This is a collection of tools and installation instructions of tools we commonly use in CTFs.
This is not a complete list and any instructions are only suggestions.
Feel free to adapt anything to your needs, if you prefer a different way, and submit feedback.
Also use this as a starting point to learn about any of the tools that are new to you.
> [!note]
> macOS Users: Start with the [macOS](#macos) section.
[[_TOC_]]
## Required Tools
### Docker
In Docker we can run Containers, which are isolated Linux environments.
For example, many CTF challenges contain Dockerfiles that allow us to recreate the environment in which the challenge was created, so we can avoid any compatibility issues.
[Docker Desktop](https://www.docker.com/get-started/) is fine if your host is Windows or macOS.
On Linux, look up how to [install Docker for your distribution](https://docs.docker.com/engine/install/).
Alternative: [Podman](https://podman.io/).
### Decompilers
[Ghidra](https://github.com/NationalSecurityAgency/ghidra/releases) is a powerful disassembling tool made by the NSA (Yes, *that* NSA).
[Binary Ninja](https://binary.ninja/free/) is a more easy-to-use alternative. Does some things better than Ghidra and a few more things worse.
### Python and virtual environments
We use Python often to write small scripts that automate tasks for exploits.
Install Python 3.10 or higher using your package manager, if possible with the `venv` extension.
```bash
sudo apt install python3 python3-pip python3-venv
```
There are many useful Python packages, that help us with common taks, but installing them can interfere with other Python projects you might do later. Virtual environments are a way to isolate Python projects from each other.
I like to have one virtual environment per CTF, but you can also have one global virtual environment.
```bash
cd ~/ctf # Example path
python3 -m venv .venv
source .venv/bin/activate
# Example packages
pip install pwntools
pip install requests
```
In any new terminal, run `source .venv/bin/activate` to activate the virtual environment from the directory in which you created your venv. This will be indicated by the `(.venv)` prefix in your terminal prompt.
You can also use `deactivate` to leave the virtual environment.
In modern versions of Python, using `pip install` without being in a virtual environment will result in an error.
IDEs like PyCharm and VSCode can also create and manage virtual environments for you.
## Other CLI Tools
> [!note]
> Everything in this section is already available in the [Docker image](#pwnenv-docker-image), but you can also install them in your Linux environment, if you prefer.
### Main Tools
There are probably way more useful tools, but here's a list to get started.
- Most common CLI applications are available via Homebrew.
- Homebrew also lets you manage your regular Desktop apps, so no more .dmg files.
### Install Tools
```bash
brew install--cask docker
brew install colima
```
Docker Desktop emulates x64 with the flag `docker run --platform linux/amd64` with significantly higher performance. It's missing capabilities like `ptrace` needed to debug binaries.\
Colima creates a full Virtual Machine with QEMU and has all capabilities we need.
### Create Colima VM
```bash
colima start -a x86_64 -c2-m4--vm-type qemu
colima ssh # SSH into the VM, User folder is mounted at /Users
colima stop # Stop the VM
colima delete # Reset the VM
# More than 1 VM possible with -p <name> flag´
```
Creates a 2 CPU, 4GB RAM VM with QEMU. Has Ubuntu and Docker preinstalled. While the VM is running, the Docker CLI on macOS controls Docker inside the VM. So don't have Docker Desktop running at the same time.
From here, you can choose to either use the Docker image or install the tools directly in your VM.
## Windows
WSL2 is the easiest way to start.
```bash
wsl --install
wsl --set-default-version 2
wsl --install-d Ubuntu-24.04
# Launch the Ubuntu app from the start menu to set a password
