own library into native apps on Windows, macOS, GNU/Linux, iOS, Android, and QNX
Fuzzing AFL Fuzzing using genetic algorithms and compile-time instrumentation
Honggfuzz Multi-platform fuzzer
Editing/manipulating executables elf.h Simply the header file <elf.h>
LIEF Library to parse, modify and abstract executables
CTF utilities pwntools CTF framework and exploit development library
Java & Android APKtool A tool for reverse engineering Android apk files
ByteCodeViewer A Java 8 Jar & Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger & More)
Emulation qemu Generic and open source machine emulator and virtualizer
Unicorn Multi-platform, multi-architecture CPU emulator framework (with python bindings)
Hex editors 010 Editor Editor with several binary templates and analysis tools
Kaitai Inspect and analyze files (has also a web IDE)
Source code explorers Sourcetrail Source code explorer to get productive on unfamiliar source code
Forensics
Memory dumps Volatility Analyze volatile memory (RAM) samples
Binwalk Tool for analyzing, reverse engineering, and extracting firmware image/td>
GIMP Can be used to extract RAW pictures from memory dumps
The Sleuth Kit Analyze disk images and recover files from them
fsck Check and repair Linux file systems
Audio (and Waveforms-related) Forensic Audacity Inspect audio traces
Network Forensic Network Miner Regenerate/reassemble transmitted files and certificates from PCAP files
Wireshark The world’s foremost and widely-used network protocol analyzer
Scapy Scapy is a powerful interactive packet manipulation and inspection program
ZIP brute_zlib A simple script for brute-forcing zlib decompression (useful to extract data from corrupted archives)
Crypto
Libraries cryptography Python library with interfaces to common cryptographic algorithms
Misc python-paddingoracle A portable, padding oracle exploit API
HashPump A tool to exploit the hash length extension attack
RSAtool Calculates RSA (p, q, n, d, e) and RSA-CRT (dP, dQ, qInv) parameters given either two primes (p, q) or modulus and private exponent (n, d)
Networking
Hosts discovery Nmap Utility for network discovery and security auditing
Analyzing traffic and crafting packets Wireshark The world’s foremost and widely-used network protocol analyzer
Scapy Scapy is a powerful interactive packet manipulation and inspection program
Web
Web proxies OWASP ZAP Web proxy and security-testing framework
mitmproxy A free and open source interactive HTTPS proxy