Skip to content
/ RSA-2020-CTF Public
forked from jkuemerle/RSA-2020-CTF

Materials and references for RSA 2020 talk "Everyone Can Play!"

License

CC0-1.0 license
0 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

bethleekor/RSA-2020-CTF

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
events/RSAC2020
events/RSAC2020
 
 
plugin
plugin
 
 
reporting
reporting
 
 
scripts
scripts
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

Everyone Can Play! Building Great CTFs for Non-Security Folks

RSAC 2020 Learning Lab by @jkuemerle

Materials and references for RSA 2020 talk "Everyone Can Play!"

Workshop activites require local Docker and/or free Heroku account. Local execution of utility scripts requires Node.JS.

To perform command line configuration of Heroku install the Heroku CLI.

To prepare in advance, clone the this repository and the below repositories. If you will be working using local Docker you can build both the CTFd Docker Compose definition and the OWASP Juice Shop Docker image.

For the report building any basic reporting tool will work. The workshop will use a custom version of the Elasticsearch, Logstash, Kibana (ELK) Docker Image.

Repositories

CTFd

Customized, Heroku ready version of CTFd: https://github.com/jkuemerle/CTFd-RSAC2020

OWASP Juice Shop

Customized, Heroku ready version of OWASP Juice Shop: https://github.com/jkuemerle/juice-shop-rsa-2020

Reporting

Customized ELK: https://github.com/jkuemerle/elk-docker

Self Provision

Utility for self provisioning: https://github.com/jkuemerle/rsa-ctf-provision

Utility Scripts

Are located in the scripts folder.

Juice Shop Challenge Extractor

Extracts challenges from a running Juice Shop instance.

npm install -g juice-shop-ctf-cli
juice-shop-ctf

Unzip file to the events\RSAC2020 subdirectory.

JSON to YAML Converter

Converts exported Juice Shop CTFd data (Challenges/Flags/Hints) to YAML file.

From scripts folder

node yfromjs.js -c "..\events\RSAC2020\db\challenges.json" -f "..\events\RSAC2020\db\flags.json" -h "..\events\RSAC2020\db\hints.json" -o "..\events\RSAC2020\challenges.yml"

YAML to Challenge Converter

Converts YAML document to Challenges/Flags/Hints and updates any Pages

From scripts folder

node ctfdFromYaml.js -o "..\events\RSAC2020\db" -p "..\events\RSAC2020\pages" -i "..\events\RSAC2020\challenges.yml"

Create Event Zip File

Creates an event specific zip file for an instance.

From scripts folder

node createExport.js -i "..\events\RSAC2020" -o "..\events\RSAC2020\export.zip"

Copy the export.zip to the CTFd events subdirectory.

Create Event CTFd archive for self provision

From scripts folder

node buildCTFdArchive.js -o "..\..\rsa-ctf-provision\public\ctfd.tar.gz" -i "..\..\rsa-ctfd-work"

Create JuiceShop arhcive for self provision

From scripts folder

node buildCTFdArchive.js -o "..\..\rsa-ctf-provision\public\juiceshop.tar.gz" -i "..\..\rsa-juice-shop"

Build Script

Builds the CTFd instance.

Integrated Challenge

Custom integrated challenge plugin for CTFd https://github.com/salesforce/integrated_challenge

Extension and Customization

Starter code is in /plugin

Reporting

Kibana: http://localhost:5601/app/kibana

Google sheets, import CSVs, delete id & team_id column from Solves and Solutions

Notes

Create Heroku application for CTFd:

heroku apps:create <app name>

Change application stack to container

heroku stack:set container

About

Materials and references for RSA 2020 talk "Everyone Can Play!"

Resources

Readme

License

CC0-1.0 license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • JavaScript 43.3%
  • Python 30.4%
  • HTML 26.3%