{"id":13797038,"url":"https://github.com/a0xnirudh/kurukshetra","last_synced_at":"2025-05-13T02:31:05.652Z","repository":{"id":50320561,"uuid":"127381992","full_name":"a0xnirudh/kurukshetra","owner":"a0xnirudh","description":"Kurukshetra - A framework for teaching secure coding by means of interactive problem solving.","archived":false,"fork":false,"pushed_at":"2019-06-11T07:41:51.000Z","size":7054,"stargazers_count":142,"open_issues_count":1,"forks_count":22,"subscribers_count":10,"default_branch":"master","last_synced_at":"2024-08-04T23:10:51.886Z","etag":null,"topics":["appsec","infosec","php","secure-coding","security"],"latest_commit_sha":null,"homepage":"https://kurukshetra.io","language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/a0xnirudh.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2018-03-30T04:37:28.000Z","updated_at":"2024-06-16T05:28:19.000Z","dependencies_parsed_at":"2022-09-24T12:21:14.421Z","dependency_job_id":null,"html_url":"https://github.com/a0xnirudh/kurukshetra","commit_stats":null,"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/a0xnirudh%2Fkurukshetra","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/a0xnirudh%2Fkurukshetra/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/a0xnirudh%2Fkurukshetra/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/a0xnirudh%2Fkurukshetra/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/a0xnirudh","download_url":"https://codeload.github.com/a0xnirudh/kurukshetra/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":225167367,"owners_count":17431590,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["appsec","infosec","php","secure-coding","security"],"created_at":"2024-08-03T23:01:20.535Z","updated_at":"2024-11-18T11:30:36.959Z","avatar_url":"https://github.com/a0xnirudh.png","language":"PHP","funding_links":[],"categories":["PHP","\u003ca id=\"8c5a692b5d26527ef346687e047c5c21\"\u003e\u003c/a\u003e收集","PHP (184)"],"sub_categories":[],"readme":"# Kurukshetra \u0026nbsp; [![Tweet](https://img.shields.io/twitter/url/http/shields.io.svg?style=social)](https://twitter.com/intent/tweet?text=Kurukshetra%20-%20A%20framework%20for%20teaching%20secure%20coding%20by%20means%20of%20interactive%20problem%20solving!\u0026url=https://github.com/a0xnirudh/kurukshetra\u0026via=a0xnirudh\u0026hashtags=security,infosec,bugbounty,SecureCoding)\n\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"/staticfiles/img/logo.png\" alt=\"Kurukshetra\"/\u003e\n\u003c/p\u003e\n\n[![Github Release Version](https://img.shields.io/badge/release-V2.0-green.svg)](https://github.com/a0xnirudh/kurukshetra)\n[![Github Release Version](https://img.shields.io/badge/php-7.2-green.svg)](https://github.com/a0xnirudh/kurukshetra)\n[![License](https://img.shields.io/badge/License-GPL%20v3-green.svg)](https://github.com/a0xnirudh/kurukshetra/blob/master/LICENSE)\n[![Kurukshetra loves Open source](https://badges.frapsoft.com/os/v1/open-source.svg?v=103)](https://github.com/a0xnirudh/kurukshetra)\n[![Follow Kurukshetra on Twitter](https://img.shields.io/twitter/follow/kurukshetrahq.svg?style=social\u0026label=Follow%20%40kurukshetra)](https://twitter.com/intent/user?screen_name=KurukshetraHQ \"Follow Kurukshetra on Twitter\")\n\n**Kurukshetra** is a web framework that’s developed with the aim of being the first open source framework which provides a solid foundation to host reasonably complex **secure coding** challenges while still providing the ability to efficiently and dynamically execute each challenge on the basis of user input in a secure sandboxed environment.\n\nKurukshetra is composed of two components, the backend framework written in PHP, which manages and leverages the underlying docker system to provide the secure **sandbox** for the challenge execution, and the frontend, which is a user facing web app providing all the necessary controls, for the admin to host and modify the challenges , and the user to execute and view the result of each of his input.\n\n\n## Detailed Tool Documentation:\n\u003e [https://0daylabs.com/kurukshetra/](https://0daylabs.com/kurukshetra/)\n\n## Installation\n\n### Supported Platforms\n\nKurukshetra has been tested both on **Ubuntu/Debian** (apt-get based distros) and as well as **Mac OS**. It should ideally work with any linux based distributions with PHP 7.2, MySQL and Docker (along with [remote API enabled](https://docs.docker.com/engine/api/v1.24/)) installed.\n\n### Prerequisites:\n\nThere are a few packages which are necessary before proceeding with the installation:\n\n* Git client: `sudo apt-get install git`\n* PHP 7.2: Read the [instructions](https://askubuntu.com/a/856794) on how to install on ubuntu (along with php-curl - `sudo apt-ge install php7.2-curl php7.2-mbstring php7.2-mysql`)\n* MySQL: `sudo apt-get install mysql-server`\n* Docker: Read the [official installation](https://docs.docker.com/install/) guide (Also: [ubuntu installation](https://www.digitalocean.com/community/tutorials/how-to-install-and-use-docker-on-ubuntu-16-04))\n* Enable Docker API: Read - [How do I enable the remote Docker API](https://success.docker.com/article/how-do-i-enable-the-remote-api-for-dockerd)\n* Create a folder `/var/config/` with write permission to `www-data` user\n\n\n### Installing\n\nInstalling is as simple as moving the downloaded files into webroot:\n\n```bash\ngit clone https://github.com/a0xnirudh/kurukshetra.git\ncd kurukshetra\ncp -r * /var/www/html/\nchmod 755 -R /var/www/html\n```\n\n* Move all the files into webroot (which is usually `/var/www/html`): `cp -r kurukshetra/* /var/www/html`\n* Give appropriate permissions for the moved files: `chmod 755 -R /var/www/html/`\n* Give `challenges/uploads` directory write permissions for `www-data` user (see `uploads/README.md`).\n* Visit `http://localhost` or `http://127.0.0.1` to navigate into installation (will auto redirect into /installation/).\n\n\u003cp align=\"center\"\u003e\n\u003cimg src=\"/staticfiles/img/install.png\" width=\"700\"\u003e\n\u003c/p\u003e\n\n* Enter the MySQL DB credentials (user should have the permission to create database) and click on validate to see if the credentials are correct.\n* Enter the Google OAuth `Client ID` and `Client secret` and make sure the redirect URL is set to the path `http://your-domain.com/login/index.php`\n\n### Configuring Docker\n\nKurukshetra make uses of Dockers API's for running the user submitted code. A one time configuration is required before we can make use of the docker API's which is as follows:\n\n* Pull the docker image: `docker pull phusion/baseimage:latest`\n* Goto installation directory: `cd installation/optional/`\n* Build kurukshetra image from the Dockerfile: `docker build -t kurukshetra .`\n\nAlternatively, you can just run `python install.py` from within the directory `installation/optional` which will go ahead and install Docker (if not installed already) and will configure the Kurukshetra docker image automatically.\n\n## Roadmap\n\nThe following are couple of ideas which we have in mind to do going ahead with Kurukshetra. If you have any ideas/feature requests which is not listed below, feel free to raise an [issue in github](https://github.com/a0xnirudh/kurukshetra/issues).\n\n* Support for more languages including but not limited to JAVA, NodeJs and Ruby on Rails.\n\n* Write more challenges along with unittests to cover all the  OWASP Top 10 vulnerabilities.\n\n* Gamification of the whole framework by introducing scorebard based on challenge solving points (predefined points are already available for challenges based on difficulties).\n\n## Screenshots\n\n1. Challenge listing page:\n\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"/staticfiles/img/challenge_listing.png\" alt=\"Kurukshetra\"/\u003e\n\u003c/p\u003e\n\n2. Challenge solving page:\n\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"/staticfiles/img/challenge_solving.png\" alt=\"Kurukshetra\"/\u003e\n\u003c/p\u003e\n\n3. Admin portal (statictics):\n\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"/staticfiles/img/admin_dashboard.png\" alt=\"Kurukshetra\"/\u003e\n\u003c/p\u003e\n\n4. Admin challenge edit/add challenges:\n\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"/staticfiles/img/admin_challenge_page.png\" alt=\"Kurukshetra\"/\u003e\n\u003c/p\u003e\n\n\n## Video demo (Admin Functionalities)\n\n\u003cdiv align=\"center\"\u003e\n  \u003ca href=\"https://www.youtube.com/watch?v=yrfmyz3p9a4\" target=\"_blank\"\u003e\u003cimg src=\"/staticfiles/img/video_thumbnail.png\" alt=\"Kurukshetra Admin functionalities\"\u003e\u003c/a\u003e\n\u003c/div\u003e\n\n\n## Contributors\n\nAwesome people who built this project:\n\n##### Lead Developers:\n\nAnirudh Anand ([@a0xnirudh](https://twitter.com/a0xnirudh))  \nMohan KK ([@MohanKallepalli](https://twitter.com/MohanKallepalli))  \n\n##### Project Contributors:\n\nArjun T U ([@arjunkikz](https://twitter.com/arjunkikz))  \nDurga Subramanian ([@0xdug](https://twitter.com/0xdug))  \nAnkur Bhargava ([@_AnkurB](https://twitter.com/_AnkurB))  \nPrajal Kulkarni ([@prajalkulkarni](https://twitter.com/prajalkulkarni))  \n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fa0xnirudh%2Fkurukshetra","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fa0xnirudh%2Fkurukshetra","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fa0xnirudh%2Fkurukshetra/lists"}