OpenAttackDefenseTools / tulip

Network analysis tool for Attack Defence CTF
GNU General Public License v3.0
287 stars 41 forks source link

Define flag regex per service instead of global #21

Open Fxr12042 opened 1 year ago

Fxr12042 commented 1 year ago

Not all CTF's maintain flag format over different services. It would be good to either define a global flag format or define format (based on regex) per service, preferably in configurations.py with the services definitions

RickdeJager commented 1 year ago

I agree this would be a useful feature to have, but imo it would be better to move the config to some central format that both the webserver and the importer can understand.

I'm quite busy at the moment, and with ICSC (and ECSC) around the corner it will be a while before this repo sees any new big features.

To work around this shortcoming, what you could do is use the Suricata plugin to populate the tags. That way you can use all of the context that Suricata provides to create separate alert rules for each flag format