RootTheBox - A Game of Hackers (CTF Scoreboard & Game Manager)

  •        81

Root the Box is a real-time scoring engine for computer wargames where hackers can practice and learn. The application can be easily configured and modified for any CTF game. Root the Box attempts to engage novice and experienced players alike by combining a fun game-like environment, with realistic challenges that convey knowledge applicable to the real-world, such as penetration testing, incident response, digital forensics and threat hunting. Just as in traditional CTF games, each team or player targets challenges of varying difficulty and sophistication, attempting to collect flags. Root the Box brings additional options to the game. It can be configured to allow the creation of "Botnets" by uploading a small bot program to target machines, which grant periodic rewards with (in-game) money for each bot in the botnet; the larger the botnet the larger the reward. Money can be used to unlock new levels, buy hints to flags, download a target's source code, or even "SWAT" other players by bribing the (in-game) police. Player's "bank account passwords" can also be publically displayed by the scoring engine, allowing players to crack each other's passwords and steal each other's money.



Related Projects

Moloch - Large scale, full packet capturing, indexing, and database system

  •    Javascript

Moloch is an open source, large scale, full packet capturing, indexing, and database system. Moloch augments your current security infrastructure to store and index network traffic in standard PCAP format, providing fast, indexed access. An intuitive and simple web interface is provided for PCAP browsing, searching, and exporting.

v0lt - Security CTF Toolkit (Not maintained anymore)

  •    Python

v0lt is an attempt to regroup every tool I used/use/will use in security CTF, Python style. A lot of exercises were solved using bash scripts but Python may be more flexible, that's why. Nothing to do with Gallopsled. It's a toy toolkit, with small but specific utils only.

awesome-ctf - A curated list of CTF frameworks, libraries, resources and softwares

  •    Javascript

A curated list of Capture The Flag (CTF) frameworks, libraries, resources, softwares and tutorials. This list aims to help starters as well as seasoned CTF players to find everything related to CTFs at one place.Please take a quick look at the contribution guidelines first.

juice-shop - OWASP Juice Shop is an intentionally insecure webapp for security trainings written entirely in Javascript which encompasses the entire OWASP Top Ten and other severe security flaws

  •    Javascript

OWASP Juice Shop is an intentionally insecure web application written entirely in JavaScript which encompasses the entire range of OWASP Top Ten and other severe security flaws. Each packaged distribution includes some binaries for SQLite bound to the OS and node.js version which npm install was executed on.

Network Security Scorebot

  •    Java

Scorebot is a scoring framework which monitors the integrity of various network services for the purpose of scoring a network security exercise.

VHostScan - A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages

  •    Python

A virtual host scanner that can be used with pivot tools, detect catch-all scenarios, aliases and dynamic default pages. First presented at SecTalks BNE in September 2017 (slidedeck). Dependencies will then be installed and VHostScan will be added to your path. If there is an issue regarding running python3 build_ext, you will need to reinstall numpy using pip uninstall numpy and pip install numpy==1.12.0. This should resolve the issue as there are sometimes issues with numpy being installed through

mellivora - Mellivora is a CTF engine written in PHP

  •    PHP

Mellivora is a CTF engine written in PHP. Want a quick overview? Check out a screenshot gallery on imgur. Want a quick start? Use Mellivora with Docker. Mellivora scales well on Amazon Elastic Beanstalk and has support for S3 file storage.

MEAnalyzer - Intel Engine Firmware Analysis Tool

  •    Python

ME Analyzer is a tool which parses Intel Engine & PMC firmware images from the (Converged Security) Management Engine, (Converged Security) Trusted Execution Engine, (Converged Security) Server Platform Services & Power Management Controller families. It can be used by end-users who are looking for all relevant firmware information such as Family, Version, Release, Type, Date, SKU, Platform etc. It is capable of detecting new/unknown firmware, checking firmware health, Updated/Outdated status and many more. ME Analyzer is also a powerful Engine firmware research analysis tool with multiple structures which allow, among others, full parsing and unpacking of Converged Security Engine (CSE) code & file system, Flash Partition Table (FPT), Boot Partition Descriptor Table (BPDT/IFWI), CSE Layout Table (LT), advanced Size detection etc. Moreover, with the help of its extensive database, ME Analyzer is capable of uniquely categorizing all supported Engine firmware as well as check for any firmware which have not been stored at the Intel Engine Firmware Repositories yet. ME Analyzer allows end-users and/or researchers to quickly analyze and/or report new firmware versions without the use of special Intel tools (FIT/FITC, FWUpdate) or Hex Editors. To do that effectively, a database had to be built. The Intel Engine Firmware Repositories is a collection of every (CS)ME, (CS)TXE & (CS)SPS firmware we have found. Its existence is very important for ME Analyzer as it allows us to continue doing research, find new types of firmware, compare same major version releases for similarities, check for updated firmware etc. Bundled with ME Analyzer is a file called MEA.dat which is required for the program to run. It includes entries for all Engine firmware that are available to us. This accommodates primarily three actions: a) Detect each firmware's Family via unique identifier keys, b) Check whether the imported firmware is up to date and c) Help find new Engine firmware sooner by reporting them at the Intel Management Engine: Drivers, Firmware & System Tools or Intel Trusted Execution Engine: Drivers, Firmware & System Tools threads respectively.

resources - A general collection of information, tools, and tips regarding CTFs and similar security competitions


This repository aims to be an archive of information, tools, and references regarding CTF competitions. CTFs, especially for beginners, can be very daunting and almost impossible to approach. With some general overviews of common CTF topics and more in-depth research and explanation in specific technologies both beginners and veterans can learn, contribute, and collaborate to expand their knowledge.

ctf-tools - Some setup scripts for security research tools.

  •    Shell

This is a collection of setup scripts to create an install of various security research tools. Of course, this isn't a hard problem, but it's really nice to have them in one place that's easily deployable to new machines and so forth. The install-scripts for these tools are checked regularly, the results can be found on the build status page. There are also a couple of installers for useful libraries included. Currently only the python bindings for these libraries are installed.

pac4j - The security engine to protect all your Java web applications

  •    Java

pac4j is a Java security engine to authenticate users, get their profiles and manage their authorizations in order to secure Java web applications. It supports most authentication mechanisms: OAuth (Facebook, Twitter, Google, Yahoo...), CAS, HTTP (form, basic auth...), OpenID, SAML, Google App Engine, OpenID Connect, JWT, LDAP, RDBMS, MongoDB and Stormpath and authorization checks.

Whoosh - Python Search Library

  •    Python

Whoosh is a fast, featureful full-text indexing and searching library implemented in pure Python. Programmers can use it to easily add search functionality to their applications and websites. It has support of Fielded indexing, search, scoring, text analysis, storage, Pluggable scoring algorithm, Powerful query language and spell-checker.

IndexTank - Search Engine powers Reddit

  •    Java

IndexTank search engine powers search in Reddit, Social bookmarking site. IndexTank is acquired by LinkedIn and released the project as open source. It includes features like Variables boosts, Facets, Faceted search, Snippeting, Custom scoring functions, Suggest, and Autocomplete.

MG4J - Managing Gigabytes for Java

  •    Java

MG4J (Managing Gigabytes for Java) is a free full-text search engine for large document collections written in Java. MG4J is a highly customisable, high-performance, full-fledged search engine providing state-of-the-art features (such as BM25/BM25F scoring) and new research algorithms. The main points of MG4J are Powerful indexing, Multi-index interval semantics, Virtual fields, Clustering and lot more.

write-ups-2017 - Wiki-like CTF write-ups repository, maintained by the community. 2017

  •    Python

This repository aims to solve those problems. It’s a collection of CTF source files and write-ups that anyone can contribute to. Did you just publish a CTF write-up? Let us know, and we’ll add a link to your post — or just add the link yourself and submit a pull request. Spot an issue with a solution? Correct it, and send a pull request.

pwntools - CTF framework and exploit development library

  •    Python

Pwntools is a CTF framework and exploit development library. Written in Python, it is designed for rapid prototyping and development, and intended to make exploit writing as simple as possible. You can now do a live demo of Pwntools, right in your browser.

Suricata IDS - Network threat detection engine

  •    C

The Suricata engine is capable of real time intrusion detection (IDS), inline intrusion prevention (IPS), network security monitoring (NSM) and offline pcap processing. Suricata inspects the network traffic using a powerful and extensive rules and signature language, and has powerful Lua scripting support for detection of complex threats.

MBE - Course materials for Modern Binary Exploitation by RPISEC

  •    C

This repository contains the materials as developed and used by RPISEC to teach Modern Binary Exploitation at Rensselaer Polytechnic Institute in Spring 2015. This was a university course developed and run solely by students to teach skills in vulnerability research, reverse engineering, and binary exploitation. Vulnerability research & exploit development is something totally outside the bounds of what you see in a normal computer science curriculum, but central to a lot of what we RPISEC members find ourselves doing in our free time. We also find that subjects in offensive security tend to have a stigma around them in university that we would like to help shake off. These are practical, applied skills that we're excited to share with those interested in learning.