|
|
|
|
@ -6,6 +6,32 @@ to be robust, so it uses some uncommon technics like client certificate for
|
|
|
|
|
authentication, lots of state of the art cryptographic methods and aims to be
|
|
|
|
|
deployed in a DMZ network architecture.
|
|
|
|
|
|
|
|
|
|
## Features
|
|
|
|
|
|
|
|
|
|
- **Collaborative Challenge Design and Review:** Facilitates large team collaboration for challenge creation and review.
|
|
|
|
|
- **Versatile Flag Formats:** Supports flags as strings, numbers, multiple-choice questions, unique-choice questions, selects, multiline inputs, and strings with capture regexp.
|
|
|
|
|
- **Engaging Challenge Interface:** A visually appealing interface that incorporates images to illustrate exercises.
|
|
|
|
|
- **Public Dashboard:** Allow spectators to follow the competition alongside players.
|
|
|
|
|
- **Archival Mode:** Preserve past challenges and data in a static form, with no code. Your archive can lied on a S3 bucket.
|
|
|
|
|
- **Export Capabilities:** Export challenges to other CTF platforms.
|
|
|
|
|
- **Security-Focused:** Designed with security as a top priority. Each service aims to be isolated with right restrictions. Answers are not stored in the database, ...
|
|
|
|
|
- **Choose your Authentication:** Authentication is not part of this project, integrate your own authentication methods.
|
|
|
|
|
- **Extensible:** Easily extend and customize the platform. The main codebase in Golang is highly documented, each frontend part can be recreated in another language with ease.
|
|
|
|
|
- **Comprehensive Settings:** A wide range of settings for challenge customization. You can have first blood or not, dynamic exercice gain, evenemential bonus, ...
|
|
|
|
|
- **Git Integration:** Seamless verification and integration with Git.
|
|
|
|
|
- **Infrastructure as Code (IaC):** Ensure read-only and reproducible infrastructure.
|
|
|
|
|
- **Last-Minute Checks:** Ensure your challenge is ready with a comprehensive set of checks that can be performed anytime, verifying that downloadable files are as expected by the challenge creators.
|
|
|
|
|
- **Lightweight:** Optimized for minimal resource consumption, supporting features like serving gzipped files directly to browsers without CPU usage.
|
|
|
|
|
- **Scalable:** Designed to handle large-scale competitions with multiple receivers and frontend servers, smoothly queuing activity peaks on the backend.
|
|
|
|
|
- **Offline Capability:** Run your challenges offline.
|
|
|
|
|
- **Integrated Exercise Issue Ticketing System:** Manage and track issues related to exercises during the competition directly with teams. During designing phase, this transform in a complete dedicated QA platform.
|
|
|
|
|
- **Detailed Statistics:** Provide administrators with insights into exercise preferences and complexity.
|
|
|
|
|
- **Change Planning:** Schedule events in advance, such as new exercise availability or ephemeral bonuses, with second-by-second precision.
|
|
|
|
|
- **Frontend Time Synchronization:** Ensure accurate remaining time and event synchronization between servers and players.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
## Overview
|
|
|
|
|
|
|
|
|
|
This is a [monorepo](https://danluu.com/monorepo/), containing several
|
|
|
|
|
micro-services :
|
|
|
|
|
|
|
|
|
|
|
