kurukshetra

by a0xnirudh

a0xnirudh / kurukshetra

Kurukshetra - A framework for teaching secure coding by means of interactive problem solving.

129 Stars 19 Forks Last release: almost 2 years ago (v2.0) GNU General Public License v3.0 71 Commits 2 Releases

Available items

No Items, yet!

The developer of this repository has not created any items for sale yet. Need a bug fixed? Help with integration? A different license? Create a request here:

Kurukshetra   Tweet

Kurukshetra

Github Release Version Github Release Version License Kurukshetra loves Open source Follow Kurukshetra on Twitter

Kurukshetra is a web framework that’s developed with the aim of being the first open source framework which provides a solid foundation to host reasonably complex secure coding challenges while still providing the ability to efficiently and dynamically execute each challenge on the basis of user input in a secure sandboxed environment.

Kurukshetra is composed of two components, the backend framework written in PHP, which manages and leverages the underlying docker system to provide the secure sandbox for the challenge execution, and the frontend, which is a user facing web app providing all the necessary controls, for the admin to host and modify the challenges , and the user to execute and view the result of each of his input.

Detailed Tool Documentation:

https://docs.kurukshetra.io

Installation

Supported Platforms

Kurukshetra has been tested both on Ubuntu/Debian (apt-get based distros) and as well as Mac OS. It should ideally work with any linux based distributions with PHP 7.2, MySQL and Docker (along with remote API enabled) installed.

Prerequisites:

There are a few packages which are necessary before proceeding with the installation:

Installing

Installing is as simple as moving the downloaded files into webroot:

git clone https://github.com/a0xnirudh/kurukshetra.git
cd kurukshetra
cp -r * /var/www/html/
chmod 755 -R /var/www/html
  • Move all the files into webroot (which is usually
    /var/www/html
    ):
    cp -r kurukshetra/* /var/www/html
  • Give appropriate permissions for the moved files:
    chmod 755 -R /var/www/html/
  • Give
    challenges/uploads
    directory write permissions for
    www-data
    user (see
    uploads/README.md
    ).
  • Visit
    http://localhost
    or
    http://127.0.0.1
    to navigate into installation (will auto redirect into /installation/).

  • Enter the MySQL DB credentials (user should have the permission to create database) and click on validate to see if the credentials are correct.
  • Enter the Google OAuth
    Client ID
    and
    Client secret
    and make sure the redirect URL is set to the path
    http://your-domain.com/login/index.php

Configuring Docker

Kurukshetra make uses of Dockers API's for running the user submitted code. A one time configuration is required before we can make use of the docker API's which is as follows:

  • Pull the docker image:
    docker pull phusion/baseimage:latest
  • Goto installation directory:
    cd installation/optional/
  • Build kurukshetra image from the Dockerfile:
    docker build -t kurukshetra .

Alternatively, you can just run

python install.py
from within the directory
installation/optional
which will go ahead and install Docker (if not installed already) and will configure the Kurukshetra docker image automatically.

Roadmap

The following are couple of ideas which we have in mind to do going ahead with Kurukshetra. If you have any ideas/feature requests which is not listed below, feel free to raise an issue in github.

  • Support for more languages including but not limited to JAVA, NodeJs and Ruby on Rails.

  • Write more challenges along with unittests to cover all the OWASP Top 10 vulnerabilities.

  • Gamification of the whole framework by introducing scorebard based on challenge solving points (predefined points are already available for challenges based on difficulties).

Screenshots

  1. Challenge listing page:

Kurukshetra

  1. Challenge solving page:

Kurukshetra

  1. Admin portal (statictics):

Kurukshetra

  1. Admin challenge edit/add challenges:

Kurukshetra

Video demo (Admin Functionalities)

Kurukshetra Admin functionalities

Contributors

Awesome people who built this project:

Lead Developers:

Anirudh Anand (@a0xnirudh)
Mohan KK (@MohanKallepalli)

Project Contributors:

Arjun T U (@arjunkikz)
Durga Subramanian (@0xdug)
Ankur Bhargava (@_AnkurB)
Prajal Kulkarni (@prajalkulkarni)

We use cookies. If you continue to browse the site, you agree to the use of cookies. For more information on our use of cookies please see our Privacy Policy.