Skip to content
Attack-Defence CTF framework that uses application containers instead of virtual machines
Python C++ C Shell Go HTML Other
Branch: master
Clone or download
Pull request Compare This branch is 193 commits ahead, 5 commits behind ucsb-seclab:master.
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
container-creator
dashboard Updated README to reflect changes made to dashboard Jul 14, 2016
database database: Updated README Jul 14, 2016
docs docs: Added some instructions for using Gitlab instead of Distributio… Aug 12, 2016
scorebot scorebot: Updated README Jul 14, 2016
services Cleaned up indentation of JSON config files of sillybox, tattletale a… Mar 22, 2016
.gitignore Added container creator output directory to gitignore Mar 3, 2016
LICENSE GPL Aug 18, 2014
README.md docs: Added how-to guide for writing exploits Jul 14, 2016

README.md

The InCTF Framework

This framework forms the basis of the game infrastructure used to run the attack-defence round of InCTF organized annually by Amrita University and Amrita Centre for Cybersecurity Systems and Networks. It is based on the iCTF framework released by UC Santa Barbara Seclab. Unlike the iCTF framework, this framework runs all services in Docker containers instead of virtual machines. In addition, this framework also runs exploits uploaded by teams as Docker containers. This reduces the amount of resources required by the game infrastructure. Additionally, the use of additional tools such as Docker distribution and PORTUS simplifies setting up the game infrastructure and gameplay for participants.

Components

The framework consists of several components. Some of them are new while some are modifications of the corresponding components of the iCTF framework. See component descriptions for more information.

Getting started

See Setup and run a contest for a walkthrough on how to get started.

Writing a service

See how to write a service.

Writing an exploit

See how to write an exploit.

Further Information

Some details of the InCTF framework is described in our paper Scalable and Lightweight CTF Infrastructures Using Application Containers published in 2016 USENIX Workshop on Advances in Security Education. The paper describes the high level design and rationale behind the design choices.

You can’t perform that action at this time.