CTF智能工具
AI Skill Hub 推荐使用:CTF智能工具 是一款优质的Agent工作流。AI 综合评分 7.5 分,在同类工具中表现稳健。如果你正在寻找可靠的Agent工作流解决方案,这是一个值得深入了解的选择。
📚 深度解析
CTF智能工具 工作流的设计遵循"最小配置,最大复用"原则:核心逻辑已经封装好,用户只需配置自己的 API Key 和业务参数即可快速上手。工作流内置错误处理和重试机制,在网络波动或 API 限速等情况下仍能稳定运行,适合作为生产环境的自动化基础设施。
在实际部署时,建议先在测试环境中运行 3-5 次,验证各个环节的输出结果符合预期,再部署到生产环境。AI Skill Hub 评分 7.5 分,是同类 Agent 工作流中的精选推荐。
📋 工具概览
CTF智能工具 是一套完整的 AI Agent 自动化工作流方案。通过可视化的节点编排,将复杂的多步骤任务拆解为清晰的自动化流程,实现全程无人值守的智能处理。支持与数百种外部服务和 API 无缝集成,适合构建数据处理管线、业务自动化和 AI 辅助决策系统。
📖 中文文档
CTF智能工具 是一套完整的 AI Agent 自动化工作流方案。通过可视化的节点编排,将复杂的多步骤任务拆解为清晰的自动化流程,实现全程无人值守的智能处理。支持与数百种外部服务和 API 无缝集成,适合构建数据处理管线、业务自动化和 AI 辅助决策系统。
- 可视化 Agent 工作流编排,无需编写复杂代码
- 支持多步骤自动化任务链,实现全流程无人值守
- 与外部 API、数据库和第三方服务无缝集成
- 内置错误处理与自动重试机制,保障稳定运行
- 提供可复用的自动化模板,快速在同类场景部署
- 自动化日常重复性工作,将精力集中于创造性任务
- 构建数据采集 → 处理 → 输出的完整自动化管线
- 实现跨平台、跨系统的数据流转和业务协同
# 方式一:pip 安装(推荐)
pip install ctf_agents
# 方式二:虚拟环境安装(推荐生产环境)
python -m venv .venv
source .venv/bin/activate # Windows: .venv\Scripts\activate
pip install ctf_agents
# 方式三:从源码安装(获取最新功能)
git clone https://github.com/rmjohnson12/CTF_Agents
cd CTF_Agents
pip install -e .
# 验证安装
python -c "import ctf_agents; print('安装成功')"
- 访问 GitHub 仓库获取工作流文件
- 在对应平台(Dify / Flowise / Make 等)中找到「导入工作流」功能
- 上传工作流文件
- 按照提示配置必要的环境变量和 API Key
- 运行测试确认流程正常后投入使用
# 命令行使用
ctf_agents --help
# 基本用法
ctf_agents input_file -o output_file
# Python 代码中调用
import ctf_agents
# 示例
result = ctf_agents.process("input")
print(result)
# ctf_agents 配置文件示例(config.yml) app: name: "ctf_agents" debug: false log_level: "INFO" # 运行时指定配置文件 ctf_agents --config config.yml # 或通过环境变量配置 export CTF_AGENTS_API_KEY="your-key" export CTF_AGENTS_OUTPUT_DIR="./output"
CTF_Agents
CTF_Agents is a Python multi-agent system for authorized Capture The Flag workflows. It routes challenge prompts to specialist agents, runs security tools through a common wrapper layer, captures observations, and iterates until it can report a result or explain what blocked progress.
The fastest way to use it is the natural-language CLI in ask.py. You describe the task, the router maps it to the best specialist, and the coordinator manages the solving loop.
🧠 Advanced Autonomous Features
- Autonomous Specialist Pivoting: The system now recognizes when a specialist (like CryptoAgent) is hitting a wall and will automatically pivot to the CodingAgent if a script is provided for analysis. - Self-Correcting Coding Agent: The agent doesn't just write scripts; it debugs them. If an exploit fails, it reads the error logs, reasons about the failure, and iterates on the code autonomously. - API Resilience: Built-in exponential backoff handles transient LLM failures, and NVIDIA NIM can rotate across multiple configured keys. - Evidence-Bound LLM Recovery: Final LLM recovery suggestions are constrained by the observed trace. SQL tooling is rejected unless the run has SQL-specific evidence such as database errors, query parameters, or login/search forms, so artifact-led web challenges do not pivot to generic SQL guesses. - Solve Trace Learning Store: Successful runs are recorded in a compact SQLite trace database with category, routing signature, artifact keys, indicators, flag prefix, and a flag hash. The raw flag is not stored, giving retrieval/training work useful examples without turning the database into an answer cache. The coordinator now retrieves similar solved traces at the start of a challenge and can use a high-confidence, untried prior route as a routing hint before asking an LLM. - Robust Path Resolution: Intelligent path normalization handles complex file inputs, including ~/ expansion even when mixed with absolute paths. - Source-Only Web Audits: Local web source folders are inspected for framework and dependency clues, including vulnerable React/Next.js combinations. - Source-Guided Web Exploits: Local source can drive live payloads for JSON length/type coercion and palindrome-style validation bugs while ignoring fake local flags when a spawned target is available. - Web Exploitation Playbooks: Browser-discovered forms can trigger archive upload, JSON/XML API, mass-assignment, XXE, JWT, and interesting-link follow-up checks. - Evidence-Led Web Artifact Triage: Web responses are inspected for header-disclosed artifacts such as X-Archived-Path and backup notes. The web agent can fetch those paths, decode certutil/PEM-style base64 blocks, reconstruct hidden SVG text from Krita-style archives, and render binary STL/OpenSCAD projections for manual flag reading. - Static-Source JWT Recovery: Live web targets are checked early for leaked JWT signing-key hints in HTML comments and static JavaScript. When a valid session token is present, the web agent can forge focused debug/admin claim variants and probe discovered chat/API endpoints without persisting raw secrets or forged tokens in artifacts. - Fast Live-Web Dispatch: If ask.py has already classified a prompt as a live web challenge with an explicit URL, the coordinator dispatches the first attempt directly to web_agent instead of waiting on LLM classification or routing. LLM-assisted recovery remains available after a failed specialist run. - HTB Code-Runner Playbooks: Web challenges exposing /run-style Python execution endpoints can submit compact solvers for coding/math tasks such as prime-product key recovery. - Remote ret2libc Pwn Playbook: Linux ELF pwn challenges with no PIE, NX enabled, a bundled libc.so.6, and a remote host:port can be exploited without local Linux execution. The pwn agent leaks puts, computes the libc base, builds a system("/bin/sh") chain, and retrieves common flag paths. - Hardware Logic Agent: Hardware/chip/circuit prompts can route to a specialist that combines challenge text, local files, images, and CSV tables to derive logic and decode output streams. Saleae .sal archives are inspected for analyzer metadata and decoded as UART 8N1 where applicable. - Godot Loader Reversing: Game-loader challenges can extract Godot PCK AES keys from Windows launchers, recover/decompile scripts with GDRE Tools, model GDScript obfuscation, and replay loader network requests to retrieve split flag material from headers and payload metadata. - Blockchain Specialist: Solidity folders can route to a Web3-backed blockchain agent that fetches HTB-style /connection_info, connects to the challenge RPC endpoint, executes deterministic contract exploits where applicable, and retrieves the remote flag. The normal ask.py path has been validated end to end against a spawned Survival-style smart-contract target. - Secure Coding Specialist: Secure-coding/source-remediation prompts route to a dedicated agent that uses editor-style APIs to inspect source, generate focused patches for recognized vulnerability patterns, save the updated file, and call the target's verification endpoint. The current playbook covers legacy flat-file user databases vulnerable to newline/pipe row injection. - Explicit Target Allowlisting: Remote challenge URLs, IP:port pairs, and connection-info endpoints must be approved through config/system_config.yaml or CTF_AGENTS_ALLOWED_NETWORKS; pasted challenge metadata cannot approve itself. The same policy is enforced across HTTP/browser tools, blockchain metadata fetches, raw crypto sockets, Docker readiness checks, nmap scans, and directory-discovery fallbacks. - Reduced Secret Exposure: Challenge-facing subprocesses run with a minimal environment by default so API keys and other host secrets are not inherited by LLM-generated scripts or untrusted challenge binaries unless a tool opts in. - Artifact Redaction By Default: Run reports, broker result messages, and the SQLite knowledge store redact sensitive keys before persistence. Browser cookies, Web Storage, and key-bearing generated scripts are not stored by default. - Opt-In Docker Challenge Runs: Local Docker web challenge folders can be built and launched when CTF_AGENTS_ALLOW_DOCKER=1 is set. - Live SSH Forensics: For authorized SSH-based forensics prompts, the forensics agent can inspect loader/preload state and shared-library hook indicators. Preload bypass searches require an explicit env opt-in.
Requirements
- Python 3.10 or newer.
- Python packages from
requirements.txt. - Optional LLM key for LLM-assisted reasoning:
NVAPI_KEYorNVAPI_KEYSfor NVIDIA NIM.ANTHROPIC_API_KEYfor Claude.OPENAI_API_KEYfor OpenAI.GOOGLE_API_KEYorGEMINI_API_KEYfor Gemini / Gemini Enterprise Agent Platform API-key testing.- Or a local Ollama server for API-free local model routing.
🛠 Prerequisites
- Python 3.10+ - .env file with at least one supported LLM key, such as NVAPI_KEY, NVAPI_KEYS, ANTHROPIC_API_KEY, OPENAI_API_KEY, or GOOGLE_API_KEY, or LLM_PROVIDER=ollama for a local Ollama model. - Essential security tools: nmap, tshark, binwalk, john, hashcat.
Installation
git clone https://github.com/rmjohnson12/CTF_Agents.git
cd CTF_Agents
python3 -m venv .venv
source .venv/bin/activate
pip install -r requirements.txt🚀 Quick Start
1. Check your setup:
python3 check_setup.py
2. Start the Interactive Solver:
python3 ask.py
3. Solve a Challenge: You can provide raw instructions or point to files:
> "Who needs AES when you have XOR? The files are in ~/Downloads/challenge.py and ~/Downloads/output.txt"
Outbound HTTP/browser access is restricted by security.allowed_networks in config/system_config.yaml. Remote hosts in pasted prompts or imported challenge JSON do not authorize themselves. For additional authorized networks, extend the policy explicitly for that run:
CTF_AGENTS_ALLOWED_NETWORKS=TARGET python3 ask.py "Solve this web challenge at http://TARGET:PORT"
CTF_AGENTS_ALLOWED_NETWORKS=example.web.ctf.local python3 ask.py "Web challenge https://example.web.ctf.local"
Sensitive browser session artifacts are not collected or persisted by default. For an authorized troubleshooting run where storing cookies or Web Storage is intentional, opt in explicitly:
CTF_AGENTS_CAPTURE_SENSITIVE_ARTIFACTS=1 python3 ask.py "Solve this web challenge at http://TARGET:PORT"
Source-only web challenges can point directly at a local app folder:
> "Analyze ~/Downloads/web_reactoops/challenge for vulnerable React/Next.js package versions. There is no spawned server."
Docker-based web challenges are disabled by default. To allow a local container launch, opt in for that command:
CTF_AGENTS_ALLOW_DOCKER=1 python3 ask.py "Solve this local Docker web challenge in ~/Downloads/web_reactoops"
The Docker agent builds the local Dockerfile, maps the exposed service to 127.0.0.1 on an ephemeral port, publishes that URL, and cleans up the container when the coordinator run finishes.
React2Shell/RSC payload execution is localhost-only by default. For an authorized spawned CTF target, explicitly opt in:
CTF_AGENTS_ALLOW_REMOTE_R2S=1 python3 ask.py "Solve ReactOOPS at http://TARGET:PORT"
HTB-style code-runner tasks can be given directly as a spawned target:
python3 ask.py "Solve Primed for Action at TARGET:PORT. The answer is the product of the two prime numbers."
Hardware logic challenge folders can point at local images and CSV files:
python3 ask.py "Solve this hardware chip challenge. The files are in ~/Downloads/hw_lowlogic"
Saleae captures can be passed directly for serial-debugging hardware tasks:
python3 ask.py "Decode this asynchronous serial debugging capture. Files are in ~/Downloads/debugging_interface_signal.sal"
Godot game-loader reversing challenges can include a target service and a local extracted challenge folder:
python3 ask.py "Investigate this compromised game and uncover the two-part flag. Target host TARGET:PORT. Files are in ~/Downloads/rev_gameloader"
Blockchain smart-contract challenges can point at a Solidity folder and a spawned target:
python3 ask.py "Solve this blockchain challenge at TARGET:PORT. Files are in ~/Survival"
Secure-coding challenges can point directly at a spawned editor/verification target:
python3 ask.py "Secure coding challenge, ip and port are TARGET:PORT"
Live SSH forensics prompts can include credentials and a target:
python3 ask.py "Investigate this SSH forensics target for loader anomalies. Creds: root:hackthebox IP and port are TARGET:PORT"
Unknown SSH host keys are rejected by default. For an authorized disposable lab target where first-seen host-key trust is acceptable, opt in explicitly:
CTF_AGENTS_ALLOW_UNKNOWN_SSH_HOST=1 python3 ask.py "Investigate this SSH forensics target. Creds: root:hackthebox IP and port are TARGET:PORT"
Read-only loader/rootkit triage runs by default. For authorized CTF/lab targets where temporarily disabling /etc/ld.so.preload is acceptable, opt in to the backup/restore preload-bypass search:
CTF_AGENTS_ALLOW_SSH_PRELOAD_BYPASS=1 python3 ask.py "Investigate this SSH forensics target for a userland rootkit. Creds: root:hackthebox IP and port are TARGET:PORT"
Configuration
The main configuration files are:
config/system_config.yamlfor global runtime settings.config/agents_config.yamlfor specialist behavior and priorities.config/tools_config.yamlfor tool paths, timeouts, and enablement..env.examplefor API keys, provider selection, and optional integrations.
Tool availability is detected at runtime where possible, so missing external tools should degrade specific capabilities rather than preventing all usage.
高质量的开源AI工作流,支持自然语言
- 构建多智能体协作系统的 Agent 开发者
- 生产部署优先使用 Docker Compose 隔离依赖,并挂载 volume 持久化数据
- 本地部署优先选 GGUF 量化模型,节省显存并保持响应速度
- Agent 任务先做 dry-run 验证工具调用链,再开启自主执行
- API key 直接提交到 git 仓库(请用 .env 并加入 .gitignore)
- 容器内无法访问宿主机 localhost — 使用 host.docker.internal
- 显存不足直接 OOM — 优先降低 context 或换更小的量化模型
- Python 依赖冲突:建议用 venv / uv 隔离环境
- Docker:CTF_Agents 提供官方镜像,docker compose up 一键启动
- CLI:直接 npm install -g / pip install,命令行调用
- 本地部署:CPU 8GB 起,GPU 推荐 16GB+ 显存
- 云端托管:可放在 Vercel / Railway / Fly.io 等 PaaS 平台
⚡ 核心功能
- 可视化 Agent 工作流编排,无需编写复杂代码
- 支持多步骤自动化任务链,实现全流程无人值守
- 与外部 API、数据库和第三方服务无缝集成
- 内置错误处理与自动重试机制,保障稳定运行
- 提供可复用的自动化模板,快速在同类场景部署
- 构建多智能体协作系统的 Agent 开发者
- 生产部署优先使用 Docker Compose 隔离依赖,并挂载 volume 持久化数据
- 本地部署优先选 GGUF 量化模型,节省显存并保持响应速度
- Agent 任务先做 dry-run 验证工具调用链,再开启自主执行
- API key 直接提交到 git 仓库(请用 .env 并加入 .gitignore)
- 容器内无法访问宿主机 localhost — 使用 host.docker.internal
- 显存不足直接 OOM — 优先降低 context 或换更小的量化模型
- Python 依赖冲突:建议用 venv / uv 隔离环境
👥 适合人群
🎯 使用场景
- 自动化日常重复性工作,将精力集中于创造性任务
- 构建数据采集 → 处理 → 输出的完整自动化管线
- 实现跨平台、跨系统的数据流转和业务协同
⚖️ 优点与不足
- +MIT 协议,可免费商用
- +大幅减少重复性人工操作
- +可视化流程,清晰直观
- +可扩展性强,支持复杂场景
- −初始配置和调试需投入一定时间
- −强依赖外部服务的稳定性
- −复杂场景需具备一定技术基础
AI Skill Hub 为第三方内容聚合平台,本页面信息基于公开数据整理,不对工具功能和质量作任何法律背书。
建议在沙箱或测试环境中充分验证后,再部署至生产环境,并做好必要的安全评估。
✅ MIT 协议 — 最宽松的开源协议之一,可自由商用、修改、分发,仅需保留版权声明。
🔗 相关工具推荐
❓ 常见问题 FAQ
总体来看,CTF智能工具 是一款质量良好的Agent工作流,在同类工具中具备一定竞争力。AI Skill Hub 将持续追踪其更新动态,建议收藏备用,结合自身场景选择合适时机引入使用。
| 原始名称 | CTF_Agents |
| 原始描述 | 开源AI工作流:Agentic CTF security tooling project with natural language support 。⭐3 · Python |
| Topics | AICTF安全工具工作流 |
| GitHub | https://github.com/rmjohnson12/CTF_Agents |
| License | MIT |
| 语言 | Python |
收录时间:2026-06-06 · 更新时间:2026-06-08 · License:MIT · AI Skill Hub 不对第三方内容的准确性作法律背书。