{"id":15798449,"url":"https://github.com/0x0elliot/xss-ctf-with-python","last_synced_at":"2026-05-09T07:03:26.512Z","repository":{"id":115258802,"uuid":"394081269","full_name":"0x0elliot/XSS-CTF-With-Python","owner":"0x0elliot","description":"A Web CTF that was originally made for AppSec Village DEFCON 29 CTFs [5th August 2021 - 8th August 2021] and had the name \"Send me something interesting!\"","archived":false,"fork":false,"pushed_at":"2021-09-16T08:49:11.000Z","size":2682,"stargazers_count":2,"open_issues_count":1,"forks_count":1,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-11-30T03:51:00.223Z","etag":null,"topics":["backend","browser","css","ctf","defcon","flask","headless","html","python","selenium","xss"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/0x0elliot.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-08-08T22:28:04.000Z","updated_at":"2025-06-28T22:22:20.000Z","dependencies_parsed_at":null,"dependency_job_id":"23449bfa-1e18-4f8f-bb9b-1155a127560b","html_url":"https://github.com/0x0elliot/XSS-CTF-With-Python","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/0x0elliot/XSS-CTF-With-Python","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0x0elliot%2FXSS-CTF-With-Python","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0x0elliot%2FXSS-CTF-With-Python/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0x0elliot%2FXSS-CTF-With-Python/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0x0elliot%2FXSS-CTF-With-Python/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/0x0elliot","download_url":"https://codeload.github.com/0x0elliot/XSS-CTF-With-Python/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/0x0elliot%2FXSS-CTF-With-Python/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32810381,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-08T08:22:46.396Z","status":"online","status_checked_at":"2026-05-09T02:00:06.633Z","response_time":123,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["backend","browser","css","ctf","defcon","flask","headless","html","python","selenium","xss"],"created_at":"2024-10-05T00:41:35.865Z","updated_at":"2026-05-09T07:03:26.497Z","avatar_url":"https://github.com/0x0elliot.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# XSS CTF With Python\nA Web CTF that was originally made for AppSec Village DEFCON 29 CTFs and had the name \u003cb\u003e\"Send me something interesting!\"\u003c/b\u003e\n\n\u003cimg src = \"https://i.imgur.com/qsWsFf7.png\" /\u003e\u003cbr\u003e\n\u003cimg src = \"https://i.imgur.com/OyedNhN.png\" /\u003e\n\u003cbr\u003e\n\n\u003ch1\u003eHow to launch deploy this?\u003c/h1\u003e\n\n\u003cp\u003e\n  It's very simple to deploy.\u003cbr\u003e \n  1. First go to \u003ccode\u003e\"config.json\"\u003c/code\u003e and add the ReCaptcha tokens. You can get them from \u003ca href = \"https://www.google.com/recaptcha/\"\u003ehere.\u003c/a\u003e\u003cbr\u003e\n  \n  I have left the test keys provided by google so that it is always ready to be deployed and tested locally. Similarly, When you're deploying the CTF then it's recomended to\n  change the host to whatever your host is!\n  \u003cbr\u003e\n  \n  2. \u003ccode\u003esudo docker-compose up\u003c/code\u003e It's that simple!\n\u003c/p\u003e\n\n\u003ch1\u003eWhy Does this CTF exist?\u003c/h1\u003e\n\n\u003cp\u003e\n  When I thought about creating a CTF, I thought I might look around in the community to understand exactly what kind of CTFs are being used out there written in Python\n  and dealing with XSS. I noticed that most that I found used Js and Python integration. Often times those integrations were done through the subprocesses module using\n  the command line with the link of the site that has to be visited by the bot being sent as a command line argument. I didn't like this and wanted to put in enough effort\n  to make a stand-alone Python only XSS challenge that didn't require any other tech stack so that the InfoSec community can learn from each other!\n\n\u003c/p\u003e\n\n\u003ch1\u003eFound a bug in this code Or want to improve certain aspect of it?\u003c/h1\u003e\n\nGo ahead, do your thing. I will respond to issues as quickly as possible for fixes. Right now, There isn't any immediate issue I would open formally as I plan on\nExpanding on this CTF in upcoming events and add 2-3 more layers to it. But If you feel like doing something, I would say the frontend of the site was a bit too rushed.\nIf someone helped prettify it, it would be great!\n\n\u003ch1\u003eSolutions by the community: \u003c/h1\u003e\n\n\u003cul\u003e\n  \u003cli\u003e\n    \u003ca href = \"https://www.eivindarvesen.com/blog/2021/08/10/appsec-village-def-con-29-ctf-writeup\"\u003eGo to the last section of this write up and you will find a section with the name \"Send Me Something Interesting!\"\u003c/a\u003e\n  \u003c/li\u003e\n\u003c/ul\u003e\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F0x0elliot%2Fxss-ctf-with-python","html_url":"https://awesome.ecosyste.ms/projects/github.com%2F0x0elliot%2Fxss-ctf-with-python","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F0x0elliot%2Fxss-ctf-with-python/lists"}