This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

OWASP Hacking-the Pentest Tutor Game

From OWASP
Jump to: navigation, search
OWASP Project Header.jpg

OWASP Pentest Tutor Game Project

This is a pentest tutor/training game. It was started because of the lack of games related to information security. We are trying to improve the awareness of information security through this game. Make the learning fun. Help people get started with pentest more easily. Also, demonstrate the process for a bad guy to compromise others' PC's, mobile devices, workstations by exploiting the low-hanging fruits.

Nowadays, it's getting cheaper and easier to launch websites and other internet services. However, many site/service admin/owner don't understand or even be aware of the security risks. Those sites/hosts rarely get maintained/upgraded. That leaves tons of vulnerable sites/hosts open on the Internet.

Recently, there are several fun games & applications sprung out for learning programming. Why don't we make it fun to learn security as well?

Meanwhile, by modeling the environment, the simulation engine could serve as a lightweight lab. Pentester could practise on the platform. It also eliminates the risk of being involved in any legal issues.

Description

Hacking is an open-source pentest tutor/training game. It simulates the environments and the processes of hacking/pentest. The purpose of this game is to:

  • Educate people, developers, ops, and system admins about hacking/pentest;
  • Provide pentesters a simulation environment to prectise pentest;
  • Security experts & professors to develop, test, and evaluate pentest automation/semi-automation tools.

In this game, player can learn and explore the basis of pentest, including some essential concepts & tools:

  • Concepts: reconnaissance, scanning, exploitation, maintaining access, (social engineering - TO-DO)
  • Tools: host, ping, telnet, Nmap, OpenVAS, Metasploit, Meterpreter

Player will also be able to levarage one or more planners to automation robots which can aid the players in the game process.

Licensing

Apache 2.0

Project Resources

https://github.com/StaymanHou/Hacking-the-Pentest-Tutor-Game

Project Leader

Stayman Hou

Related Projects

Classifications

Project Type Files TOOL.jpg
Incubator Project
Apache 2.0

News and Events

Project offically started - Mar 11, 2015

TO-DO


Contributors

Stayman Hou

Roadmap

2nd Quarter: Beta release. Game should be playable in general.

3rd Quarter: Bug fix and enhancement. Game should be able to run smoothly in most occations.

4th Quarter: First release. Improve details, implement AI engine, automate/semi-automate the build & deliver process.

Getting Involved

Everyone is welcomed to contribute to this project. The primary repository is hosted on github - https://github.com/StaymanHou/Hacking-the-Pentest-Tutor-Game

You can contribute by testing the game on your devices, reporting bugs, developing the game, and making documentations. You may fork and make pull requests, open issues, and request new features. If you want to make pull requests, it's recommended to run the tests before you do it.

For any other issues, please contact Stayman Hou.


A set of executable binaries for a variety of platforms, including Windows, Mac, Linux, iOS & Andriod