{"id":29970,"date":"2023-09-04T10:35:04","date_gmt":"2023-09-04T10:35:04","guid":{"rendered":"https:\/\/kalilinuxtutorials.com\/?p=29970"},"modified":"2023-09-04T10:35:05","modified_gmt":"2023-09-04T10:35:05","slug":"owasp-wrongsecrets","status":"publish","type":"post","link":"https:\/\/kalilinuxtutorials.com\/owasp-wrongsecrets\/","title":{"rendered":"OWASP WrongSecrets: Multi-Tenant CTF Party Setup"},"content":{"rendered":"\n<p>Welcome to OWASP WrongSecrets CTF Party, where Capture The Flag tasks meet scalability without any problems. Our platform is made for dynamic, multi-tenant CTF games.<\/p>\n\n\n\n<p>It was made possible by the pioneering work of the OWASP MultiJuicer. Whether you&#8217;re a contestant who wants to take on the tasks or an organizer who wants a simple setup, this guide will show you how to create an integrated, user-friendly environment while giving credit to the important people who made this possible.<\/p>\n\n\n\n<p><strong><em>Powered by MultiJuicer<\/em>\u00a0<a href=\"https:\/\/github.com\/OWASP\/wrongsecrets-ctf-party\/actions\/workflows\/codeql-analysis.yml\"><\/a>\u00a0<a href=\"https:\/\/github.com\/OWASP\/wrongsecrets-ctf-party\/actions\/workflows\/pre-commit.yml\"><\/a>\u00a0<a href=\"https:\/\/github.com\/OWASP\/wrongsecrets-ctf-party\/actions\/workflows\/test.yml\"><\/a>\u00a0<\/strong><a href=\"https:\/\/github.com\/OWASP\/wrongsecrets-ctf-party\/actions\/workflows\/minikube-k8s-test.yml\"><\/a><\/p>\n\n\n\n<p>Want to play OWASP WrongSecrets in a large group in CTF mode, but not go over all the hassle of setting up local copies of OWASP WrongSecrets? Here is OWASP WrongSecrets CTF Party! This is a fork of OWASP MultiJuicer, which is adapted to become a dynamic multi-tenant setup for doing a CTF together!<\/p>\n\n\n\n<p><strong>Note that we:<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Have a\u00a0<a href=\"https:\/\/docs.linuxserver.io\/images\/docker-webtop\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Webtop<\/a>\u00a0integrated for each player.<\/li>\n\n\n\n<li>Have a WrongSecrets instance integrated for each player.<\/li>\n\n\n\n<li>A working admin interface which can restart both or delete both (by deleting the full namespace).<\/li>\n\n\n\n<li>Do not support any progress watchdog as you will have access to it, we therefore disabled it.<\/li>\n\n\n\n<li>It can cleanup old &amp; unused namespaces automatically.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/OWASP\/wrongsecrets-ctf-party#special-thanks\"><\/a><strong>Special thanks<\/strong><\/h2>\n\n\n\n<p>Special thanks to\u00a0<a href=\"https:\/\/github.com\/commjoen\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">@commjoen<\/a>,\u00a0<a href=\"https:\/\/github.com\/madhuakula\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">@madhuakula<\/a>,\u00a0<a href=\"https:\/\/github.com\/bendehaan\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">@bendehaan<\/a>, and\u00a0<a href=\"https:\/\/github.com\/mikewoudenberg\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">@mikewoudenberg<\/a>, and\u00a0<a href=\"https:\/\/github.com\/osamamagdy\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">@osamamagdy<\/a>\u00a0for making this port a reality!<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/OWASP\/wrongsecrets-ctf-party#sponsorships\"><\/a><strong>Sponsorships<\/strong><\/h2>\n\n\n\n<p>We would like to thank the following parties for helping us out:<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiZCzSHgLsV36ac8NhIulavvvGWZLmE2CI3ojaS99-jKa0v0HLfW_K7_x-LyZUiCxHaLSUBQpbyITUtUWHTLhoREHarrurPk_2-IqEyfVfJseTJi2rhakw-RzZbpqcsV1kbc0sqCnwtuEkDpvhzmftUHpgEkPiV2hil_yGVlbPgQQnaTx4prmHyNzYQNQ\/s16000\/gitguardian_logo.jpeg\" alt=\"\"\/><\/figure>\n\n\n\n<p><a href=\"https:\/\/blog.gitguardian.com\/gitguardian-is-proud-sponsor-of-owasp\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">GitGuardian<\/a>\u00a0for their sponsorship which allows us to pay the bills for our cloud-accounts.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgTg7y3u2Dytz_auCFGiegzE88QxTJs96rpdzHl4FFvZhoruMDXjc0DQtM_MngJClEwg3fTixdnhZIfHv79d6pftGapSBDLUPKvJyow6IqzZmVP2DT1HscvVoAkNQW6fCffzbCjkBCAddA2IGp_8TWTMIM0qVbu60XZfTCKU0kP3ZEWs5J0cmxO31G5sw\/s16000\/jetbrains_logo.png\" alt=\"\"\/><\/figure>\n\n\n\n<p><a href=\"https:\/\/www.jetbrains.com\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Jetbrains<\/a>\u00a0for licensing an instance of Intellij IDEA Ultimate edition to the project leads. We could not have been this fast with the development without it!<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEje1DqOlqJHC0gYAqvzm-ryZqaQzofey76XQ_3kQRqOE1BU1LuSM9hWd1-KmqcbTkAI3LFUUpLEAxv2ZIKcGF1tH8Fn19XGmiXDO2OW_DALnRfi2UUmz3MOz4S7WT00zPHyQrdkVJ_hHgg7DruqvcMIj-v5FSwgTIwNXtPTAhsWlhkyWyNmVIzXLeFXvg\/s1600\/docker_logo.png\" alt=\"\"\/><\/figure>\n\n\n\n<p><a href=\"https:\/\/www.docker.com\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">Docker<\/a>\u00a0for granting us their Docker Open Source Sponsored program.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img decoding=\"async\" src=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEim_efMsA4j3iTu-obqKNH7RtXoVzwonxuoZ4nIkMH86r5X6Wu9t1cwm86t1P09J_c2JV8xF95rNCAZuipfxV968YRwth-VRxf0yMB9j-zchXXoLpfPVDYJ8e7xVJX_auzH-sjUMxcwNmVm0wKR72sWtH19_fhQC5HGwOUoXoEUhrWq_184ueO3fzkvAg\/s1600\/1password_logo.png\" alt=\"\"\/><\/figure>\n\n\n\n<p><a href=\"https:\/\/github.com\/1Password\/1password-teams-open-source\/pull\/552\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">1Password<\/a>\u00a0for granting us an open source license to 1Password for the secret detection testbed.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/OWASP\/wrongsecrets-ctf-party#what-you-need-to-know\"><\/a><strong>What you need to know<\/strong><\/h3>\n\n\n\n<p>This environment uses a webtop and an instance of wrongsecrets per user. This means that you need per user:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>1.5 CPU (min = 0.5 , limit = 2.5)<\/li>\n\n\n\n<li>2 GB RAM (min 1 GB, limit = 3.5GB)<\/li>\n\n\n\n<li>4GB HD (min 3 GB, limit = 8GB)<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/OWASP\/wrongsecrets-ctf-party#running-this-on-minikube\"><\/a><strong>Running this on minikube<\/strong><\/h3>\n\n\n\n<p>A 4-10 contestant game can be played on a local minikube with updated cpu &amp; memory settings (e.g. 6 virtual CPUs, 9 GB ram).<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/OWASP\/wrongsecrets-ctf-party#running-this-on-aws-eks-with-larger-groups\"><\/a><strong>Running this on AWS EKS with larger groups<\/strong><\/h3>\n\n\n\n<h4 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/OWASP\/wrongsecrets-ctf-party#small-game\"><\/a><strong>Small Game<\/strong><\/h4>\n\n\n\n<p>We recently played a small CTF with 40 relatively active players using version 1.5.10 of wrongSecrets and the T6 version of the virtualdesktop-k8s. This could have easily ran on 5 T3A-X2large nodes for a day.<\/p>\n\n\n\n<h4 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/OWASP\/wrongsecrets-ctf-party#large-numbers\"><\/a><strong>Large Numbers<\/strong><\/h4>\n\n\n\n<p>A 100 contestant game can be played on the AWS setup, which will require around 150 (100-250) CPUs, 200 (150-350) GB Ram, and 400 GB of storage available in the cluster. Note that we have configured everything based on autoscaling in AWS. This means that you can often start with a cluster about 20% of the size of the &#8220;limit&#8221; numbers and then see how things evolve. You will hardly hit those limits, unless all players are very actively fuzzing the WrongSecrets app, while runnign heavy appss on their Webtops. Instead, you will see that you are using just 25% of what is provided in numbers here. So, by using our terraform (including an autoscaling managed nodegroup), you can reduce the cost of your CTF by a lot!<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/OWASP\/wrongsecrets-ctf-party#status---experimental-release\"><\/a><strong>Status &#8211; Experimental release<\/strong><\/h2>\n\n\n\n<p>This is an experimental release. It showed to work at 2 CTFs already, we just did not complete the documentation and the cleaning up of the Helm chart yet. However: it is working in its basis, and can support a good crowd. Currently, we only support using Minikube and AWS EKS (<em><strong>Please follow the readme in the AWS folder if you want to use EKS, as the guides section is not updated yet<\/strong><\/em>).<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/OWASP\/wrongsecrets-ctf-party#how-to-use-it\"><\/a><strong>How to use it<\/strong><\/h2>\n\n\n\n<p>The different setups are explained in\u00a0<a href=\"https:\/\/github.com\/OWASP\/wrongsecrets\/blob\/master\/ctf-instructions.md\">OWASP Wron<\/a><a href=\"https:\/\/github.com\/OWASP\/wrongsecrets\/blob\/master\/ctf-instructions.md\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">gSecrets CTF-instructions<\/a>. With the 3-domain approach you generate flags for CTFD automatically, while with the 2-domain setup you need to set it up manually.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/OWASP\/wrongsecrets-ctf-party#approach-1-3-domain-setup\"><\/a><strong>Approach 1: 3-domain setup<\/strong><\/h3>\n\n\n\n<p><strong>You need 3 things:<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>This infrastructure<\/li>\n\n\n\n<li>The actual place where correct answers are exchanged for CTFD-flags. This can be your fly.dev\/heroku\/etc. or local container of WrongSecrets running in CTF mode with the additional key setup for challenge 8.<\/li>\n\n\n\n<li>A CTFD\/Facebook-CTF host which is populated with the challenges based on your secondary hosted WrongSecrets application.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/OWASP\/wrongsecrets-ctf-party#approach-2-2-domain-setup\"><\/a><strong>Approach 2: 2-domain setup<\/strong><\/h3>\n\n\n\n<p><strong>You need 2 things:<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>This infrastructure<\/li>\n\n\n\n<li>A CTFD\/Facebook-CTF host which is populated with the challenges based on your secondary hosted WrongSecrets application (this can be the helm chart included in the EKS installation script)<\/li>\n<\/ul>\n\n\n\n<p><strong>To use the 2 domain setup with CTFD:<\/strong><\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Set up the CTFD and WrongSecrets instances using your preferred method and docs e.g. AWS and the docs\u00a0<a href=\"https:\/\/github.com\/OWASP\/wrongsecrets-ctf-party\/blob\/main\/aws\/README.md\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">here<\/a>.<\/li>\n\n\n\n<li>Set up a team with spoilers available (On AWS this can be done by changing the deployment of a team you have created and setting ctf-mode=false).<\/li>\n\n\n\n<li>Use these spoilers to manually copy the answers from WrongSecrets to CTFD.]<\/li>\n\n\n\n<li>Delete the team used to get these spoilers (On AWS you can delete the entire namespace of the team).<\/li>\n<\/ol>\n\n\n\n<h3 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/OWASP\/wrongsecrets-ctf-party#general-helm-usage\"><\/a><strong>General Helm usage<\/strong><\/h3>\n\n\n\n<p>This setup works best if you have Calico installed as your CNI, if you want to use the helm directly, without the AWS Challenges, do:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>helm repo add wrongsecrets https:\/\/wrongsecrets.github.io\/wrongsecrets-ctf-party\r\n\r\nhelm upgrade --install my-wrongsecrets-ctf-party wrongsecrets\/wrongsecrets-ctf-party\r<\/code><\/pre>\n\n\n\n<p><strong>Play with Minikube:<\/strong><\/p>\n\n\n\n<p>** NOTE: The below steps require at least minikube version v1.30.1 and yq (<a href=\"https:\/\/github.com\/mikefarah\/yq\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">https:\/\/github.com\/mikefarah\/yq\/<\/a>) version v4.34.1. **<\/p>\n\n\n\n<p><strong>For minikube, run:<\/strong><\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>\r\nminikube start  --cpus=6 --memory=10000MB --network-plugin=cni --cni=calico --driver=docker --kubernetes-version=1.25.6\r\neval $(minikube docker-env)\r\n.\/build-and-deploy-container.sh\r\nkubectl port-forward service\/wrongsecrets-balancer 3000:3000\r<\/code><\/pre>\n\n\n\n<p>or use&nbsp;<code>build-and-deploy-container-minikube.sh<\/code>&nbsp;to do all of the above in one script.<\/p>\n\n\n\n<p>Want to know whether your system is holding up? useminikube addons enable metrics-server kubectl top nodes kubectl top pods.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/OWASP\/wrongsecrets-ctf-party#develop-with-minikube\"><\/a><strong>Develop with Minikube<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>\r\nminikube start  --cpus=6 --memory=10000MB --network-plugin=cni --cni=calico --driver=docker --kubernetes-version=1.25.6\r\neval $(minikube docker-env)\r\n.\/build-and-deploy.sh\r\nkubectl port-forward service\/wrongsecrets-balancer 3000:3000\r<\/code><\/pre>\n\n\n\n<p>or use\u00a0<code>build-and-deploy-minikube.sh<\/code>\u00a0to do all of the above in one script.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/OWASP\/wrongsecrets-ctf-party#play-with-aws-eks\"><\/a><strong>Play with AWS EKS:<\/strong><\/h3>\n\n\n\n<p>** NOTE: SEE SECTIONS ABOVE ABOUT WHAT YOU NEED AND THE COST OF THINGS: This project is not responsible, and will not pay for any part of your AWS bill. **<\/p>\n\n\n\n<p>For AWS EKS follow the instructions in the&nbsp;<code>\/aws<\/code>&nbsp;folder. This setup also includes a helm installation of CTFd.<\/p>\n\n\n\n<p>Then open a browser and go to\u00a0<a href=\"http:\/\/localhost:3000\/\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">localhost:3000<\/a>\u00a0and have fun \ud83d\ude00 .<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/OWASP\/wrongsecrets-ctf-party#some-production-notes\"><\/a><strong>Some production notes<\/strong><\/h3>\n\n\n\n<p>See\u00a0<a href=\"https:\/\/github.com\/OWASP\/wrongsecrets-ctf-party\/blob\/main\/guides\/production-notes\/production-notes.md\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">production notes<\/a>\u00a0for a checklist of values you&#8217;ll likely need to configure before using Wrongsecrets-ctf-party in proper events.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/OWASP\/wrongsecrets-ctf-party#customizing-the-setup\"><\/a><strong>Customizing the Setup<\/strong><\/h3>\n\n\n\n<p>You got some options on how to setup the stack, with some option to customize the WrongSecrets and Virtual desktop instances to your own liking. You can find the default config values under:\u00a0<a href=\"https:\/\/github.com\/OWASP\/wrongsecrets-ctf-party\/blob\/main\/helm\/wrongsecrets-ctf-party\/values.yaml\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">helm\/wrongsecrets-ctf-party\/values.yaml<\/a>.<\/p>\n\n\n\n<p>The default ctfd config values are here:\u00a0<a href=\"https:\/\/github.com\/OWASP\/wrongsecrets-ctf-party\/blob\/main\/aws\/k8s\/ctfd-values.yaml\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">aws\/k8s\/ctfd-values.yaml<\/a>. Note that these values are not used, and instead only se in the file\u00a0<a href=\"https:\/\/github.com\/OWASP\/wrongsecrets-ctf-party\/blob\/main\/aws\/build-and-deploy-aws.sh\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">aws\/build-and-deploy-aws.sh<\/a>.<\/p>\n\n\n\n<p>Download &amp; Save the file and tell helm to use your config file over the default by running:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>helm repo add wrongsecrets https:\/\/wrongsecrets.github.io\/wrongsecrets-ctf-party\r\n\r\nhelm install -f values.yaml my-wrongsecrets-ctf-party wrongsecrets\/wrongsecrets-ctf-party<\/code><\/pre>\n\n\n\n<h3 class=\"wp-block-heading\"><a href=\"https:\/\/github.com\/OWASP\/wrongsecrets-ctf-party#deinstallation\"><\/a><strong>Deinstallation<\/strong><\/h3>\n\n\n\n<pre class=\"wp-block-code\"><code>helm delete my-wrongsecrets-ctf-party<\/code><\/pre>\n\n\n\n<p>And if you are running AWS (including CTFd):<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>helm delete ctfd -n ctfd<\/code><\/pre>\n\n\n\n<p><a href=\"https:\/\/github.com\/OWASP\/wrongsecrets-ctf-party#faq\"><\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Welcome to OWASP WrongSecrets CTF Party, where Capture The Flag tasks meet scalability without any problems. Our platform is made for dynamic, multi-tenant CTF games. It was made possible by the pioneering work of the OWASP MultiJuicer. Whether you&#8217;re a contestant who wants to take on the tasks or an organizer who wants a simple [&hellip;]<\/p>\n","protected":false},"author":12,"featured_media":29973,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEje-uPNV-XmRkIbHEuZPxOhuIO-gHR_8qq50DMc4yjlmrohyzRwMQO3g-5fqcH0QS7IQ3HcQuZhAEyk81gpKivRPusA8ZaqaphsNsLnPVHQPOh22gZhmURswVDn82e7vbvSC7KRfFbkAxTccXb8Mnx2a3LbuvjWJBoYDN8k1wCZPRvti7a6x33lchld5A\/s16000\/OWASP%20WrongSecrets%20-%20Multi-Tenant%20CTF%20Party%20Setup.webp","fifu_image_alt":"","_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[20],"tags":[6163,731,6164,6162],"class_list":["post-29970","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cyber-security","tag-ctf-capture-the-flag","tag-cyber-security","tag-multi-tenant-setup","tag-owasp-wrongsecrets"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>OWASP WrongSecrets: Multi-Tenant CTF Party Setup<\/title>\n<meta name=\"description\" content=\"Welcome to OWASP WrongSecrets CTF Party, where Capture The Flag tasks meet scalability without any problems.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/kalilinuxtutorials.com\/owasp-wrongsecrets\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"OWASP WrongSecrets: Multi-Tenant CTF Party Setup\" \/>\n<meta property=\"og:description\" content=\"Welcome to OWASP WrongSecrets CTF Party, where Capture The Flag tasks meet scalability without any problems.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/kalilinuxtutorials.com\/owasp-wrongsecrets\/\" \/>\n<meta property=\"og:site_name\" content=\"Kali Linux Tutorials\" \/>\n<meta property=\"article:published_time\" content=\"2023-09-04T10:35:04+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-09-04T10:35:05+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEje-uPNV-XmRkIbHEuZPxOhuIO-gHR_8qq50DMc4yjlmrohyzRwMQO3g-5fqcH0QS7IQ3HcQuZhAEyk81gpKivRPusA8ZaqaphsNsLnPVHQPOh22gZhmURswVDn82e7vbvSC7KRfFbkAxTccXb8Mnx2a3LbuvjWJBoYDN8k1wCZPRvti7a6x33lchld5A\/s16000\/OWASP%20WrongSecrets%20-%20Multi-Tenant%20CTF%20Party%20Setup.webp\" \/>\n<meta name=\"author\" content=\"Varshini\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEje-uPNV-XmRkIbHEuZPxOhuIO-gHR_8qq50DMc4yjlmrohyzRwMQO3g-5fqcH0QS7IQ3HcQuZhAEyk81gpKivRPusA8ZaqaphsNsLnPVHQPOh22gZhmURswVDn82e7vbvSC7KRfFbkAxTccXb8Mnx2a3LbuvjWJBoYDN8k1wCZPRvti7a6x33lchld5A\/s16000\/OWASP%20WrongSecrets%20-%20Multi-Tenant%20CTF%20Party%20Setup.webp\" \/>\n<meta name=\"twitter:creator\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:site\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Varshini\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/owasp-wrongsecrets\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/owasp-wrongsecrets\/\"},\"author\":{\"name\":\"Varshini\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/3c3b3f82a74146532c4def299fe069fa\"},\"headline\":\"OWASP WrongSecrets: Multi-Tenant CTF Party Setup\",\"datePublished\":\"2023-09-04T10:35:04+00:00\",\"dateModified\":\"2023-09-04T10:35:05+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/owasp-wrongsecrets\/\"},\"wordCount\":1109,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/owasp-wrongsecrets\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEje-uPNV-XmRkIbHEuZPxOhuIO-gHR_8qq50DMc4yjlmrohyzRwMQO3g-5fqcH0QS7IQ3HcQuZhAEyk81gpKivRPusA8ZaqaphsNsLnPVHQPOh22gZhmURswVDn82e7vbvSC7KRfFbkAxTccXb8Mnx2a3LbuvjWJBoYDN8k1wCZPRvti7a6x33lchld5A\/s16000\/OWASP%20WrongSecrets%20-%20Multi-Tenant%20CTF%20Party%20Setup.webp\",\"keywords\":[\"CTF (Capture The Flag)\",\"Cyber Security\",\"Multi-Tenant Setup\",\"OWASP WrongSecrets\"],\"articleSection\":[\"Cyber security\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/kalilinuxtutorials.com\/owasp-wrongsecrets\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/owasp-wrongsecrets\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/owasp-wrongsecrets\/\",\"name\":\"OWASP WrongSecrets: Multi-Tenant CTF Party Setup\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/owasp-wrongsecrets\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/owasp-wrongsecrets\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEje-uPNV-XmRkIbHEuZPxOhuIO-gHR_8qq50DMc4yjlmrohyzRwMQO3g-5fqcH0QS7IQ3HcQuZhAEyk81gpKivRPusA8ZaqaphsNsLnPVHQPOh22gZhmURswVDn82e7vbvSC7KRfFbkAxTccXb8Mnx2a3LbuvjWJBoYDN8k1wCZPRvti7a6x33lchld5A\/s16000\/OWASP%20WrongSecrets%20-%20Multi-Tenant%20CTF%20Party%20Setup.webp\",\"datePublished\":\"2023-09-04T10:35:04+00:00\",\"dateModified\":\"2023-09-04T10:35:05+00:00\",\"description\":\"Welcome to OWASP WrongSecrets CTF Party, where Capture The Flag tasks meet scalability without any problems.\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/kalilinuxtutorials.com\/owasp-wrongsecrets\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/owasp-wrongsecrets\/#primaryimage\",\"url\":\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEje-uPNV-XmRkIbHEuZPxOhuIO-gHR_8qq50DMc4yjlmrohyzRwMQO3g-5fqcH0QS7IQ3HcQuZhAEyk81gpKivRPusA8ZaqaphsNsLnPVHQPOh22gZhmURswVDn82e7vbvSC7KRfFbkAxTccXb8Mnx2a3LbuvjWJBoYDN8k1wCZPRvti7a6x33lchld5A\/s16000\/OWASP%20WrongSecrets%20-%20Multi-Tenant%20CTF%20Party%20Setup.webp\",\"contentUrl\":\"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEje-uPNV-XmRkIbHEuZPxOhuIO-gHR_8qq50DMc4yjlmrohyzRwMQO3g-5fqcH0QS7IQ3HcQuZhAEyk81gpKivRPusA8ZaqaphsNsLnPVHQPOh22gZhmURswVDn82e7vbvSC7KRfFbkAxTccXb8Mnx2a3LbuvjWJBoYDN8k1wCZPRvti7a6x33lchld5A\/s16000\/OWASP%20WrongSecrets%20-%20Multi-Tenant%20CTF%20Party%20Setup.webp\",\"width\":\"728\",\"height\":\"380\"},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"name\":\"Kali Linux Tutorials\",\"description\":\"Kali Linux Tutorials\",\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\",\"name\":\"Kali Linux Tutorials\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"contentUrl\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"width\":272,\"height\":90,\"caption\":\"Kali Linux Tutorials\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/CyberEdition\",\"https:\/\/www.threads.com\/@cybersecurityedition\",\"https:\/\/www.linkedin.com\/company\/cyberedition\",\"https:\/\/www.instagram.com\/cybersecurityedition\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/3c3b3f82a74146532c4def299fe069fa\",\"name\":\"Varshini\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/f19f43637c0f83fb3dcfb498f306b2a9ac0025ce85840ab52ee8c01f5361f269?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/f19f43637c0f83fb3dcfb498f306b2a9ac0025ce85840ab52ee8c01f5361f269?s=96&d=mm&r=g\",\"caption\":\"Varshini\"},\"description\":\"Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.\",\"sameAs\":[\"http:\/\/kalilinuxtutorials.com\",\"https:\/\/www.linkedin.com\/in\/senthamil-selvan-14043a285\/\"],\"url\":\"https:\/\/kalilinuxtutorials.com\/author\/vinayakagrawal\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"OWASP WrongSecrets: Multi-Tenant CTF Party Setup","description":"Welcome to OWASP WrongSecrets CTF Party, where Capture The Flag tasks meet scalability without any problems.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/kalilinuxtutorials.com\/owasp-wrongsecrets\/","og_locale":"en_US","og_type":"article","og_title":"OWASP WrongSecrets: Multi-Tenant CTF Party Setup","og_description":"Welcome to OWASP WrongSecrets CTF Party, where Capture The Flag tasks meet scalability without any problems.","og_url":"https:\/\/kalilinuxtutorials.com\/owasp-wrongsecrets\/","og_site_name":"Kali Linux Tutorials","article_published_time":"2023-09-04T10:35:04+00:00","article_modified_time":"2023-09-04T10:35:05+00:00","og_image":[{"url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEje-uPNV-XmRkIbHEuZPxOhuIO-gHR_8qq50DMc4yjlmrohyzRwMQO3g-5fqcH0QS7IQ3HcQuZhAEyk81gpKivRPusA8ZaqaphsNsLnPVHQPOh22gZhmURswVDn82e7vbvSC7KRfFbkAxTccXb8Mnx2a3LbuvjWJBoYDN8k1wCZPRvti7a6x33lchld5A\/s16000\/OWASP%20WrongSecrets%20-%20Multi-Tenant%20CTF%20Party%20Setup.webp","type":"","width":"","height":""}],"author":"Varshini","twitter_card":"summary_large_image","twitter_image":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEje-uPNV-XmRkIbHEuZPxOhuIO-gHR_8qq50DMc4yjlmrohyzRwMQO3g-5fqcH0QS7IQ3HcQuZhAEyk81gpKivRPusA8ZaqaphsNsLnPVHQPOh22gZhmURswVDn82e7vbvSC7KRfFbkAxTccXb8Mnx2a3LbuvjWJBoYDN8k1wCZPRvti7a6x33lchld5A\/s16000\/OWASP%20WrongSecrets%20-%20Multi-Tenant%20CTF%20Party%20Setup.webp","twitter_creator":"@CyberEdition","twitter_site":"@CyberEdition","twitter_misc":{"Written by":"Varshini","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/kalilinuxtutorials.com\/owasp-wrongsecrets\/#article","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/owasp-wrongsecrets\/"},"author":{"name":"Varshini","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/3c3b3f82a74146532c4def299fe069fa"},"headline":"OWASP WrongSecrets: Multi-Tenant CTF Party Setup","datePublished":"2023-09-04T10:35:04+00:00","dateModified":"2023-09-04T10:35:05+00:00","mainEntityOfPage":{"@id":"https:\/\/kalilinuxtutorials.com\/owasp-wrongsecrets\/"},"wordCount":1109,"commentCount":0,"publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/owasp-wrongsecrets\/#primaryimage"},"thumbnailUrl":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEje-uPNV-XmRkIbHEuZPxOhuIO-gHR_8qq50DMc4yjlmrohyzRwMQO3g-5fqcH0QS7IQ3HcQuZhAEyk81gpKivRPusA8ZaqaphsNsLnPVHQPOh22gZhmURswVDn82e7vbvSC7KRfFbkAxTccXb8Mnx2a3LbuvjWJBoYDN8k1wCZPRvti7a6x33lchld5A\/s16000\/OWASP%20WrongSecrets%20-%20Multi-Tenant%20CTF%20Party%20Setup.webp","keywords":["CTF (Capture The Flag)","Cyber Security","Multi-Tenant Setup","OWASP WrongSecrets"],"articleSection":["Cyber security"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/kalilinuxtutorials.com\/owasp-wrongsecrets\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/kalilinuxtutorials.com\/owasp-wrongsecrets\/","url":"https:\/\/kalilinuxtutorials.com\/owasp-wrongsecrets\/","name":"OWASP WrongSecrets: Multi-Tenant CTF Party Setup","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/kalilinuxtutorials.com\/owasp-wrongsecrets\/#primaryimage"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/owasp-wrongsecrets\/#primaryimage"},"thumbnailUrl":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEje-uPNV-XmRkIbHEuZPxOhuIO-gHR_8qq50DMc4yjlmrohyzRwMQO3g-5fqcH0QS7IQ3HcQuZhAEyk81gpKivRPusA8ZaqaphsNsLnPVHQPOh22gZhmURswVDn82e7vbvSC7KRfFbkAxTccXb8Mnx2a3LbuvjWJBoYDN8k1wCZPRvti7a6x33lchld5A\/s16000\/OWASP%20WrongSecrets%20-%20Multi-Tenant%20CTF%20Party%20Setup.webp","datePublished":"2023-09-04T10:35:04+00:00","dateModified":"2023-09-04T10:35:05+00:00","description":"Welcome to OWASP WrongSecrets CTF Party, where Capture The Flag tasks meet scalability without any problems.","inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/kalilinuxtutorials.com\/owasp-wrongsecrets\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/owasp-wrongsecrets\/#primaryimage","url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEje-uPNV-XmRkIbHEuZPxOhuIO-gHR_8qq50DMc4yjlmrohyzRwMQO3g-5fqcH0QS7IQ3HcQuZhAEyk81gpKivRPusA8ZaqaphsNsLnPVHQPOh22gZhmURswVDn82e7vbvSC7KRfFbkAxTccXb8Mnx2a3LbuvjWJBoYDN8k1wCZPRvti7a6x33lchld5A\/s16000\/OWASP%20WrongSecrets%20-%20Multi-Tenant%20CTF%20Party%20Setup.webp","contentUrl":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEje-uPNV-XmRkIbHEuZPxOhuIO-gHR_8qq50DMc4yjlmrohyzRwMQO3g-5fqcH0QS7IQ3HcQuZhAEyk81gpKivRPusA8ZaqaphsNsLnPVHQPOh22gZhmURswVDn82e7vbvSC7KRfFbkAxTccXb8Mnx2a3LbuvjWJBoYDN8k1wCZPRvti7a6x33lchld5A\/s16000\/OWASP%20WrongSecrets%20-%20Multi-Tenant%20CTF%20Party%20Setup.webp","width":"728","height":"380"},{"@type":"WebSite","@id":"https:\/\/kalilinuxtutorials.com\/#website","url":"https:\/\/kalilinuxtutorials.com\/","name":"Kali Linux Tutorials","description":"Kali Linux Tutorials","publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/kalilinuxtutorials.com\/#organization","name":"Kali Linux Tutorials","url":"https:\/\/kalilinuxtutorials.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/","url":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","contentUrl":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","width":272,"height":90,"caption":"Kali Linux Tutorials"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/CyberEdition","https:\/\/www.threads.com\/@cybersecurityedition","https:\/\/www.linkedin.com\/company\/cyberedition","https:\/\/www.instagram.com\/cybersecurityedition\/"]},{"@type":"Person","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/3c3b3f82a74146532c4def299fe069fa","name":"Varshini","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/f19f43637c0f83fb3dcfb498f306b2a9ac0025ce85840ab52ee8c01f5361f269?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f19f43637c0f83fb3dcfb498f306b2a9ac0025ce85840ab52ee8c01f5361f269?s=96&d=mm&r=g","caption":"Varshini"},"description":"Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.","sameAs":["http:\/\/kalilinuxtutorials.com","https:\/\/www.linkedin.com\/in\/senthamil-selvan-14043a285\/"],"url":"https:\/\/kalilinuxtutorials.com\/author\/vinayakagrawal\/"}]}},"jetpack_featured_media_url":"https:\/\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEje-uPNV-XmRkIbHEuZPxOhuIO-gHR_8qq50DMc4yjlmrohyzRwMQO3g-5fqcH0QS7IQ3HcQuZhAEyk81gpKivRPusA8ZaqaphsNsLnPVHQPOh22gZhmURswVDn82e7vbvSC7KRfFbkAxTccXb8Mnx2a3LbuvjWJBoYDN8k1wCZPRvti7a6x33lchld5A\/s16000\/OWASP%20WrongSecrets%20-%20Multi-Tenant%20CTF%20Party%20Setup.webp","jetpack_sharing_enabled":true,"jetpack-related-posts":[{"id":33483,"url":"https:\/\/kalilinuxtutorials.com\/awesome-mobile-ctf\/","url_meta":{"origin":29970,"position":0},"title":"Awesome-Mobile-CTF : The Ultimate Guide To Mobile Capture The Flag Challenges And Resources","author":"Varshini","date":"June 26, 2024","format":false,"excerpt":"This is a curated list of mobile based CTFs, write-ups and vulnerable mobile apps. Most of them are android based due to the popularity of the platform. Inspired by\u00a0android-security-awesome,\u00a0osx-and-ios-security-awesome\u00a0and all the other awesome security lists on\u00a0@github. Mobile CTF Challenges Google CTF 2021 Google CTF 2020\u00a0writeup 1,\u00a0writeup 2 HacktivityCon CTF Mobile\u2026","rel":"","context":"In &quot;Cyber security&quot;","block_context":{"text":"Cyber security","link":"https:\/\/kalilinuxtutorials.com\/category\/cyber-security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhaD_o6agrudUKWtXM4SFWyFm0lwzPsjW32PkxdizcBx05caEPkUy7hkEgvzj_odaQQGI8YgkUwYb2lcXJnC8r1lgoTPkpM1rug3I84zvQDdiRbnSBu1XT7wS1pblXAWGzBWZOyI5a4c44q26moRFNm1o2XvoEBfAx3z45wgFr3RdqaqJCTEAuB44RFjCJn\/s16000\/Awesome-Mobile-CTF%20.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhaD_o6agrudUKWtXM4SFWyFm0lwzPsjW32PkxdizcBx05caEPkUy7hkEgvzj_odaQQGI8YgkUwYb2lcXJnC8r1lgoTPkpM1rug3I84zvQDdiRbnSBu1XT7wS1pblXAWGzBWZOyI5a4c44q26moRFNm1o2XvoEBfAx3z45wgFr3RdqaqJCTEAuB44RFjCJn\/s16000\/Awesome-Mobile-CTF%20.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhaD_o6agrudUKWtXM4SFWyFm0lwzPsjW32PkxdizcBx05caEPkUy7hkEgvzj_odaQQGI8YgkUwYb2lcXJnC8r1lgoTPkpM1rug3I84zvQDdiRbnSBu1XT7wS1pblXAWGzBWZOyI5a4c44q26moRFNm1o2XvoEBfAx3z45wgFr3RdqaqJCTEAuB44RFjCJn\/s16000\/Awesome-Mobile-CTF%20.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhaD_o6agrudUKWtXM4SFWyFm0lwzPsjW32PkxdizcBx05caEPkUy7hkEgvzj_odaQQGI8YgkUwYb2lcXJnC8r1lgoTPkpM1rug3I84zvQDdiRbnSBu1XT7wS1pblXAWGzBWZOyI5a4c44q26moRFNm1o2XvoEBfAx3z45wgFr3RdqaqJCTEAuB44RFjCJn\/s16000\/Awesome-Mobile-CTF%20.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhaD_o6agrudUKWtXM4SFWyFm0lwzPsjW32PkxdizcBx05caEPkUy7hkEgvzj_odaQQGI8YgkUwYb2lcXJnC8r1lgoTPkpM1rug3I84zvQDdiRbnSBu1XT7wS1pblXAWGzBWZOyI5a4c44q26moRFNm1o2XvoEBfAx3z45wgFr3RdqaqJCTEAuB44RFjCJn\/s16000\/Awesome-Mobile-CTF%20.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEhaD_o6agrudUKWtXM4SFWyFm0lwzPsjW32PkxdizcBx05caEPkUy7hkEgvzj_odaQQGI8YgkUwYb2lcXJnC8r1lgoTPkpM1rug3I84zvQDdiRbnSBu1XT7wS1pblXAWGzBWZOyI5a4c44q26moRFNm1o2XvoEBfAx3z45wgFr3RdqaqJCTEAuB44RFjCJn\/s16000\/Awesome-Mobile-CTF%20.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":32278,"url":"https:\/\/kalilinuxtutorials.com\/awesome-ctf\/","url_meta":{"origin":29970,"position":1},"title":"Awesome CTF &#8211; The Comprehensive Toolkit For Capture The Flag Challenges","author":"Varshini","date":"March 12, 2024","format":false,"excerpt":"A curated list of\u00a0Capture The Flag\u00a0(CTF) frameworks, libraries, resources, softwares and tutorials. This list aims to help starters as well as seasoned CTF players to find everything related to CTFs at one place. Contributing Please take a quick look at the\u00a0contribution guidelines\u00a0first. If you know a tool that isn't present\u2026","rel":"","context":"In &quot;Cyber security&quot;","block_context":{"text":"Cyber security","link":"https:\/\/kalilinuxtutorials.com\/category\/cyber-security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgOc4B53VJCVd3dDNqhOnvywQFozKS9GMsb8HFYBYGePlIKBYcF88G-A2cktwLx1H3T7QHcoozUH20POq5YGWFGBjMqkrRwP-e4ivMetTcM4tzcBTWUE38-RzqCdG_tWEgCPUvekBjZ2_UhugUPzyCkQ99NLIw7fwyGQD8IbK1yguGIU-1YVdUbeGJvXUmx\/s16000\/CVE-2023-6000%20PoC%20%282%29.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgOc4B53VJCVd3dDNqhOnvywQFozKS9GMsb8HFYBYGePlIKBYcF88G-A2cktwLx1H3T7QHcoozUH20POq5YGWFGBjMqkrRwP-e4ivMetTcM4tzcBTWUE38-RzqCdG_tWEgCPUvekBjZ2_UhugUPzyCkQ99NLIw7fwyGQD8IbK1yguGIU-1YVdUbeGJvXUmx\/s16000\/CVE-2023-6000%20PoC%20%282%29.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgOc4B53VJCVd3dDNqhOnvywQFozKS9GMsb8HFYBYGePlIKBYcF88G-A2cktwLx1H3T7QHcoozUH20POq5YGWFGBjMqkrRwP-e4ivMetTcM4tzcBTWUE38-RzqCdG_tWEgCPUvekBjZ2_UhugUPzyCkQ99NLIw7fwyGQD8IbK1yguGIU-1YVdUbeGJvXUmx\/s16000\/CVE-2023-6000%20PoC%20%282%29.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgOc4B53VJCVd3dDNqhOnvywQFozKS9GMsb8HFYBYGePlIKBYcF88G-A2cktwLx1H3T7QHcoozUH20POq5YGWFGBjMqkrRwP-e4ivMetTcM4tzcBTWUE38-RzqCdG_tWEgCPUvekBjZ2_UhugUPzyCkQ99NLIw7fwyGQD8IbK1yguGIU-1YVdUbeGJvXUmx\/s16000\/CVE-2023-6000%20PoC%20%282%29.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgOc4B53VJCVd3dDNqhOnvywQFozKS9GMsb8HFYBYGePlIKBYcF88G-A2cktwLx1H3T7QHcoozUH20POq5YGWFGBjMqkrRwP-e4ivMetTcM4tzcBTWUE38-RzqCdG_tWEgCPUvekBjZ2_UhugUPzyCkQ99NLIw7fwyGQD8IbK1yguGIU-1YVdUbeGJvXUmx\/s16000\/CVE-2023-6000%20PoC%20%282%29.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgOc4B53VJCVd3dDNqhOnvywQFozKS9GMsb8HFYBYGePlIKBYcF88G-A2cktwLx1H3T7QHcoozUH20POq5YGWFGBjMqkrRwP-e4ivMetTcM4tzcBTWUE38-RzqCdG_tWEgCPUvekBjZ2_UhugUPzyCkQ99NLIw7fwyGQD8IbK1yguGIU-1YVdUbeGJvXUmx\/s16000\/CVE-2023-6000%20PoC%20%282%29.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":9449,"url":"https:\/\/kalilinuxtutorials.com\/multijuicer\/","url_meta":{"origin":29970,"position":2},"title":"MultiJuicer : Run Capture Flags &#038; Security Trainings With OWASP Juice Shop","author":"R K","date":"March 1, 2020","format":false,"excerpt":"MultiJuicer is a tool used to run capture the flags and security trainings with OWASP juice shop . Running CTFs and Security Trainings with OWASP Juice Shop is usually quite tricky, Juice Shop just isn't intended to be used by multiple users at a time. Instructing everybody how to start\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":32308,"url":"https:\/\/kalilinuxtutorials.com\/awesome-hacking\/","url_meta":{"origin":29970,"position":3},"title":"Awesome Hacking &#8211; An Amazing Project : The Ultimate Resource Guide For Cybersecurity Exploration","author":"Varshini","date":"March 13, 2024","format":false,"excerpt":"A curated list of awesome Hacking. Inspired by\u00a0awesome-machine-learning If you want to contribute to this list (please do), send me a pull request! For a list of free hacking books available for download, go\u00a0here Table Of Contents System Tutorials Tools Docker General Reverse Engineering Tutorials Tools General Web Tools General\u2026","rel":"","context":"In &quot;Cyber security&quot;","block_context":{"text":"Cyber security","link":"https:\/\/kalilinuxtutorials.com\/category\/cyber-security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgavcLNXzp9UC50S5QxiCL6REBEcZxY98rY13kQI7ogzVbJFY7J_uvhit2oYWyOtIgBs6pCJUp5f_rWlunSQZd_rA2wO8Oop1Shjtj6yj3dUEI2o42GkbA6fk_lFHw1lsZBkowTxv0p-QPmK4cCTEPUJAZLXAJYP8hupyvpfSzvCtd0lbF1E3S8TnrwMiwI\/s16000\/Awesome%20Hacking.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgavcLNXzp9UC50S5QxiCL6REBEcZxY98rY13kQI7ogzVbJFY7J_uvhit2oYWyOtIgBs6pCJUp5f_rWlunSQZd_rA2wO8Oop1Shjtj6yj3dUEI2o42GkbA6fk_lFHw1lsZBkowTxv0p-QPmK4cCTEPUJAZLXAJYP8hupyvpfSzvCtd0lbF1E3S8TnrwMiwI\/s16000\/Awesome%20Hacking.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgavcLNXzp9UC50S5QxiCL6REBEcZxY98rY13kQI7ogzVbJFY7J_uvhit2oYWyOtIgBs6pCJUp5f_rWlunSQZd_rA2wO8Oop1Shjtj6yj3dUEI2o42GkbA6fk_lFHw1lsZBkowTxv0p-QPmK4cCTEPUJAZLXAJYP8hupyvpfSzvCtd0lbF1E3S8TnrwMiwI\/s16000\/Awesome%20Hacking.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgavcLNXzp9UC50S5QxiCL6REBEcZxY98rY13kQI7ogzVbJFY7J_uvhit2oYWyOtIgBs6pCJUp5f_rWlunSQZd_rA2wO8Oop1Shjtj6yj3dUEI2o42GkbA6fk_lFHw1lsZBkowTxv0p-QPmK4cCTEPUJAZLXAJYP8hupyvpfSzvCtd0lbF1E3S8TnrwMiwI\/s16000\/Awesome%20Hacking.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgavcLNXzp9UC50S5QxiCL6REBEcZxY98rY13kQI7ogzVbJFY7J_uvhit2oYWyOtIgBs6pCJUp5f_rWlunSQZd_rA2wO8Oop1Shjtj6yj3dUEI2o42GkbA6fk_lFHw1lsZBkowTxv0p-QPmK4cCTEPUJAZLXAJYP8hupyvpfSzvCtd0lbF1E3S8TnrwMiwI\/s16000\/Awesome%20Hacking.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgavcLNXzp9UC50S5QxiCL6REBEcZxY98rY13kQI7ogzVbJFY7J_uvhit2oYWyOtIgBs6pCJUp5f_rWlunSQZd_rA2wO8Oop1Shjtj6yj3dUEI2o42GkbA6fk_lFHw1lsZBkowTxv0p-QPmK4cCTEPUJAZLXAJYP8hupyvpfSzvCtd0lbF1E3S8TnrwMiwI\/s16000\/Awesome%20Hacking.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":32737,"url":"https:\/\/kalilinuxtutorials.com\/flagger\/","url_meta":{"origin":29970,"position":4},"title":"Flagger &#8211; A Powerful CLI Tool For Crafting CTF Exploits","author":"Varshini","date":"April 12, 2024","format":false,"excerpt":"Discover the power of Flagger, a streamlined command-line interface tool designed for cybersecurity enthusiasts and professionals alike. Crafted specifically for Capture The Flag (CTF) competitions, Flagger integrates seamlessly with pwntools to facilitate the development of effective exploits. Whether handling HTTP requests or managing custom scripts, Flagger is your go-to tool\u2026","rel":"","context":"In &quot;Exploitation Tools&quot;","block_context":{"text":"Exploitation Tools","link":"https:\/\/kalilinuxtutorials.com\/category\/et\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiOyFaKkS-d5dV08WhlDsrj97xeXwEWI5fc7V6DVET53A7Wc0Nx8PGMBGIh2dr60_-1QLvPA1-pYdwXrDMfH_KyUgtxxBf733dG5mjpN2eQF77o9Hpin_cjQCg3Ix9uppUbBZDLU0SL1flUP2BLb7P8-1CMISVrqQ4hKp59MQd_m-BRtOGN19X_89HBjEM6\/s16000\/Security%20Flaw%20%285%29.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiOyFaKkS-d5dV08WhlDsrj97xeXwEWI5fc7V6DVET53A7Wc0Nx8PGMBGIh2dr60_-1QLvPA1-pYdwXrDMfH_KyUgtxxBf733dG5mjpN2eQF77o9Hpin_cjQCg3Ix9uppUbBZDLU0SL1flUP2BLb7P8-1CMISVrqQ4hKp59MQd_m-BRtOGN19X_89HBjEM6\/s16000\/Security%20Flaw%20%285%29.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiOyFaKkS-d5dV08WhlDsrj97xeXwEWI5fc7V6DVET53A7Wc0Nx8PGMBGIh2dr60_-1QLvPA1-pYdwXrDMfH_KyUgtxxBf733dG5mjpN2eQF77o9Hpin_cjQCg3Ix9uppUbBZDLU0SL1flUP2BLb7P8-1CMISVrqQ4hKp59MQd_m-BRtOGN19X_89HBjEM6\/s16000\/Security%20Flaw%20%285%29.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiOyFaKkS-d5dV08WhlDsrj97xeXwEWI5fc7V6DVET53A7Wc0Nx8PGMBGIh2dr60_-1QLvPA1-pYdwXrDMfH_KyUgtxxBf733dG5mjpN2eQF77o9Hpin_cjQCg3Ix9uppUbBZDLU0SL1flUP2BLb7P8-1CMISVrqQ4hKp59MQd_m-BRtOGN19X_89HBjEM6\/s16000\/Security%20Flaw%20%285%29.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiOyFaKkS-d5dV08WhlDsrj97xeXwEWI5fc7V6DVET53A7Wc0Nx8PGMBGIh2dr60_-1QLvPA1-pYdwXrDMfH_KyUgtxxBf733dG5mjpN2eQF77o9Hpin_cjQCg3Ix9uppUbBZDLU0SL1flUP2BLb7P8-1CMISVrqQ4hKp59MQd_m-BRtOGN19X_89HBjEM6\/s16000\/Security%20Flaw%20%285%29.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiOyFaKkS-d5dV08WhlDsrj97xeXwEWI5fc7V6DVET53A7Wc0Nx8PGMBGIh2dr60_-1QLvPA1-pYdwXrDMfH_KyUgtxxBf733dG5mjpN2eQF77o9Hpin_cjQCg3Ix9uppUbBZDLU0SL1flUP2BLb7P8-1CMISVrqQ4hKp59MQd_m-BRtOGN19X_89HBjEM6\/s16000\/Security%20Flaw%20%285%29.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":12384,"url":"https:\/\/kalilinuxtutorials.com\/ctf-party\/","url_meta":{"origin":29970,"position":5},"title":"CTF-Party : A Ruby Library To Enhance &#038; Speed Up Script\/Exploit","author":"R K","date":"March 31, 2021","format":false,"excerpt":"CTF-Party is a library to enhance and speed up script\/exploit writing for CTF players (or security researchers, bug bounty hunters, pentesters but mostly focused on CTF) by patching the String class to add a short syntax of usual code patterns. The philosophy is also to keep the library to be\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"_links":{"self":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/29970","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/users\/12"}],"replies":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/comments?post=29970"}],"version-history":[{"count":4,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/29970\/revisions"}],"predecessor-version":[{"id":29976,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/29970\/revisions\/29976"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/media\/29973"}],"wp:attachment":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/media?parent=29970"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/categories?post=29970"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/tags?post=29970"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}