Public | Automated Build

Last pushed: 10 days ago
Short Description
Capture-the-Flag (CTF) environment setup tools for OWASP Juice Shop
Full Description

OWASP Juice Shop CTF

The NPM package
lets you create a archive files for conveniently import
OWASP Juice Shop challenges into different
Capture the Flag
frameworks. This allows you to populate a CTF game server in a matter of

Supported CTF Frameworks

The following open source CTF frameworks are supported by


npm install -g juice-shop-ctf-cli


Interactive Mode

Open a command line and run:


Then follow the instructions of the interactive command line tool.

Configuration File

Instead of answering questions in the CLI you can also provide your
desired configuration in a file with the following format:

ctfFramework: CTFd | FBCTF
ctfKey: # can also be actual key instead URL
insertHints: none | free | paid
insertHintUrls: none | free | paid

You can then run the generator with:

juice-shop-ctf --config myconfig.yml

Optionally you can also choose the name of the output file:

juice-shop-ctf --config myconfig.yml --output challenges.out

Docker Container

Share your current directory with the /data volume of your
bkimminich/juice-shop-ctf Docker container and run the interactive
mode with:

docker run -ti --rm -v $(pwd):/data bkimminich/juice-shop-ctf

Alternatively you can provide a configuration file via:

docker run -ti --rm -v $(pwd):/data bkimminich/juice-shop-ctf --config myconfig.yml

Choosing the name of the output file is also possible:

docker run -ti --rm -v $(pwd):/data bkimminich/juice-shop-ctf --config myconfig.yml --output challenges.out

For detailed step-by-step instructions and examples please refer to
the Hosting a CTF event chapter
in our (free) companion guide ebook.



If you need help with the application setup please check the
Troubleshooting section below or post your specific problem or
question in the
official Gitter Chat.

  • If using Docker Toolbox on Windows make sure that you also enable port
    forwarding for all required ports from Host to for TCP in the default VM's network adapter in
    VirtualBox. For CTFd you need to forward port 8000.


Found a bug? Got an idea for enhancement? Improvement for cheating

Feel free to
create an issue
post your ideas in the chat!
Pull requests are also highly welcome - please refer to for details.



PayPal donations via above button go to the OWASP Foundations and are
earmarked for "Juice Shop". This is the preferred and most convenient
way to support the project.

Credit Card (through RegOnline)

OWASP hosts a
donation form on RegOnline.
Refer to the
Credit card donation step-by-step
guide for help with filling out the donation form correctly.

Crypto Currency



Code Contributors

Based on GitHub commits
on master as of Tue, 10 Apr 2018


This program is free software: you can redistribute it and/or modify it
under the terms of the MIT license. OWASP Juice Shop and any
contributions are Copyright © by Bjoern Kimminich 2016-2018.

Docker Pull Command
Source Repository