I have received a few questions on tool recommendations for the CTF. I will list some suggestions below—with a focus on free, open-source, or low-cost tools where available.
The below list covers the challenges we have released so far. I will keep adding tools if needed as we post new challenges.
Text Editor
I strongly recommend using a capable text editor. My favorite is UltraEdit. Other good options are Sublime Text, Atom, or Visual Studio Code possibly with some MIME syntax highlighters.
Conversions
I recommend using CyberChef for date and format conversions.
MAPI
When working with MSGs and PSTs, you can use MFCMAPI or OutlookSpy with Outlook.
General Metadata Extraction
You will likely need a general-purpose tool that can extract embedded files, file metadata, etc. Good candidates are X-Ways, Autopsy, or perhaps ExifTool or MetaDiver when you don’t feel like pulling out the big guns.
PDF Deep Dive
When you encounter PDFs, you will likely need a deep dive tool to look into them in detail. You can use PDF CanOpener (with Acrobat), PDF Stream Dumper, pdf-parser.py, etc.
Compound File Binary Format
You may find OffVis and Structured Storage Viewer helpful when working with files in Compound File Binary Format.
API Calls
Postman is your friend here.
DKIM and ARC Verification
You can use dkimpy for DKIM and ARC verification. Note its limitations if/when you need to use it in real cases.
