Difference between revisions of "Category:OWASP CTF Project"

From OWASP
Jump to: navigation, search
(score board)
Line 1: Line 1:
 
==== Main ====
 
==== Main ====
Welcome to the OWASP Capture The Flag (CTF) project!
+
<b>Welcome to the OWASP Capture The Flag (CTF) project!</b><br>
  
= Overview =
+
First of all... sorry, but of course, we can not make the CTF and all challenges opensource.
 +
Hereby my apologies for not being as open as I want OWASP and OWASP projects to be.
 +
..I know you understand!
  
 
Ahead of the OWASP AppSec-NY in 2009, the idea came up to supply an OWASP CTF event. This has been repeated successfully for the AppSec-EU 2009. Both developed by volunteering individuals, putting in a big amount of work, building the CTF from scratch.
 
Ahead of the OWASP AppSec-NY in 2009, the idea came up to supply an OWASP CTF event. This has been repeated successfully for the AppSec-EU 2009. Both developed by volunteering individuals, putting in a big amount of work, building the CTF from scratch.
 
As the CTF event was warmly welcomed by those who participated, it was clear, the CTF has to become a event available for each OWASP event. To make this possible, the CTF project has been created!
 
As the CTF event was warmly welcomed by those who participated, it was clear, the CTF has to become a event available for each OWASP event. To make this possible, the CTF project has been created!
  
== CTF rules ==
+
== The CTF ==
This is a proposal of rules. Those can be changed, depending on the event where the CTF is hold!
+
=== who can anticipate in the CTF ===
+
*  Single Players, every one can anticipate on a CTF event by him self
+
*  Groups, you can up with others and anticipate as group. Dividing the prices is the responsibility of the group members though
+
  
 +
The OWASP CTF project is a web base hacking challenge application with challenges categorized in web, network and ‘others’. You require creativity, resourcefulness and networking skills to solve the various challenges.
 
=== what do I nee to anticipate ===
 
=== what do I nee to anticipate ===
 
To anticipate on a CTF event, all you need is your laptop.
 
To anticipate on a CTF event, all you need is your laptop.
Line 19: Line 18:
 
=== joining the CTF ===
 
=== joining the CTF ===
 
To anticipate in a CTF event, you can register on the online application. It's advisable the attendees have to register by the CTF organizer.
 
To anticipate in a CTF event, you can register on the online application. It's advisable the attendees have to register by the CTF organizer.
 
=== pointing system ===
 
With each challenge you can get a certain score, depending on the difficulty of the challenge. After solving a challenge, a key is gained. You will have to insert that key in your account screen and points are added to your account. In case of same number of points, who ever scores first wins!
 
  
=== tool usage ===
 
  
 +
== Roadmap ==
  
== setup ==
+
* Rework framework
The CTF has to be hosted on a single server, depending on the number of attendees. The CTF is accessible via Wireless network.
+
* Developing challenges
 +
 
 +
==== the CTF at your event ====
 +
 
 +
First of all... sorry, but of course, we can not make the CTF and all challenges opensource. Hereby my apologies for not being as open as I want OWASP and OWASP projects to be.
 +
There is no download where to get the CTF from.
 +
 
 +
..I know you understand!
 +
Nevertheless, I am sharing as much as I can.
 +
 
 +
 
 +
= past events =
 +
 
 +
* AppSec-EU Polen
 +
* AppSec-DC
 +
 
 +
 
 +
= future events =
 +
* AppSec- Research
 +
* AppSec-Ireland
 +
 
 +
==== playing the CTF ====
 +
Playing:
 +
Register at the CTF organizer with your MAC address and participant name. Once you have access to the application, you register with your chosen game name and the game is started.
 +
You can join whenever you like when the game started until the declared end of the game.
 +
Rules:
 +
* You play with your own laptop
 +
* The game is open during the conference time.
 +
* Attacking the CTF outside of the challenges results in disqualification
 +
* Attacking CTF competitors results in disqualification
 +
Scoring:
 +
For each solved challenge you get one point.
 +
* Who has the most challenges solved wins.
 +
* By same score, first scored wins.
 +
* Groups and single player are treated the same
 +
 
 +
This is a proposal of rules. Those can be changed, depending on the event where the CTF is hold!
 +
=== who can anticipate in the CTF ===
 +
*  Single Players, every one can anticipate on a CTF event by him self
 +
*  Groups, you can up with others and anticipate as group. Dividing the prices is the responsibility of the group members though
 +
 
 +
 +
=== pointing system ===
 +
With each challenge you can get a certain score, depending on the difficulty of the challenge. After solving a challenge, a key is gained. You will have to insert that key in your account screen and points are added to your account. In case of same number of points, who ever scores first wins!
  
  
Line 38: Line 77:
 
== score board ==
 
== score board ==
 
For each category, there will be 4 challenges in different difficulty:
 
For each category, there will be 4 challenges in different difficulty:
* 200 points
+
* 200 pointsu
 
* 300 points
 
* 300 points
 
* 500 points
 
* 500 points
 
* 750 points
 
* 750 points
 
== Roadmap ==
 
 
* Rework framework
 
* Developing challenges
 
 
  
 
==== Project Identification ====
 
==== Project Identification ====

Revision as of 15:35, 18 June 2010

Main

Welcome to the OWASP Capture The Flag (CTF) project!

First of all... sorry, but of course, we can not make the CTF and all challenges opensource. Hereby my apologies for not being as open as I want OWASP and OWASP projects to be. ..I know you understand!

Ahead of the OWASP AppSec-NY in 2009, the idea came up to supply an OWASP CTF event. This has been repeated successfully for the AppSec-EU 2009. Both developed by volunteering individuals, putting in a big amount of work, building the CTF from scratch. As the CTF event was warmly welcomed by those who participated, it was clear, the CTF has to become a event available for each OWASP event. To make this possible, the CTF project has been created!

The CTF

The OWASP CTF project is a web base hacking challenge application with challenges categorized in web, network and ‘others’. You require creativity, resourcefulness and networking skills to solve the various challenges.

what do I nee to anticipate

To anticipate on a CTF event, all you need is your laptop. Connection to the CTF should be able via wireless network. In some cases, it can be the conference venue disallow local wireless networks and the CTF will be accessible via LAN network.

joining the CTF

To anticipate in a CTF event, you can register on the online application. It's advisable the attendees have to register by the CTF organizer.


Roadmap

  • Rework framework
  • Developing challenges

the CTF at your event

First of all... sorry, but of course, we can not make the CTF and all challenges opensource. Hereby my apologies for not being as open as I want OWASP and OWASP projects to be. There is no download where to get the CTF from.

..I know you understand! Nevertheless, I am sharing as much as I can.


[edit]

  • AppSec-EU Polen
  • AppSec-DC


  • AppSec- Research
  • AppSec-Ireland

playing the CTF

Playing: Register at the CTF organizer with your MAC address and participant name. Once you have access to the application, you register with your chosen game name and the game is started. You can join whenever you like when the game started until the declared end of the game. Rules:

  • You play with your own laptop
  • The game is open during the conference time.
  • Attacking the CTF outside of the challenges results in disqualification
  • Attacking CTF competitors results in disqualification

Scoring: For each solved challenge you get one point.

  • Who has the most challenges solved wins.
  • By same score, first scored wins.
  • Groups and single player are treated the same

This is a proposal of rules. Those can be changed, depending on the event where the CTF is hold!

who can anticipate in the CTF

  • Single Players, every one can anticipate on a CTF event by him self
  • Groups, you can up with others and anticipate as group. Dividing the prices is the responsibility of the group members though


pointing system

With each challenge you can get a certain score, depending on the difficulty of the challenge. After solving a challenge, a key is gained. You will have to insert that key in your account screen and points are added to your account. In case of same number of points, who ever scores first wins!


categories

The challenges are categorized in Web, Networking and Forensic.

  • Web challenges
  • Networking challenges
  • Forensic challenges

score board

For each category, there will be 4 challenges in different difficulty:

  • 200 pointsu
  • 300 points
  • 500 points
  • 750 points

Project Identification


PROJECT INFO
What does this OWASP project offer you?
RELEASE(S) INFO
What does this OWASP project release offer you?
what is this project?
OWASP CTF Project

Purpose: Waiting for definition.

License: N/A

who is working on this project?
Project Leader: Steven van der Baan @

Project Maintainer:

Project Contributor(s):

how can you learn more?
Project Pamphlet: N/A

3x slide Project Presentation: N/A

Mailing list: Subscribe or read the archives

Project Roadmap: To view, click here

Main links: N/A

Project Health: Yellow button.JPG Not Reviewed (Provisional)
To be reviewed under Assessment Criteria v2.0

Key Contacts
  • Contact Steven van der Baan @ to contribute, review or sponsor this project
  • Contact the GPC to report a problem or concern about this project or to update information.
current release
First Release - Unknown Date - (no download available)

Release Leader: N/A

Release details: Main links, release roadmap and assessment

Rating: Yellow button.JPG Not Reviewed
To be reviewed under Assessment Criteria v2.0



This category currently contains no pages or media.