A CTF leaderboard for the submission of flags during a CTF challenge. Built using Django.

Related tags

Djangoctf-leaderboard
Overview

🚩 CTF Leaderboard

The goal of this project is to provide a simple web page to allow the participants of an CTF to enter their found flags. Also the live overview over all found flags gives a more competitive feeling to the game.

This app is written using Python 3 and the Django web framework.

Screenshot

Features

  • Participants can submit flags found during the CTF challenge
  • Live reload on the leaderboard overview
  • Simple administration through the Django admin UI (at /admin)
  • Custom landing page through the Content-model in the DB for instructions, links and screenshots

Getting started

Create and activate a virtual environment for the app:

$ python3 -m venv venv
$ source venv/bin/activate

Install all the necessary dependencies:

$ python3 -m pip install -r requirements.txt

Copy the .env.dist file to a .env file and make suitable adjustments (SECRET_KEY is important).

Create the database through migration and create a superuser for the admin UI (at /admin):

$ python3 manage.py migrate
$ python3 manage.py createsuperuser
$ python3 manage.py collectstatic

Run the server:

$ python3 manage.py runserver

Participant-Name-Format (name e.g. "Group B" in the screenshot): max. 20 chars
Name-Format (custom_name e.g. "Maurice, Gabriel" in the screenshot): max. 40 chars [a-zA-Z0-9_ ,]*
Flag-Format (secret): max. 200 chars [a-zA-Z0-9_]+

Feature ideas

This is a list of features some users requested but still need to be implemented. Feel free to implement one of them and submit a pull request. Thank you! Hint: we are roughly following the PEP 8 guideline using autopep8.

  • Crown the winner of the CTF who first found all the flags
  • Allow the creation of multiple pages (not only one homepage)
  • Enable multiple simultaneous CTFs through a list of available CTFs or unique URLs
Comments
  • Bump django from 4.0.7 to 4.0.8

    Bump django from 4.0.7 to 4.0.8

    Bumps django from 4.0.7 to 4.0.8.

    Commits
    • 7d5cb49 [4.0.x] Bumped version for 4.0.8 release.
    • 23f0093 [4.0.x] Fixed CVE-2022-41323 -- Prevented locales being interpreted as regula...
    • 4a30e0d [4.0.x] Set date and added stub notes for 4.0.8 and 3.2.16 releases.
    • 898f0aa [4.0.x] Added CVE-2022-36359 to security archive.
    • 60e6bae [4.0.x] Post-release version bump.
    • See full diff in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump django from 4.0.6 to 4.0.7

    Bump django from 4.0.6 to 4.0.7

    Bumps django from 4.0.6 to 4.0.7.

    Commits
    • e9e9729 [4.0.x] Bumped version for 4.0.7 release.
    • b7d9529 [4.0.x] Fixed CVE-2022-36359 -- Escaped filename in Content-Disposition header.
    • 2eb7ded [4.0.x] Adjusted version 4.0.7 release notes.
    • baeffe8 [4.0.x] Ignored 080359c4c5242ef69ac8c58c92f240e71121ffd7 formatting changes i...
    • 080359c [4.0.x] Fixed warnings per flake8 5.0.0.
    • 1a9f079 [4.0.x] Fixed collation tests on MySQL 8.0.30+.
    • b8b449f [4.0.x] Adjusted release notes for 4.0.7 and 3.2.15.
    • 2c2b748 [4.0.x] Added release date and stub release notes for 4.0.7 and 3.2.15 releases.
    • f78b18f [4.0.x] Fixed #33820 -- Doc'd "true"/"false"/"null" caveat for JSONField key ...
    • 48501c8 [4.0.x] Fixed RelatedGeoModelTest.test08_defer_only() on MySQL 8+ with MyISAM...
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump django from 4.0.4 to 4.0.6

    Bump django from 4.0.4 to 4.0.6

    Bumps django from 4.0.4 to 4.0.6.

    Commits
    • caad462 [4.0.x] Bumped version for 4.0.6 release.
    • c732152 [4.0.x] Updated man page for Django 4.0.6.
    • 0dc9c01 [4.0.x] Fixed CVE-2022-34265 -- Protected Trunc(kind)/Extract(lookup_name) ag...
    • a2b88d7 [4.0.x] Fixed typo in docs/topics/signals.txt.
    • 2b901c1 [4.0.x] Fixed GEOSTest.test_emptyCollections() on GEOS 3.8.0.
    • 4d20d2f [4.0.x] Fixed docs build with sphinxcontrib-spelling 7.5.0+.
    • 8a294ee [4.0.x] Added stub release notes and release date for 4.0.6 and 3.2.14.
    • 1c28443 [4.0.x] Fixed CoveringIndexTests.test_covering_partial_index() when DEFAULT_I...
    • 0f3b250 [4.0.x] Fixed #33789 -- Doc'd changes in quoting table/column names on Oracle...
    • 6661c48 [4.0.x] Updated OWASP Top 10 link in security topic.
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump django from 4.0.2 to 4.0.4

    Bump django from 4.0.2 to 4.0.4

    Bumps django from 4.0.2 to 4.0.4.

    Commits
    • 89807fb [4.0.x] Bumped version for 4.0.4 release.
    • 00b0fc5 [4.0.x] Fixed CVE-2022-28347 -- Protected QuerySet.explain(**options) against...
    • 8008288 [4.0.x] Fixed CVE-2022-28346 -- Protected QuerySet.annotate(), aggregate(), a...
    • 78e553b [4.0.x] Fixed #33628 -- Ignored directories with empty names in autoreloader ...
    • 7700084 [4.0.x] Added stub release notes and release date for 4.0.4, 3.2.13, and 2.2.28.
    • 5137416 [4.0.x] Fixed #32129 -- Adjusted the docs for session expiry helpers.
    • 7d540d6 [4.0.x] Fixed #33598 -- Reverted "Removed unnecessary reuse_with_filtered_rel...
    • f62816b [4.0.x] Updated Oracle docs links to Oracle 21c.
    • 0da9053 [4.0.x] Updated various links to HTTPS and new locations.
    • 7f69c0d [4.0.x] Corrected models.FileField signature in docs.
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump django from 4.0 to 4.0.2

    Bump django from 4.0 to 4.0.2

    Bumps django from 4.0 to 4.0.2.

    Commits
    • b12be7a [4.0.x] Bumped version for 4.0.2 release.
    • f9c7d48 [4.0.x] Fixed CVE-2022-23833 -- Fixed DoS possiblity in file uploads.
    • 0142204 [4.0.x] Fixed CVE-2022-22818 -- Fixed possible XSS via {% debug %} template tag.
    • 6928227 [4.0.x] Fixed #33480 -- Fixed makemigrations crash when renaming field of ren...
    • aff79be [4.0.x] Fixed #33468 -- Fixed QuerySet.aggregate() after annotate() crash on ...
    • 7a1c653 [4.0.x] Updated translations from Transifex.
    • 9a9c5b4 [4.0.x] Fixed #33459 -- Clarified index type in full text search docs.
    • 7c2d4d9 [4.0.x] Fixed #33462 -- Fixed migration crash when altering type of primary k...
    • f4de870 [4.0.x] Fixed #33048 -- Doc'd that DEBUG static files requests don't use midd...
    • f82ca84 [4.0.x] Fixed #33407 -- Fixed .radiolist admin CSS.
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
Releases(v1.0.0)

  • v1.0.0(Dec 23, 2021)

    🚩 CTF Leaderboard

    The goal of this project is to provide a simple web page to allow the participants of an CTF to enter their found flags. Also the live overview over all found flags gives a more competitive feeling to the game.

    This app is written using Python 3 and the Django web framework.

    Features

    • Participants can submit flags found during the CTF challenge
    • Live reload on the leaderboard overview
    • Simple administration through the Django admin UI
    • Custom landing page through the Content-model in the DB for instructions, links and screenshots
    Source code(tar.gz)
    Source code(zip)
Owner
Maurice Bauer
Student of Applied Computer Science at the Corporate State University Baden Württemberg
Maurice Bauer
GitHub Repository
Strawberry-django-plus - Enhanced Strawberry GraphQL integration with Django

strawberry-django-plus Enhanced Strawberry integration with Django. Built on top

BLB Ventures 138 Dec 28, 2022
Set the draft security HTTP header Permissions-Policy (previously Feature-Policy) on your Django app.

django-permissions-policy Set the draft security HTTP header Permissions-Policy (previously Feature-Policy) on your Django app. Requirements Python 3.

Adam Johnson 78 Jan 02, 2023
Reusable workflow library for Django

django-viewflow Viewflow is a lightweight reusable workflow library that helps to organize people collaboration business logic in django applications.

Viewflow 2.3k Jan 08, 2023
A visual indicator of what environment/system you're using in django

A visual indicator of what environment/system you're using in django

Mark Walker 4 Nov 26, 2022
A reusable Django app that configures your project for deployment

django-simple-deploy This app gives you a management command that configures your project for an initial deployment. It targets Heroku at the moment,

Eric Matthes 205 Dec 26, 2022
Full featured redis cache backend for Django.

Redis cache backend for Django This is a Jazzband project. By contributing you agree to abide by the Contributor Code of Conduct and follow the guidel

Jazzband 2.5k Jan 03, 2023
Simple reproduction of connection leak with celery/django/gevent

Redis connection leak with celery/django/gevent Reproduces celery issue at https://github.com/celery/celery/issues/6819 using gevented django web serv

2 Apr 03, 2022
An orgizational tool to keep track of tasks/projects and the time spent on them.

Django-Task-Manager Task Tracker using Python Django About The Project This project is an orgizational tool to keep track of tasks/projects and the ti

Nick Newton 1 Dec 21, 2021
CRUD with MySQL, Django and Sass.

CRUD with MySQL, Django and Sass. To have the same data in db: insert into crud_employee (first_name, last_name, email, phone, location, university) v

Luis Quiñones Requelme 1 Nov 19, 2021
Basic implementation of Razorpay payment gateway 💳 with Django

Razorpay Payment Integration in Django 💥 In this project Razorpay payment gateway 💳 is integrated with Django by breaking down the whole process int

ScaleReal 12 Dec 12, 2022
Django + AWS Elastic Transcoder

Django Elastic Transcoder django-elastic-transcoder is an Django app, let you integrate AWS Elastic Transcoder in Django easily. What is provided in t

StreetVoice 66 Dec 14, 2022
A debug/profiling overlay for Django

Django Debug Toolbar The Django Debug Toolbar is a configurable set of panels that display various debug information about the current request/respons

David Cramer 228 Oct 17, 2022
Automatically upgrade your Django projects.

django-upgrade Automatically upgrade your Django projects. Installation Use pip: python -m pip install django-upgrade Python 3.8 to 3.10 supported. Or

Adam Johnson 525 Dec 29, 2022
Analytics services for Django projects

django-analytical The django-analytical application integrates analytics services into a Django project. Using an analytics service with a Django proj

Jazzband 1.1k Dec 31, 2022
DCM is a set of tools that helps you to keep your data in your Django Models consistent.

Django Consistency Model DCM is a set of tools that helps you to keep your data in your Django Models consistent. Motivation You have a lot of legacy

Occipital 59 Dec 21, 2022
Sistema de tratamento e análise de grandes volumes de dados através de técnicas de Data Science

Sistema de tratamento e análise de grandes volumes de dados através de técnicas de data science Todos os scripts, gráficos e relatórios de todas as at

Arthur Quintanilha Neto 1 Sep 05, 2022
Exploit Discord's cache system to remote upload payloads on Discord users machines

Exploit Discord's cache system to hide payloads PoC Remote upload embedded payload from image using EOF to Discord users machines through cache. Depen

cs 169 Dec 20, 2022
REST API with Django and SQLite3

REST API with Django and SQLite3

Luis Quiñones Requelme 1 Nov 07, 2021
A Minimalistic Modern Django Boilerplate

A Minimalistic Modern Django Boilerplate This boilerplate is mainly for educational purposes. It is meant to be cloned as a starter code for future tu

Jonathan Adly 21 Nov 02, 2022
A standalone package to scrape financial data from listed Vietnamese companies via Vietstock

Scrape Financial Data of Vietnamese Listed Companies - Version 2 A standalone package to scrape financial data from listed Vietnamese companies via Vi

Viet Anh (Vincent) Tran 45 Nov 16, 2022