npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

juice-shop-ctf-cli

v11.0.0

Published

Capture-the-Flag (CTF) environment setup tools for OWASP Juice Shop

Downloads

489

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

bkimminichbkimminich

Keywords

web securityweb application securitywebappsecowasppentestpentestingsecurityvulnerablevulnerabilitybrokencapture the flagctfctfdfbctfrtbcli

Readme

Juice Shop CTF Logo OWASP Juice Shop CTF Extension

OWASP Flagship
GitHub release
Twitter Follow
Subreddit subscribers

CI Pipeline Docker Cloud Build Status Coverage Status Code Climate Code Climate technical debt
GitHub stars

The Node package juice-shop-ctf-cli helps you to prepare Capture the Flag events with the OWASP Juice Shop challenges for different popular CTF frameworks. This interactive utility allows you to populate a CTF game server in a matter of minutes.

Screenshot of juice-shop-ctf-cli in Powershell

Supported CTF Frameworks

The following open source CTF frameworks are supported by juice-shop-ctf-cli:

Setup node npm npm npm bundle size

npm install -g juice-shop-ctf-cli

Usage

Interactive Mode

Open a command line and run:

juice-shop-ctf

Then follow the instructions of the interactive command line tool.

Configuration File

Instead of answering questions in the CLI you can also provide your desired configuration in a file with the following format:

ctfFramework: CTFd | FBCTF | RootTheBox
juiceShopUrl: https://juice-shop.herokuapp.com
ctfKey: https://raw.githubusercontent.com/bkimminich/juice-shop/master/ctf.key # can also be actual key or comma-separated list of keys (CTFd only) instead of URL
countryMapping: https://raw.githubusercontent.com/bkimminich/juice-shop/master/config/fbctf.yml # ignored for CTFd and RootTheBox
insertHints: none | free | paid # "paid" handled as "free" for CTFd
insertHintUrls: none | free | paid # optional for FBCTF; "paid" handled as "free" for CTFd
insertHintSnippets: none | free | paid # optional for FBCTF; "paid" handled as "free" for CTFd

You can then run the generator with:

juice-shop-ctf --config myconfig.yml

Optionally you can also choose the name of the output file:

juice-shop-ctf --config myconfig.yml --output challenges.out

You can ignore certificate warnings like this:

juice-shop-ctf --ignoreSslWarnings

Docker Container Docker Automated build Docker Pulls Docker Stars

Share your current directory with the /data volume of your bkimminich/juice-shop-ctf Docker container and run the interactive mode with:

docker run -ti --rm -v $(pwd):/data bkimminich/juice-shop-ctf

Alternatively you can provide a configuration file via:

docker run -ti --rm -v $(pwd):/data bkimminich/juice-shop-ctf --config myconfig.yml

Choosing the name of the output file is also possible:

docker run -ti --rm -v $(pwd):/data bkimminich/juice-shop-ctf --config myconfig.yml --output challenges.out

On Windows cmd.exe you have to use %cd% instead of $(pwd) to mount your current working directory.

For detailed step-by-step instructions and examples please refer to the Hosting a CTF event chapter in our (free) companion guide ebook.

Screenshots

CTFd challenge overview

FBCTF world map

RTB challenge boxes

Troubleshooting Gitter

If you need help with the application setup please check the Troubleshooting section below or post your specific problem or question in the official Gitter Chat.

  • If using Docker Toolbox on Windows make sure that you also enable port forwarding for all required ports from Host 127.0.0.1:XXXX to 0.0.0.0:XXXX for TCP in the default VM's network adapter in VirtualBox. For CTFd you need to forward port 8000.

Contributing GitHub contributors

Found a bug? Got an idea for enhancement? Improvement for cheating prevention?

Feel free to create an issue or post your ideas in the chat! Pull requests are also highly welcome - please refer to CONTRIBUTING.md for details.

Donations

The OWASP Foundation gratefully accepts donations via Stripe. Projects such as Juice Shop can then request reimbursement for expenses from the Foundation. If you'd like to express your support of the Juice Shop project, please make sure to tick the "Publicly list me as a supporter of OWASP Juice Shop" checkbox on the donation form. You can find our more about donations and how they are used here:

https://pwning.owasp-juice.shop/part3/donations.html

Contributors

The OWASP Juice Shop core project team are:

For a list of all contributors to the OWASP Juice Shop CTF Extension please visit our HALL_OF_FAME.md.

Licensing license

This program is free software: you can redistribute it and/or modify it under the terms of the MIT license. OWASP Juice Shop CTF Extension and any contributions are Copyright © by Bjoern Kimminich & the OWASP Juice Shop contributors 2016-2024.

Juice Shop CTF Logo