The InCTF Framework
This framework forms the basis of the game infrastructure used to run the attack-defence round of InCTF organized annually by Amrita University and Amrita Centre for Cybersecurity Systems and Networks. It is based on the iCTF framework released by UC Santa Barbara Seclab. Unlike the iCTF framework, this framework runs all services in Docker containers instead of virtual machines. In addition, this framework also runs exploits uploaded by teams as Docker containers. This reduces the amount of resources required by the game infrastructure. Additionally, the use of additional tools such as Docker distribution and PORTUS simplifies setting up the game infrastructure and gameplay for participants.
The framework consists of several components. Some of them are new while some are modifications of the corresponding components of the iCTF framework. See component descriptions for more information.
See Setup and run a contest for a walkthrough on how to get started.
Writing a service
Writing an exploit
Some details of the InCTF framework is described in our paper Scalable and Lightweight CTF Infrastructures Using Application Containers published in 2016 USENIX Workshop on Advances in Security Education. The paper describes the high level design and rationale behind the design choices.