🟣Perp

TLDR

Perp is a Purple Team Competition Network created all within Docker Compose, allowing it to be extremely cheaply run off of a single EC2 machine. Github

Background

I have competed in a number of purple team type competitions in the past, most recently Red Team Rumble this past summer at DefCon, ISTS, and an unnamed competition from a certain agency... My school's cyber club was looking to put on a similar style competition for our ctf this year: SummitCTF. With our biggest concern being cost, I wrote this code up (with some help from a few llms of course I do enough real coding at my actual job) to be used for that competition. Quick disclosure, though it wasn't the project's original design, this was my master's capstone.

Design

I used a docker compose file to create the framework for the network, includin setting ips/subnets (though note in this current published iteration subnets were removed due to networking issues, this will be changed once those are fixed) , setting environment variables for initial access passwords, and populating team networks. Each machine, in this proof of concept 4, has their own Dockerfile and other associated files in a separate folder. Flask was used for the websites for ease of deployment and some other open source packages, like ftp, were also added. The scoreboard, which operates off a Dockerfile as well, utilizes a sql database to store valid flags and teams, which is populated by the ansible script and organizer respectively. Finally, the jumpbox, again running off a Dockerfile, utilizes OpenVPN to create a client VPN file which allows teams to access the network. This currently maxes at 255 active connections, but this can be easily expanded by editing the Dockerfile to create additional client files.

Demo Video

Summary

This worked well for our competition with more than 100 competitors, maybe this can work for you too.