Skip to content
this is a demo set of attacks that can be used to get started with gauntlt
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
config
examples
labs
rake_tasks
vendor
.gitignore
.gitmodules
.ruby-version
.travis.yml
Gemfile
LICENSE
README.md
Rakefile
init.sh

README.md

Build Status

Gauntlt Demo

This is a demo set of attacks that can be used to demo gauntlt and learn how to implement it. Each directory in ./examples contains a specific type of attack that you might want to run. Inside each example you will find a README.md which will have a challenge and some hints on how to solve it. We recommend reading that first and then try to create an attack to solve the challenge.

Installation

$ git clone https://github.com/secure-pipeline/gauntlt-demo
$ cd ./gauntlt-demo
$ git submodule update --init --recursive
$ bundle

Start targets

This includes gruyere and railsgoat as a target to pratice against and in the future we will bundle other services. To start the default targets run the following.

$ bundle exec start_services

# For some reason railsgoat doesnt exit cleanly from a Ctl-C with service manager so you 
# will have to stop it manually
# ps -ef | grep rails
# kill -9 <PID>
# Please send a pull request if you know how to fix this

You can also run the following to start individual targets which include: railsgoat and gruyere

$ bundle exec start_services config/railsgoat.rb
$ bundle exec start_services config/gruyere.rb

After you stop the service, you may have to kill the process manually.

For railsgoat, you can also just do the following:

$ cd vendor/railsgoat
$ bundle install --binstubs
$ rake db:setup
$ rake server:start

Run a Gauntlt attack

Once you have a target ready, you can start customizing attacks and testing them against the target.

$ cd ./examples
$ bundle exec gauntlt hello_world/hello_world.attack

Work through the examples

You might find it helpful to head over to ./examples and work through the examples. After running hello_world it might be good to start with port_check

You can’t perform that action at this time.