Category:OWASP CTF Project

Main
Welcome to the OWASP Capture The Flag (CTF) project!

First of all... sorry, but of course, we can not make the CTF and all challenges opensource. Hereby my apologies for not being as open as I want OWASP and OWASP projects to be. ..I know you understand!

Ahead of the OWASP AppSec-NY in 2009, the idea came up to supply an OWASP CTF event. This has been repeated successfully for the AppSec-EU 2009. Both developed by volunteering individuals, putting in a big amount of work, building the CTF from scratch. As the CTF event was warmly welcomed by those who participated, it was clear, the CTF has to become a event available for each OWASP event. To make this possible, the CTF project has been created!

The CTF
The OWASP CTF project is a web base hacking challenge application with challenges categorized in web, network and ‘others’. You require creativity, resourcefulness and networking skills to solve the various challenges.

what do I nee to anticipate
To anticipate on a CTF event, all you need is your laptop. Connection to the CTF should be able via wireless network. In some cases, it can be the conference venue disallow local wireless networks and the CTF will be accessible via LAN network.

joining the CTF
To anticipate in a CTF event, you can register on the online application. It's advisable the attendees have to register by the CTF organizer.

Roadmap

 * Rework framework
 * Developing challenges

playing the CTF
Playing: Register at the CTF organizer with your MAC address and participant name. Once you have access to the application, you register with your chosen game name and the game is started. You can join whenever you like when the game started until the declared end of the game. Rules: Scoring: For each solved challenge you get one point.
 * You play with your own laptop
 * The game is open during the conference time.
 * Attacking the CTF outside of the challenges results in disqualification
 * Attacking CTF competitors results in disqualification
 * Who has the most challenges solved wins.
 * By same score, first scored wins.
 * Groups and single player are treated the same

This is a proposal of rules. Those can be changed, depending on the event where the CTF is hold!

who can anticipate in the CTF

 * Single Players, every one can anticipate on a CTF event by him self
 * Groups, you can up with others and anticipate as group. Dividing the prices is the responsibility of the group members though

pointing system
With each challenge you can get a certain score, depending on the difficulty of the challenge. After solving a challenge, a key is gained. You will have to insert that key in your account screen and points are added to your account. In case of same number of points, who ever scores first wins!

categories
The challenges are categorized in Web, Networking and Forensic.
 * Web challenges
 * Networking challenges
 * Forensic challenges

score board
For each category, there will be 4 challenges in different difficulty:
 * 200 pointsu
 * 300 points
 * 500 points
 * 750 points

the CTF at your event
First of all... sorry, but of course, we can not make the CTF and all challenges opensource. Hereby my apologies for not being as open as I want OWASP and OWASP projects to be. There is no download where to get the CTF from.

..I know you understand! Nevertheless, I am sharing as much as I can.

= past events =


 * AppSec-EU Polen
 * AppSec-DC

= future events =
 * AppSec- Research
 * AppSec-Ireland

Downloads
As we can not make the current CTF and challenges available, we do release obsolete CTF's and challenges at its home on Google Code All available downloads can be found at its Google Code download location