Question 1

How to run juice shop ctf with Docker?

Accepted Answer

Use the command `docker run -ti --rm -v $(pwd):/data bkimminich/juice-shop-ctf` to start the interactive CLI. For configuration files, add `--config myconfig.yml` and specify output with `--output challenges.out`. This isolates the tool without needing local Node.js installation.

Question 2

Juice shop ctf vs manual ctf setup: which is better?

Accepted Answer

Juice shop ctf automates challenge population from OWASP Juice Shop, saving hours compared to manual setup, but it's limited to pre-defined vulnerabilities. For custom or diverse challenges, manual setup offers more flexibility but requires significant effort.

Question 3

What CTF frameworks does juice shop ctf support?

Accepted Answer

It supports CTFd (version 3.7 or higher), RootTheBox (version 3.3 or higher), and FBCTF. These are popular open-source frameworks, but if you're using something else, you'll need to find an alternative tool or modify the exports manually.

Question 4

How do I configure hints in juice shop ctf?

Accepted Answer

In the configuration file, set `insertHints` to 'none', 'free', or 'paid'. During interactive mode, you'll be prompted to choose. This allows organizers to control whether hints are available and if they cost points in the CTF.

Question 5

Can I use juice shop ctf without Node.js installed?

Accepted Answer

Yes, by using the Docker container, which doesn't require local Node.js. Run `docker run -ti --rm -v $(pwd):/data bkimminich/juice-shop-ctf` to execute the tool in an isolated environment, as detailed in the README.

Question 6

Is juice shop ctf suitable for large-scale events?

Accepted Answer

It can handle large events by exporting all Juice Shop challenges, but performance depends on the CTF framework and Juice Shop instance scalability. Use configuration files for repeatable setups and ensure your servers can handle the load.

Question 7

How to troubleshoot juice shop ctf connection errors?

Accepted Answer

Verify the Juice Shop URL is accessible and correct. Use the `--ignoreSslWarnings` flag for SSL certificate issues. Check port forwarding for Docker setups and refer to the troubleshooting section in the README for specific problems.

Juice Shop CTF

What is Juice Shop CTF?

Overview

Use Cases

Best For

Related Projects

Found a gem we're missing?

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions