BanditGUI is a web application that provides a graphical user interface for the OverTheWire Bandit wargame. It simplifies the learning process by offering an integrated terminal, level-specific instructions and hints, an AI-powered chat assistant, and progress tracking.
- Integrated Web Terminal: Interact with the Bandit levels directly within your browser.
- Level Instructions and Hints: Get clear guidance for each level, including objectives, descriptions, and hints.
- AI-Powered Chat Assistant: Ask questions, get command explanations, and receive contextual help without revealing the answers.
- Progress Tracking: Monitor your progress through the Bandit levels.
- Password Management: Securely store and retrieve discovered passwords.
- Python 3.8 or higher
- Git
-
Clone the repository:
git clone https://github.com/TheRealFredP3D/BanditGUI.git cd BanditGUI -
Install dependencies:
pip install -r requirements.txt
-
Set up environment variables: Create a
.envfile in the project root and add your API key for the chat assistant (if using an external API):GITHUB_API_KEY=your_api_key_hereAlternatively, you can use a
.env.examplefile as a template:cp .env.example .env
Then, edit the
.envfile to include your actual API key. -
Run the application:
python app.py
-
Open in your browser: Navigate to
http://127.0.0.1:5000/
- Select a Bandit level from the level selection menu.
- Use the integrated terminal to execute commands and solve the challenges.
- Interact with the chat assistant for hints and guidance.
- Track your progress as you complete the levels.
This project is actively under development. Here's a roadmap of potential improvements and new features:
- Complete Level Data: Add complete information for all 34 Bandit levels to
bandit_levels.json. - Enhanced Chat Assistant:
- Integrate a more powerful NLP model (e.g., OpenAI's GPT) for more intelligent and contextual responses.
- Fine-tune the model on Bandit-specific data for better performance.
- Add support for more complex queries and interactions.
- Improved Error Handling: Provide more specific and user-friendly error messages.
- Dynamic Level Loading: Load level data dynamically from the JSON file for easier updates and management.
- User Authentication: Implement user authentication to store individual progress and preferences.
- Frontend Enhancements:
- Improve the web interface with better styling and more interactive elements.
- Visualize user progress through the levels.
- Integrated Command History: Store and display the user's command history within the web terminal.
- Challenge Completion Verification: Automatically verify if a user has completed a level based on specific criteria.
- Dockerization: Create a Dockerfile for easier deployment and portability.
- Vulnerability Explanations: Provide explanations of the vulnerabilities exploited in each level.
- Multiple Language Support: Add support for different languages for instructions and hints.
Contributions are welcome! Please feel free to open issues and submit pull requests.
This project is licensed under the MIT License. See the LICENSE file for details.