SANJAIRATHINAM-R/DragonByte-CTF-Toolkit-generation

GitHub: SANJAIRATHINAM-R/DragonByte-CTF-Toolkit-generation

一款集成密码学、隐写术、OSINT、Web 测试和数字取证等六大模块的 CTF 终端工具包,通过统一命令界面和自动 Flag 检测简化比赛解题流程。

Stars: 1 | Forks: 0

``` ██████╗ ██████╗ █████╗ ██████╗ ██████╗ ███╗ ██╗ ██████╗ ██╗ ██╗████████╗███████╗ ██╔══██╗██╔══██╗██╔══██╗██╔════╝ ██╔═══██╗████╗ ██║ ██╔══██╗╚██╗ ██╔╝╚══██╔══╝██╔════╝ ██║ ██║██████╔╝███████║██║ ███╗██║ ██║██╔██╗ ██║ ██████╔╝ ╚████╔╝ ██║ █████╗ ██║ ██║██╔══██╗██╔══██║██║ ██║██║ ██║██║╚██╗██║ ██╔══██╗ ╚██╔╝ ██║ ██╔══╝ ██████╔╝██║ ██║██║ ██║╚██████╔╝╚██████╔╝██║ ╚████║ ██████╔╝ ██║ ██║ ███████╗ ╚═════╝ ╚═╝ ╚═╝╚═╝ ╚═╝ ╚═════╝ ╚═════╝ ╚═╝ ╚═══╝ ╚═════╝ ╚═╝ ╚═╝ ╚══════╝ ``` # 🐉 DragonByte CTF 工具包 # 👤由 Sanjairathinam 创建 **面向 CTF 选手与网络安全学习者的终极终端工具包** [![Version](https://img.shields.io/badge/version-1.0.0-cyan?style=for-the-badge)](https://github.com/SANJAIRATHINAM-R/DragonByte-CTF-Toolkit-generation) [![Platform](https://img.shields.io/badge/platform-Kali%20Linux-557C94?style=for-the-badge&logo=linux)](https://www.kali.org/) [![Python](https://img.shields.io/badge/python-3.8%2B-3776AB?style=for-the-badge&logo=python&logoColor=white)](https://python.org) [![Bash](https://img.shields.io/badge/bash-5.0%2B-4EAA25?style=for-the-badge&logo=gnubash&logoColor=white)](https://www.gnu.org/software/bash/) [![License](https://img.shields.io/badge/license-MIT-green?style=for-the-badge)](LICENSE) [![Open Source](https://img.shields.io/badge/open--source-%E2%9D%A4-brightgreen?style=for-the-badge)](https://github.com/SANJAIRATHINAM-R/DragonByte-CTF-Toolkit-generation) [![Stars](https://img.shields.io/github/stars/SANJAIRATHINAM-R/DragonByte-CTF-Toolkit-generation?style=for-the-badge&color=yellow)](https://github.com/SANJAIRATHINAM-R/DragonByte-CTF-Toolkit-generation/stargazers) [![Author](https://img.shields.io/badge/author-Sanjai%20Rathinam-red?style=for-the-badge)](https://github.com/SANJAIRATHINAM-R) [🚀 快速开始](#-quick-start) • [📦 模块](#-modules) • [📖 用法](#-full-usage-reference) • [⚙️ 安装](#️-installation) • [👤 作者](#-author) • [🤝 贡献](#-contributing)
## 👤 作者
Sanjai Rathinam ### Sanjai Rathinam **DragonByte 创始人 | 网络安全爱好者 | CTF 选手** [![GitHub](https://img.shields.io/badge/GitHub-SANJAIRATHINAM--R-181717?style=for-the-badge&logo=github)](https://github.com/SANJAIRATHINAM-R) [![DragonByte](https://img.shields.io/badge/Project-DragonByte-cyan?style=for-the-badge&logo=dragonframe)](https://github.com/SANJAIRATHINAM-R/DragonByte-CTF-Toolkit-generation) **DragonByte** 是一个社区驱动的网络安全计划和终端工具包,集成了密码学、隐写术、OSINT、Web 漏洞利用、数字取证和杂项挑战的模块——旨在简化每个人的学习和 CTF 解题过程。
## 🎯 什么是 DragonByte? DragonByte CTF Toolkit 是一个**模块化、开源、基于终端的工具包**,专为 Kali Linux 上的 [夺旗赛](https://ctftime.org) (Capture The Flag) 和网络安全学习者构建。 无需在不同的终端中切换使用 10 多个独立的工具,DragonByte 将它们全部封装在**一个简洁、一致的命令界面**中,并内置了自动 flag 检测功能。 ``` dragonbyte ``` 无论你是破解哈希、从图像中提取隐藏数据、枚举子域名,还是分析数据包捕获——DragonByte 都能为你搞定。 ## ✨ 主要特性 | | 特性 | 描述 | |--|---------|-------------| | 🧩 | **6 个专业模块** | Crypto (密码学), Stego (隐写术), OSINT (开源情报), Web (网络), Forensics (取证), Misc (杂项) | | 🚩 | **自动 Flag 检测** | 扫描每次输出以查找 `flag{...}`, `HTB{...}`, `picoCTF{...}` 等 | | 🔧 | **20+ 工具集成** | Hashcat, John, Binwalk, SQLmap, tshark, Gobuster, Volatility 等 | | 🐍 | **混合架构** | Bash CLI 前端 + Python 后端引擎 | | 📦 | **一键安装** | `sudo bash install.sh` 处理所有依赖 | | 🔌 | **易于扩展** | 使用简单的类接口在几分钟内添加新模块 | | 🎨 | **专业输出** | 每次都是彩色编码、格式良好的终端输出 | | 🛡️ | **优雅降级** | 缺失的工具会被清晰报告——其余功能仍可运行 | ## 🚀 快速开始 ``` # 1. Clone repo git clone https://github.com/SANJAIRATHINAM-R/DragonByte-CTF-Toolkit-generation.git # 2. 进入目录 cd DragonByte-CTF-Toolkit-generation # 3. 运行安装程序(安装所有工具和依赖项) sudo bash install.sh # 4. 准备就绪! dragonbyte --help ``` ### ⚡ 一键安装 ``` git clone https://github.com/SANJAIRATHINAM-R/DragonByte-CTF-Toolkit-generation.git && cd DragonByte-CTF-Toolkit-generation && sudo bash install.sh ``` ### 🧪 即时测试(无需文件) ``` dragonbyte misc decode "ZmxhZ3t3ZWxjb21lX3RvX2RyYWdvbmJ5dGV9" ``` 预期输出: ``` ────────────────────────────────────────────────────────────── Module: Misc | Action: decode ────────────────────────────────────────────────────────────── [>] Encoding Detection & Decoding ········································ Base64 flag{welcome_to_dragonbyte} ────────────────────────────────────── [🚩] FLAG(S) DETECTED! ────────────────────────────────────── flag{welcome_to_dragonbyte} ────────────────────────────────────── ``` ## 📦 模块 ### 🔐 `crypto` — 哈希破解与识别 自动检测哈希算法并启动字典攻击。 ``` # 识别单个 hash dragonbyte crypto identify 5f4dcc3b5aa765d61d8327deb882cf99 # 从文件识别 hash dragonbyte crypto identify hashes.txt # 破解 hash(John the Ripper + Hashcat + rockyou.txt) dragonbyte crypto crack hashes.txt ``` **支持的哈希格式:** | Hash | 长度 | 示例 | |------|--------|---------| | MD5 | 32 字符 | `5f4dcc3b5aa765d61d8327deb882cf99` | | SHA-1 | 40 字符 | `5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8` | | SHA-256 | 64 字符 | `...` | | SHA-512 | 128 字符 | `...` | | bcrypt | 以 `$2b$` 开头 | `$2b$12$...` | | SHA-512 crypt | 以 `$6$` 开头 | `$6$salt$...` | **工具:** `john` · `hashcat` ### 🖼️ `stego` — 隐写术分析 揭示隐藏在图像和二进制文件中的数据。 ``` # 完整扫描 — 元数据 + 嵌入数据 + 字符串 dragonbyte stego scan challenge.png # 提取隐藏 payload 和嵌入的归档文件 dragonbyte stego extract challenge.png # 转储所有可打印字符串 dragonbyte stego strings challenge.png ``` **扫描执行的操作:** ``` [1] ExifTool → metadata (GPS, comments, author, software) [2] Binwalk → embedded files, compressed archives, signatures [3] Steghide → hidden payload check (no-password attempt) [4] strings → printable character extraction [5] Flag scan → auto-highlight any CTF flags found ``` **工具:** `exiftool` · `binwalk` · `steghide` · `strings` ### 🌐 `osint` — 侦察与情报 收集有关域名和组织的开源情报。 ``` # 完整域名侦察 — DNS、WHOIS、电子邮件、端口 dragonbyte osint domain example.com # 电子邮件地址收集 dragonbyte osint email example.com # 子域名枚举 dragonbyte osint subdomains example.com ``` **域名操作流程:** ``` [1] DNS Resolution → resolve IPs [2] WHOIS → registrar, owner, dates [3] theHarvester → emails, hosts, names [4] Nmap → open ports (fast scan) ``` **子域名流程:** ``` [1] Amass → passive subdomain enumeration [2] Gobuster → DNS brute-force with wordlist ``` **工具:** `whois` · `nmap` · `theHarvester` · `amass` · `gobuster` ### 🕷️ `web` — Web 漏洞测试 查找隐藏目录、注入点和安全配置错误。 ``` # 完整扫描 — 目录 + Nikto dragonbyte web scan http://target.htb # SQL 注入测试 dragonbyte web sqli "http://target.htb/login?id=1" # HTTP 标头分析 + 安全审计 dragonbyte web headers http://target.htb ``` **审计的安全头信息:** | Header | 检查项 | |--------|--------| | `X-Frame-Options` | 点击劫持保护 | | `X-XSS-Protection` | XSS 过滤器 | | `Strict-Transport-Security` | HSTS 强制执行 | | `Content-Security-Policy` | CSP 存在性 | | `X-Content-Type-Options` | MIME 嗅探 | **工具:** `gobuster` · `nikto` · `sqlmap` ### 🔬 `forensic` — 数字取证 分析数据包捕获、磁盘镜像、内存转储和二进制文件。 ``` # 自动检测文件类型并分析 dragonbyte forensic analyze capture.pcap dragonbyte forensic analyze disk.img dragonbyte forensic analyze memory.vmem dragonbyte forensic analyze unknown.bin # 切割嵌入文件 dragonbyte forensic extract challenge.bin # 提取字符串 dragonbyte forensic strings challenge.bin ``` **根据文件扩展名自动路由:** | 扩展名 | 引擎 | 功能 | |-----------|--------|--------------| | `.pcap` `.pcapng` `.cap` | tshark | 协议统计, HTTP 对象, DNS 查询, 会话 | | `.img` `.dd` `.bin` `.raw` | Foremost | 从磁盘镜像中恢复文件 | | `.vmem` `.mem` `.dmp` | Volatility 3 | 进程列表, 内存分析 | | *(其他)* | file + strings | 魔数检测 + 字符串提取 | **工具:** `tshark` · `foremost` · `binwalk` · `volatility3` · `file` ### 🎲 `misc` — 编码检测与解码 不再手动猜测编码。DragonByte 会一次性尝试所有编码。 ``` # 自动检测并解码任何编码 dragonbyte misc decode "aGVsbG8gY3Rm" dragonbyte misc decode encoded.txt # 从图像中解码 QR 码和条形码 dragonbyte misc qr qrcode.png # 提取可读字符串 dragonbyte misc strings file.bin ``` **自动尝试的编码:** | 编码 | 输入示例 | |----------|--------------| | Base64 | `aGVsbG8=` | | Base32 | `NBSWY3DPEB3W64TMMQ======` | | Hex | `68656c6c6f` | | ROT13 | `uryyb` | | ROT47 | `96==@` | | Binary | `01101000 01100101 01101100` | | URL 编码 | `%68%65%6c%6c%6f` | | 摩尔斯电码 | `.... . .-.. .-.. ---` | | Caesar 暴力破解 | 对所有 25 种位移进行评分 | **工具:** `zbarimg` · `pyzbar` · `strings` ## 🚩 Flag 检测引擎 每次运行模块都会**自动扫描** CTF flag。 当发现 flag 时,会打印一个高亮显示的横幅: ``` ────────────────────────────────────────────────── [🚩] FLAG(S) DETECTED! ────────────────────────────────────────────────── flag{hidden_in_plain_sight} ────────────────────────────────────────────────── ``` **所有支持的 flag 格式:** ``` flag{...} picoCTF{...} HTB{...} CTF{...} THM{...} DUCTF{...} rtcp{...} darkCTF{...} TBTL{...} DawgCTF{...} WORD{...} ← any ALL-CAPS prefix ``` ## ⚙️ 安装 ### 系统要求 | 要求 | 最低配置 | |------------|---------| | OS | Kali Linux 2022+ (或基于 Debian 的系统) | | Python | 3.8+ | | 权限 | sudo / root | | 磁盘空间 | ~500 MB (工具 + 字典) | ### 分步指南 ``` # Clone git clone https://github.com/SANJAIRATHINAM-R/DragonByte-CTF-Toolkit-generation.git cd DragonByte-CTF-Toolkit-generation # Install sudo bash install.sh # Verify dragonbyte --version dragonbyte --help ``` ### 安装程序执行的操作 ``` [1] Checks Python 3 and pip3 [2] Installs Python packages (requests, Pillow, pyzbar, colorama, volatility3) [3] Installs system tools via apt: exiftool binwalk steghide tshark foremost nmap gobuster sqlmap nikto john hashcat amass theharvester whois zbar-tools [4] Decompresses rockyou.txt if gzipped [5] Creates /usr/local/bin/dragonbyte symlink [6] Creates all Python package __init__.py files ``` ### 手动符号链接(如有需要) ``` sudo ln -sf ~/DragonByte-CTF-Toolkit-generation/dragonbyte.sh /usr/local/bin/dragonbyte ``` ### 不安装直接运行 ``` cd DragonByte-CTF-Toolkit-generation bash dragonbyte.sh --help bash dragonbyte.sh misc decode "aGVsbG8=" ``` ## 📁 项目结构 ``` DragonByte-CTF-Toolkit-generation/ │ ├── 🐚 dragonbyte.sh ← Bash CLI: parses args, calls Python ├── 🔧 install.sh ← Installs all tools & dependencies ├── 📄 README.md │ ├── backend/ │ ├── engine.py ← Validates input, routes to modules │ ├── flag_detector.py ← Regex scanner for CTF flag patterns │ └── utils.py ← print_info/warn/error, run_command, │ validate_file, tool_available, etc. │ ├── modules/ │ ├── crypto/ │ │ └── crypto_engine.py ← Hash ID + John/Hashcat cracking │ ├── stego/ │ │ └── stego_engine.py ← ExifTool + Binwalk + Steghide │ ├── osint/ │ │ └── osint_engine.py ← WHOIS + theHarvester + Amass │ ├── web/ │ │ └── web_engine.py ← Gobuster + Nikto + SQLmap │ ├── forensics/ │ │ └── forensic_engine.py ← tshark + Foremost + Volatility │ └── misc/ │ └── misc_engine.py ← Multi-encoding decoder + QR │ ├── wordlists/ ← Drop custom wordlists here │ └── (rockyou.txt auto-detected) │ └── docs/ ├── installation.md ├── usage.md └── modules.md ``` ## 📖 完整用法参考 ``` USAGE: dragonbyte [target] MODULES: crypto identify Detect hash algorithm by pattern crack Dictionary attack via John + Hashcat stego scan Full scan: meta + binwalk + steghide extract Extract hidden payloads strings Dump printable strings osint domain DNS + WHOIS + harvest + nmap email Harvest email addresses subdomains Amass + Gobuster DNS enum web scan Gobuster dir scan + Nikto sqli SQLmap injection test headers HTTP headers + security audit forensic analyze Auto-detect & analyse extract Carve files (Foremost + Binwalk) strings Extract strings misc decode Auto-detect & decode encoding qr Decode QR code / barcode strings Extract printable strings GLOBAL FLAGS: --help, -h Show help --version, -v Show version ``` ## 💡 实际 CTF 场景 ``` # ── 挑战:可疑的 PNG ────────────────────────────────── dragonbyte stego scan challenge.png # ExifTool → Binwalk → Steghide → strings → flag 扫描 # ── 挑战:破解此 hash ───────────────────────────────── echo "482c811da5d5b4bc6d497ffa98491e38" > hash.txt dragonbyte crypto crack hash.txt # 识别为 MD5 → John + Hashcat → password123 # ── 挑战:奇怪的编码字符串 ──────────────────────────── dragonbyte misc decode ".... - -... . . . ---. ..... " # 检测到摩尔斯电码 → HTB{...} # ── 挑战:Web 登录页面 ────────────────────────────────── dragonbyte web sqli "http://challenge.ctf.io/login?user=test" # SQLmap → 发现脆弱参数 → DB 已转储 # ── 挑战:pcap 分析 ─────────────────────────────────── dragonbyte forensic analyze traffic.pcapng # tshark → HTTP 对象 → 明文 flag # ── 挑战:CTF 侦察 ─────────────────────────────────────── dragonbyte osint domain target.ctf.com # DNS → WHOIS → 子域名 → 开放端口 ``` ## 🔌 添加新模块 DragonByte 专为扩展而设计。添加新模块只需 4 个步骤: **1. 创建引擎文件:** ``` # modules/pwn/pwn_engine.py import os, sys sys.path.insert(0, os.path.join(os.path.dirname(__file__), '..', '..')) from backend.utils import print_info, print_subsection class PwnEngine: def run(self, action: str, target: str) -> str: if action == "checksec": return self._checksec(target) return "" def _checksec(self, target: str) -> str: print_subsection("checksec") # your logic here return "result" ``` **2. 添加 `__init__.py`:** ``` touch modules/pwn/__init__.py ``` **3. 在 `backend/engine.py` 中注册:** ``` MODULE_ACTIONS = { ... "pwn": ["checksec", "rop"], # add this line } def load_module(module_name): ... elif module_name == "pwn": from modules.pwn.pwn_engine import PwnEngine return PwnEngine() ``` **4. 使用它:** ``` dragonbyte pwn checksec ./binary ``` ## 🛠️ 故障排除 | 问题 | 原因 | 解决方法 | |---------|-------|-----| | `dragonbyte: command not found` | 符号链接丢失 | `sudo ln -sf ~/DragonByte-CTF-Toolkit-generation/dragonbyte.sh /usr/local/bin/dragonbyte` | | `install.sh: No such file or directory` | 目录错误 | 先执行 `cd DragonByte-CTF-Toolkit-generation` | | `python3 not found` | 未安装 Python | `sudo apt install python3` | | `ModuleNotFoundError` | Python 包缺失 | 再次执行 `sudo bash install.sh` | | 工具显示 `[!] not found` | 工具未安装 | `sudo apt install ` | | `Permission denied` | 脚本不可执行 | `chmod +x dragonbyte.sh` | | Hashcat `--force` 错误 | 虚拟机 / 无 GPU | 在虚拟机上正常,结果仍然有效 | ## 🗺️ 路线图 - [ ] PWN 模块 (checksec, ROPgadget, pwntools 集成) - [ ] 逆向工程模块 (Ghidra CLI, strings, ltrace/strace) - [ ] 云 OSINT (S3 buckets, Azure blobs, GCP storage) - [ ] crypto 模块中的密码变形引擎 - [ ] 输出保存到文件 (`--output report.txt`) - [ ] Docker 容器以便携式使用 - [ ] CTF 平台集成 (HTB API, TryHackMe API) - [ ] Web UI 仪表板 (可选) ## 🤝 贡献 欢迎所有贡献——新模块、错误修复、更好的字典、文档。 ``` # 在 GitHub 上 Fork,然后: git clone https://github.com/SANJAIRATHINAM-R/DragonByte-CTF-Toolkit-generation.git cd DragonByte-CTF-Toolkit-generation git checkout -b feature/your-feature-name # 进行更改并测试,然后: git add . git commit -m "feat: describe your change" git push origin feature/your-feature-name # 打开 Pull Request ``` **贡献点子:** - `misc` 中的新编码类型 - 额外的 OSINT 来源 - 更好的哈希识别模式 - 更多的 CTF flag 正则表达式模式 - 改进 Volatility 集成 - 为长时间运行的工具添加进度条 ## 📄 许可证 ``` MIT License Copyright (c) 2026 Sanjairathinam Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. ``` ## ⚠️ 法律免责声明
### 🐉 由 CTF 选手构建,为 CTF 选手服务 *由 **[Sanjairathinam](https://github.com/SANJAIRATHINAM-R)** 用 ❤️ 创建 — DragonByte 创始人* *如果 DragonByte 帮助你拿下了 flag,请在 GitHub 上给它一个 ⭐!* **祝黑客愉快——在法律允许的范围内。** 🔐 [![GitHub stars](https://img.shields.io/github/stars/SANJAIRATHINAM-R/DragonByte-CTF-Toolkit-generation?style=social)](https://github.com/SANJAIRATHINAM-R/DragonByte-CTF-Toolkit-generation) [![GitHub forks](https://img.shields.io/github/forks/SANJAIRATHINAM-R/DragonByte-CTF-Toolkit-generation?style=social)](https://github.com/SANJAIRATHINAM-R/DragonByte-CTF-Toolkit-generation/fork) [![GitHub issues](https://img.shields.io/github/issues/SANJAIRATHINAM-R/DragonByte-CTF-Toolkit-generation?style=social)](https://github.com/SANJAIRATHINAM-R/DragonByte-CTF-Toolkit-generation/issues)
标签:Capture The Flag, CTF工具包, CTF辅助, CTI, DNS枚举, ESC4, IP 地址批量处理, LIDS, meg, OSINT, Python开发, Web安全, Windows内核, 信息安全, 内存扫描绕过, 命令行界面, 域名收集, 域环境安全, 安全工具集成, 安全教育, 密码学, 应用安全, 手动系统调用, 攻击路径可视化, 数字取证, 杂项分析, 白帽子, 终端工具, 网络安全工具, 自动化脚本, 蓝队分析, 逆向工具, 隐写术, 黑客工具