The New Security Project named Hacking-The Pentest Tutor Game was published in OWASP(Open Web Application Security Project) by OIT(Olivet Institute of Technology ) student Yuecheng Hou.
Hou is currently working on his capstone project as part of the requirements of the OIT Master program and he presented his findings with research papers under the supervision of his OIT college faculty members.
The project was written in LUA language and supported by the Love2D game engine. It was designed for developers and system administrators in order to bring awareness of internet security risks that may occur from their websites.
"The game engine could help researchers test and evaluate online automated hackers and algorithms," said Hou. "It also helps eliminate the risk of being involved in any future legal issues."
Description of Hou’s project includes, stimulating the environments and the processes of hacking/pentest. The purpose of this game is to:
- Educate people, developers, ops, and system admins about hacking/pentest;
- Provide pentesters a simulation environment to practice pentest;
- Security experts & professors to develop, test, and evaluate pentest automation/semi-automation tools. In this game, player can learn and explore the basis of pentest including some essential concepts & tools:
- Concepts: reconnaissance, scanning, exploitation, maintaining access, (social engineering - TO-DO)
- Tools: host, ping, telnet, Nmap, OpenVAS, Metasploit, Meterpreter
Description of Hou’s project includes, stimulating the environments and the processes of hacking/pentest. The purpose of this game is to:
Player will also be able to leverage one or more planners to automation robots, which can aid the players in the game process.
For more information about the game engine please visit
https://www.owasp.org/index.php/OWASP_Hacking-the_Pentest_Tutor_Game