Created
January 4, 2017 04:23
-
-
Save queencitycyber/d17f0093ee0130f3d4c4488b57d06986 to your computer and use it in GitHub Desktop.
Running guide for CTF's
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Good detailed info on running solid CTF: https://github.com/pwning/docs/blob/master/suggestions-for-running-a-ctf.markdown | |
| General Notes: | |
| - Announce on ctftime.org | |
| - Make flag easy! | |
| "Flag=somsomething" | |
| - Make flag very permissible (insensitive, accept multiple features, etc) | |
| - Deliver files via HTTP | |
| Existing Frameworks/Platforms: | |
| - CTFd (Python) - https://github.com/isislab/CTFd | |
| - Jeopardy style | |
| - Facebook CTF (PHP) - https://github.com/facebook/fbctf | |
| - Jeopardy and KotH | |
| - Mellivora (PHP) - https://github.com/Nakiami/mellivora | |
| - Arbitrary categories/challenges | |
| - NightShade (Python) - https://github.com/UnrealAkama/NightShade | |
| - Includes blackbox testing | |
| - RootTheBox (Python) - https://github.com/moloch--/RootTheBox | |
| - Wargame ability; very detailed with tons of features | |
| - Scorebot 3.0 - https://github.com/dichotomy/scorebot | |
| - Red VS Blue CTF scoring engine | |
| - Vagrant box to deploy Scorebot - https://github.com/gi0cann/scorebot-vagrant | |
| - pwntools (Python) - https://docs.pwntools.com/en/stable/index.html | |
| - Primarily focused on exploit developement | |
| Helpful Resources to get running: | |
| - Veewee - https://github.com/jedi4ever/veewee | |
| - Used for rapidly deploying and configuring Vagrant base boxes or standard virtual machines | |
| - Stripe CTF - https://github.com/bazaarvoice/stripe-ctf-2-vm | |
| - Primarily aimed at web developers to grasp web security concepts | |
| - Hack UCF, Challenges for Binary Exploitation Workshop - https://github.com/kablaa/CTF-Workshop | |
| - Bit more focused more on binary exploitation with C and Python | |
| - Still good repo with decent set of examples | |
| Tools/Resources for solving CTF | |
| - Zardus(primarily reversing/binary tools) - https://github.com/zardus/ctf-tools/ | |
| - EpicTreasure (Vargant VM with built in CTF tools) - https://github.com/ctfhacker/EpicTreasure | |
| - v0lt (Python) - https://github.com/P1kachu/v0lt | |
| Writeups for inspiration: | |
| - http://captf.com/ | |
| - https://github.com/ctfs/ | |
| - https://github.com/smokeleeteveryday/CTF_WRITEUPS | |
| - https://github.com/Gallopsled/pwntools-write-ups |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment