GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → bkimminich → Juice Shop Ctf

bkimminich / Juice Shop Ctf

Licence: mit
Capture-the-Flag (CTF) environment setup tools for OWASP Juice Shop

Programming Languages

javascript
184084 projects - #8 most used programming language

Labels

hacktoberfesthackingpentestingctfowaspapplication-security

Projects that are alternatives of or similar to Juice Shop Ctf

Juice Shop
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Stars: ✭ 6,270 (+2534.45%)
Mutual labels:  hacktoberfest, hacking, pentesting, ctf, owasp, application-security
juice-shop-ctf
Capture-the-Flag (CTF) environment setup tools for OWASP Juice Shop supporting CTFd, FBCTF and RootTheBox
Stars: ✭ 287 (+20.59%)
Mutual labels:  owasp, application-security, pentesting, ctf
Whatweb
Next generation web scanner
Stars: ✭ 3,503 (+1371.85%)
Mutual labels:  hacking, pentesting, owasp, application-security
Ciphey
⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡
Stars: ✭ 9,116 (+3730.25%)
Mutual labels:  hacktoberfest, hacking, pentesting, ctf
juice-shop
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Stars: ✭ 7,533 (+3065.13%)
Mutual labels:  owasp, application-security, ctf
Resources-for-Application-Security
Some good resources for getting started with application security
Stars: ✭ 97 (-59.24%)
Mutual labels:  owasp, application-security, ctf
Fdsploit
File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.
Stars: ✭ 199 (-16.39%)
Mutual labels:  hacking, pentesting, owasp
Rustscan
🤖 The Modern Port Scanner 🤖
Stars: ✭ 5,218 (+2092.44%)
Mutual labels:  hacktoberfest, hacking, pentesting
Wstg
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
Stars: ✭ 3,873 (+1527.31%)
Mutual labels:  pentesting, owasp, application-security
Security Tools
Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.
Stars: ✭ 509 (+113.87%)
Mutual labels:  hacking, pentesting, ctf
Name That Hash
🔗 Don't know what type of hash it is? Name That Hash will name that hash type! 🤖 Identify MD5, SHA256 and 3000+ other hashes ☄ Comes with a neat web app 🔥
Stars: ✭ 540 (+126.89%)
Mutual labels:  hacktoberfest, hacking, ctf
Getjs
A tool to fastly get all javascript sources/files
Stars: ✭ 190 (-20.17%)
Mutual labels:  hacktoberfest, hacking, pentesting
Awesome Privilege Escalation
A curated list of awesome privilege escalation
Stars: ✭ 413 (+73.53%)
Mutual labels:  hacking, pentesting, ctf
Pentesting toolkit
🏴‍☠️ Tools for pentesting, CTFs & wargames. 🏴‍☠️
Stars: ✭ 1,268 (+432.77%)
Mutual labels:  hacking, pentesting, ctf
Spellbook
Micro-framework for rapid development of reusable security tools
Stars: ✭ 53 (-77.73%)
Mutual labels:  hacking, pentesting, ctf
Awesome Hacking Resources
A collection of hacking / penetration testing resources to make you better!
Stars: ✭ 11,466 (+4717.65%)
Mutual labels:  hacking, ctf, owasp
Awesome Devsecops
Curating the best DevSecOps resources and tooling.
Stars: ✭ 188 (-21.01%)
Mutual labels:  hacktoberfest, application-security
Stegseek
⚡️ Worlds fastest steghide cracker, chewing through millions of passwords per second ⚡️
Stars: ✭ 187 (-21.43%)
Mutual labels:  pentesting, ctf
Mosint
An automated e-mail OSINT tool
Stars: ✭ 184 (-22.69%)
Mutual labels:  hacking, pentesting
Webmap
A Python tool used to automate the execution of the following tools : Nmap , Nikto and Dirsearch but also to automate the report generation during a Web Penetration Testing
Stars: ✭ 188 (-21.01%)
Mutual labels:  hacking, pentesting
View All Similar Projects ➔

Juice Shop CTF Logo OWASP Juice Shop CTF Extension

OWASP Flagship
GitHub release
Twitter Follow
Subreddit subscribers

Build Status Docker Cloud Build Status Coverage Status Code Climate Code Climate technical debt
GitHub stars

The Node package juice-shop-ctf-cli helps you to prepare Capture the Flag events with the OWASP Juice Shop challenges for different popular CTF frameworks. This interactive utility allows you to populate a CTF game server in a matter of minutes.

Screenshot of juice-shop-ctf-cli in Powershell

Supported CTF Frameworks

The following open source CTF frameworks are supported by juice-shop-ctf-cli:

Setup node npm npm npm bundle size 

npm install -g juice-shop-ctf-cli

Usage

Interactive Mode

Open a command line and run:

juice-shop-ctf

Then follow the instructions of the interactive command line tool.

Configuration File

Instead of answering questions in the CLI you can also provide your desired configuration in a file with the following format:

ctfFramework: CTFd | FBCTF | RootTheBox
juiceShopUrl: https://juice-shop.herokuapp.com
ctfKey: https://raw.githubusercontent.com/bkimminich/juice-shop/master/ctf.key # can also be actual key instead URL
countryMapping: https://raw.githubusercontent.com/bkimminich/juice-shop/master/config/fbctf.yml # ignored for CTFd and RootTheBox
insertHints: none | free | paid
insertHintUrls: none | free | paid # optional for FBCTF

You can then run the generator with:

juice-shop-ctf --config myconfig.yml

Optionally you can also choose the name of the output file:

juice-shop-ctf --config myconfig.yml --output challenges.out

Docker Container Docker Automated build Docker Pulls Docker Stars

Share your current directory with the /data volume of your bkimminich/juice-shop-ctf Docker container and run the interactive mode with:

docker run -ti --rm -v $(pwd):/data bkimminich/juice-shop-ctf

Alternatively you can provide a configuration file via:

docker run -ti --rm -v $(pwd):/data bkimminich/juice-shop-ctf --config myconfig.yml

Choosing the name of the output file is also possible:

docker run -ti --rm -v $(pwd):/data bkimminich/juice-shop-ctf --config myconfig.yml --output challenges.out

For detailed step-by-step instructions and examples please refer to the Hosting a CTF event chapter in our (free) companion guide ebook.

Screenshots

CTFd challenge overview

FBCTF world map

RTB challenge boxes

Troubleshooting Gitter

If you need help with the application setup please check the Troubleshooting section below or post your specific problem or question in the official Gitter Chat.

  • If using Docker Toolbox on Windows make sure that you also enable port forwarding for all required ports from Host 127.0.0.1:XXXX to 0.0.0.0:XXXX for TCP in the default VM's network adapter in VirtualBox. For CTFd you need to forward port 8000.

Contributing GitHub contributors

Found a bug? Got an idea for enhancement? Improvement for cheating prevention?

Feel free to create an issue or post your ideas in the chat! Pull requests are also highly welcome - please refer to CONTRIBUTING.md for details.

Donations

The OWASP Foundation gratefully accepts donations via Stripe. Projects such as Juice Shop can then request reimbursement for expenses from the Foundation. If you'd like to express your support of the Juice Shop project, please make sure to tick the "Publicly list me as a supporter of OWASP Juice Shop" checkbox on the donation form. You can find our more about donations and how they are used here:

https://pwning.owasp-juice.shop/part3/donations.html

Contributors

The OWASP Juice Shop core project team are:

For a list of all contributors to the OWASP Juice Shop CTF Extension please visit our HALL_OF_FAME.md.

Licensing license

This program is free software: you can redistribute it and/or modify it under the terms of the MIT license. OWASP Juice Shop CTF Extension and any contributions are Copyright © by Bjoern Kimminich 2016-2021.

Juice Shop CTF Logo

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].