This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Category:OWASP CTF Project

From OWASP
Revision as of 21:00, 14 July 2010 by Martinknobloch (talk | contribs)

Jump to: navigation, search

Main

Welcome to the OWASP Capture The Flag (CTF) project!

First of all... sorry, but of course, we can not make the CTF and all challenges opensource. Hereby my apologies for not being as open as I want OWASP and OWASP projects to be. ..I know you understand!

Ahead of the OWASP AppSec-NY in 2009, the idea came up to supply an OWASP CTF event. This has been repeated successfully for the AppSec-EU 2009. Both developed by volunteering individuals, putting in a big amount of work, building the CTF from scratch. As the CTF event was warmly welcomed by those who participated, it was clear, the CTF has to become a event available for each OWASP event. To make this possible, the CTF project has been created!

The CTF

The OWASP CTF project is a web base hacking challenge application with challenges categorized in web, network and ‘others’. You require creativity, resourcefulness and networking skills to solve the various challenges.

what do I nee to anticipate

To anticipate on a CTF event, all you need is your laptop. Connection to the CTF should be able via wireless network. In some cases, it can be the conference venue disallow local wireless networks and the CTF will be accessible via LAN network.

joining the CTF

To anticipate in a CTF event, you can register on the online application. It's advisable the attendees have to register by the CTF organizer.


Roadmap

  • Rework framework
  • Developing challenges

playing the CTF

Playing: Register at the CTF organizer with your MAC address and participant name. Once you have access to the application, you register with your chosen game name and the game is started. You can join whenever you like when the game started until the declared end of the game. Rules:

  • You play with your own laptop
  • The game is open during the conference time.
  • Attacking the CTF outside of the challenges results in disqualification
  • Attacking CTF competitors results in disqualification

Scoring: For each solved challenge you get one point.

  • Who has the most challenges solved wins.
  • By same score, first scored wins.
  • Groups and single player are treated the same

This is a proposal of rules. Those can be changed, depending on the event where the CTF is hold!

who can anticipate in the CTF

  • Single Players, every one can anticipate on a CTF event by him self
  • Groups, you can up with others and anticipate as group. Dividing the prices is the responsibility of the group members though


pointing system

With each challenge you can get a certain score, depending on the difficulty of the challenge. After solving a challenge, a key is gained. You will have to insert that key in your account screen and points are added to your account. In case of same number of points, who ever scores first wins!


categories

The challenges are categorized in Web, Networking and Forensic.

  • Web challenges
  • Networking challenges
  • Forensic challenges

score board

For each category, there will be 4 challenges in different difficulty:

  • 200 pointsu
  • 300 points
  • 500 points
  • 750 points

the CTF at your event

First of all... sorry, but of course, we can not make the CTF and all challenges opensource. Hereby my apologies for not being as open as I want OWASP and OWASP projects to be. There is no download where to get the CTF from.

..I know you understand! Nevertheless, I am sharing as much as I can.


  • AppSec-EU Polen
  • AppSec-DC


  • AppSec- Research
  • AppSec-Ireland

Downloads

As we can not make the current CTF and challenges available, we do release obsolete CTF's and challenges at its home on Google Code
All available downloads can be found at its Google Code download location

Project Identification


PROJECT INFO
What does this OWASP project offer you?
RELEASE(S) INFO
What does this OWASP project release offer you?
what is this project?
OWASP CTF Project

Purpose: Waiting for definition.

License: N/A

who is working on this project?
Project Leader: Steven van der Baan @

Project Maintainer:

Project Contributor(s):

how can you learn more?
Project Pamphlet: N/A

3x slide Project Presentation: N/A

Mailing list: Subscribe or read the archives

Project Roadmap: To view, click here

Main links: N/A

Project Health: Yellow button.JPG Not Reviewed (Provisional)
To be reviewed under Assessment Criteria v2.0

Key Contacts
  • Contact Steven van der Baan @ to contribute, review or sponsor this project
  • Contact the GPC to report a problem or concern about this project or to update information.
current release
First Release - Unknown Date - (no download available)

Release Leader: N/A

Release details: Main links, release roadmap and assessment

Rating: Yellow button.JPG Not Reviewed
To be reviewed under Assessment Criteria v2.0



This category currently contains no pages or media.