This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Category:OWASP CTF Project"

From OWASP
Jump to: navigation, search
Line 1: Line 1:
 
==== Main ====
 
==== Main ====
 
<b>Welcome to the OWASP Capture The Flag (CTF) project!</b><br>
 
<b>Welcome to the OWASP Capture The Flag (CTF) project!</b><br>
 +
 +
== What is the CTF ==
 +
 +
The OWASP CTF project is a web base hacking challenge application with challenges categorized in web, network and ‘others’. You require creativity, resourcefulness and networking skills to solve the various challenges.
 +
 +
== Open Source? ==
  
 
First of all... sorry, but of course, we can not make the CTF and all challenges opensource.
 
First of all... sorry, but of course, we can not make the CTF and all challenges opensource.
Hereby my apologies for not being as open as I want OWASP and OWASP projects to be.
+
Hereby my apologies for not being as open as I want OWASP and OWASP projects to be. <br>
 
..I know you understand!
 
..I know you understand!
  
Line 9: Line 15:
 
As the CTF event was warmly welcomed by those who participated, it was clear, the CTF has to become a event available for each OWASP event. To make this possible, the CTF project has been created!
 
As the CTF event was warmly welcomed by those who participated, it was clear, the CTF has to become a event available for each OWASP event. To make this possible, the CTF project has been created!
  
== The CTF ==
 
  
The OWASP CTF project is a web base hacking challenge application with challenges categorized in web, network and ‘others’. You require creativity, resourcefulness and networking skills to solve the various challenges.
+
==== the CTF at your event ====
=== what do I nee to anticipate ===
+
 
To anticipate on a CTF event, all you need is your laptop.
+
Unfortunately, and I guess you understanFirst of all... sorry, but of course, we can not make the CTF and all challenges opensource. Hereby my apologies for not being as open as I want OWASP and OWASP projects to be.
Connection to the CTF should be able via wireless network.
+
There is no download where to get the CTF from.
In some cases, it can be the conference venue disallow local wireless networks and the CTF will be accessible via LAN network.
+
 
=== joining the CTF ===
+
..I know you understand!
To anticipate in a CTF event, you can register on the online application. It's advisable the attendees have to register by the CTF organizer.
+
Nevertheless, I am sharing as much as I can.  
 +
 
 +
 
 +
= past events =  
 +
 
 +
* AppSec-EU Polen
 +
* AppSec-DC
  
  
== Roadmap ==
+
= future events =  
 +
* AppSec- Research
 +
* AppSec-Ireland
  
* Rework framework
+
==== Playing the CTF ====
* Developing challenges
+
The rules to participate and playing the CTF might change depending to the event the CTF is organized at.
==== playing the CTF ====
+
What you find below is what we think, the CTF should be done.. ;-)
Playing:
+
 
 +
== Participating: ==
 
Register at the CTF organizer with your MAC address and participant name. Once you have access to the application, you register with your chosen game name and the game is started.
 
Register at the CTF organizer with your MAC address and participant name. Once you have access to the application, you register with your chosen game name and the game is started.
 
You can join whenever you like when the game started until the declared end of the game.
 
You can join whenever you like when the game started until the declared end of the game.
Rules:
+
== Rules: ==
 
* You play with your own laptop
 
* You play with your own laptop
 
* The game is open during the conference time.
 
* The game is open during the conference time.
 
* Attacking the CTF outside of the challenges results in disqualification
 
* Attacking the CTF outside of the challenges results in disqualification
 
* Attacking CTF competitors results in disqualification
 
* Attacking CTF competitors results in disqualification
Scoring:
+
== Scoring: ==
 
For each solved challenge you get one point.  
 
For each solved challenge you get one point.  
 
* Who has the most challenges solved wins.
 
* Who has the most challenges solved wins.
Line 54: Line 68:
 
* Networking challenges
 
* Networking challenges
 
* Forensic challenges
 
* Forensic challenges
 +
The current CTF contains the following categories:
 +
* Web
 +
* Networking
 +
* Others
  
 
== score board ==
 
== score board ==
Line 61: Line 79:
 
* 500 points
 
* 500 points
 
* 750 points
 
* 750 points
 
==== the CTF at your event ====
 
 
First of all... sorry, but of course, we can not make the CTF and all challenges opensource. Hereby my apologies for not being as open as I want OWASP and OWASP projects to be.
 
There is no download where to get the CTF from.
 
 
..I know you understand!
 
Nevertheless, I am sharing as much as I can.
 
 
 
= past events =
 
 
* AppSec-EU Polen
 
* AppSec-DC
 
 
 
= future events =
 
* AppSec- Research
 
* AppSec-Ireland
 
  
 
==== Downloads ====
 
==== Downloads ====
Line 86: Line 85:
 
All available downloads can be found at [http://code.google.com/p/owaspctf/downloads/list its Google Code download location]
 
All available downloads can be found at [http://code.google.com/p/owaspctf/downloads/list its Google Code download location]
  
 +
==== Roadmap ====
 +
 +
* Development
 +
** Challenges
 +
 +
* Obsolete
 
==== Project Identification ====
 
==== Project Identification ====
  

Revision as of 21:30, 14 July 2010

Main

Welcome to the OWASP Capture The Flag (CTF) project!

What is the CTF

The OWASP CTF project is a web base hacking challenge application with challenges categorized in web, network and ‘others’. You require creativity, resourcefulness and networking skills to solve the various challenges.

Open Source?

First of all... sorry, but of course, we can not make the CTF and all challenges opensource. Hereby my apologies for not being as open as I want OWASP and OWASP projects to be.
..I know you understand!

Ahead of the OWASP AppSec-NY in 2009, the idea came up to supply an OWASP CTF event. This has been repeated successfully for the AppSec-EU 2009. Both developed by volunteering individuals, putting in a big amount of work, building the CTF from scratch. As the CTF event was warmly welcomed by those who participated, it was clear, the CTF has to become a event available for each OWASP event. To make this possible, the CTF project has been created!


the CTF at your event

Unfortunately, and I guess you understanFirst of all... sorry, but of course, we can not make the CTF and all challenges opensource. Hereby my apologies for not being as open as I want OWASP and OWASP projects to be. There is no download where to get the CTF from.

..I know you understand! Nevertheless, I am sharing as much as I can.


  • AppSec-EU Polen
  • AppSec-DC


  • AppSec- Research
  • AppSec-Ireland

Playing the CTF

The rules to participate and playing the CTF might change depending to the event the CTF is organized at. What you find below is what we think, the CTF should be done.. ;-)

Participating:

Register at the CTF organizer with your MAC address and participant name. Once you have access to the application, you register with your chosen game name and the game is started. You can join whenever you like when the game started until the declared end of the game.

Rules:

  • You play with your own laptop
  • The game is open during the conference time.
  • Attacking the CTF outside of the challenges results in disqualification
  • Attacking CTF competitors results in disqualification

Scoring:

For each solved challenge you get one point.

  • Who has the most challenges solved wins.
  • By same score, first scored wins.
  • Groups and single player are treated the same

This is a proposal of rules. Those can be changed, depending on the event where the CTF is hold!

who can anticipate in the CTF

  • Single Players, every one can anticipate on a CTF event by him self
  • Groups, you can up with others and anticipate as group. Dividing the prices is the responsibility of the group members though


pointing system

With each challenge you can get a certain score, depending on the difficulty of the challenge. After solving a challenge, a key is gained. You will have to insert that key in your account screen and points are added to your account. In case of same number of points, who ever scores first wins!


categories

The challenges are categorized in Web, Networking and Forensic.

  • Web challenges
  • Networking challenges
  • Forensic challenges

The current CTF contains the following categories:

  • Web
  • Networking
  • Others

score board

For each category, there will be 4 challenges in different difficulty:

  • 200 pointsu
  • 300 points
  • 500 points
  • 750 points

Downloads

As we can not make the current CTF and challenges available, we do release obsolete CTF's and challenges at its home on Google Code
All available downloads can be found at its Google Code download location

Roadmap

  • Development
    • Challenges
  • Obsolete

Project Identification


PROJECT INFO
What does this OWASP project offer you?
RELEASE(S) INFO
What does this OWASP project release offer you?
what is this project?
OWASP CTF Project

Purpose: Waiting for definition.

License: N/A

who is working on this project?
Project Leader: Steven van der Baan @

Project Maintainer:

Project Contributor(s):

how can you learn more?
Project Pamphlet: N/A

3x slide Project Presentation: N/A

Mailing list: Subscribe or read the archives

Project Roadmap: To view, click here

Main links: N/A

Project Health: Yellow button.JPG Not Reviewed (Provisional)
To be reviewed under Assessment Criteria v2.0

Key Contacts
  • Contact Steven van der Baan @ to contribute, review or sponsor this project
  • Contact the GPC to report a problem or concern about this project or to update information.
current release
First Release - Unknown Date - (no download available)

Release Leader: N/A

Release details: Main links, release roadmap and assessment

Rating: Yellow button.JPG Not Reviewed
To be reviewed under Assessment Criteria v2.0



This category currently contains no pages or media.