The NPM package
lets you create a archive files for conveniently import
OWASP Juice Shop challenges into different
Capture the Flag
frameworks. This allows you to populate a CTF game server in a matter of
Supported CTF Frameworks
The following open source CTF frameworks are supported by
npm install -g juice-shop-ctf-cli
Open a command line and run:
Then follow the instructions of the interactive command line tool.
Instead of answering questions in the CLI you can also provide your desired configuration in a file with the following format:
ctfFramework: CTFd | FBCTF juiceShopUrl: https://juice-shop.herokuapp.com ctfKey: https://raw.githubusercontent.com/bkimminich/juice-shop/master/ctf.key # can also be actual key instead URL countryMapping: https://raw.githubusercontent.com/bkimminich/juice-shop/master/config/fbctf.yml insertHints: none | free | paid insertHintUrls: none | free | paid
You can then run the generator with:
juice-shop-ctf --config myconfig.yml
Optionally you can also choose the name of the output file:
juice-shop-ctf --config myconfig.yml --output challenges.out
Share your current directory with the
/data volume of your
bkimminich/juice-shop-ctf Docker container and run the interactive
docker run -ti --rm -v $(pwd):/data bkimminich/juice-shop-ctf
Alternatively you can provide a configuration file via:
docker run -ti --rm -v $(pwd):/data bkimminich/juice-shop-ctf --config myconfig.yml
Choosing the name of the output file is also possible:
docker run -ti --rm -v $(pwd):/data bkimminich/juice-shop-ctf --config myconfig.yml --output challenges.out
For detailed step-by-step instructions and examples please refer to the Hosting a CTF event chapter in our (free) companion guide ebook.
If you need help with the application setup please check the Troubleshooting section below or post your specific problem or question in the official Gitter Chat.
- If using Docker Toolbox on Windows make sure that you also enable port
forwarding for all required ports from Host
0.0.0.0:XXXXfor TCP in the
defaultVM's network adapter in VirtualBox. For CTFd you need to forward port
Found a bug? Got an idea for enhancement? Improvement for cheating prevention?
PayPal donations via above button go to the OWASP Foundations and are earmarked for "Juice Shop". This is the preferred and most convenient way to support the project.
Credit Card (through RegOnline)
- Björn Kimminich aka
- Jannik Hollenbach aka
- Timo Pagel aka
Based on GitHub commits
master as of Tue, 10 Apr 2018
- Josh Grossman aka
- Simon Basset aka
This program is free software: you can redistribute it and/or modify it under the terms of the MIT license. OWASP Juice Shop and any contributions are Copyright © by Bjoern Kimminich 2016-2018.