A CTF leaderboard for the submission of flags during a CTF challenge. Built using Django.

Related tags

Djangoctf-leaderboard
Overview

🚩 CTF Leaderboard

The goal of this project is to provide a simple web page to allow the participants of an CTF to enter their found flags. Also the live overview over all found flags gives a more competitive feeling to the game.

This app is written using Python 3 and the Django web framework.

Screenshot

Features

  • Participants can submit flags found during the CTF challenge
  • Live reload on the leaderboard overview
  • Simple administration through the Django admin UI (at /admin)
  • Custom landing page through the Content-model in the DB for instructions, links and screenshots

Getting started

Create and activate a virtual environment for the app:

$ python3 -m venv venv
$ source venv/bin/activate

Install all the necessary dependencies:

$ python3 -m pip install -r requirements.txt

Copy the .env.dist file to a .env file and make suitable adjustments (SECRET_KEY is important).

Create the database through migration and create a superuser for the admin UI (at /admin):

$ python3 manage.py migrate
$ python3 manage.py createsuperuser
$ python3 manage.py collectstatic

Run the server:

$ python3 manage.py runserver

Participant-Name-Format (name e.g. "Group B" in the screenshot): max. 20 chars
Name-Format (custom_name e.g. "Maurice, Gabriel" in the screenshot): max. 40 chars [a-zA-Z0-9_ ,]*
Flag-Format (secret): max. 200 chars [a-zA-Z0-9_]+

Feature ideas

This is a list of features some users requested but still need to be implemented. Feel free to implement one of them and submit a pull request. Thank you! Hint: we are roughly following the PEP 8 guideline using autopep8.

  • Crown the winner of the CTF who first found all the flags
  • Allow the creation of multiple pages (not only one homepage)
  • Enable multiple simultaneous CTFs through a list of available CTFs or unique URLs
Comments
  • Bump django from 4.0.7 to 4.0.8

    Bump django from 4.0.7 to 4.0.8

    Bumps django from 4.0.7 to 4.0.8.

    Commits
    • 7d5cb49 [4.0.x] Bumped version for 4.0.8 release.
    • 23f0093 [4.0.x] Fixed CVE-2022-41323 -- Prevented locales being interpreted as regula...
    • 4a30e0d [4.0.x] Set date and added stub notes for 4.0.8 and 3.2.16 releases.
    • 898f0aa [4.0.x] Added CVE-2022-36359 to security archive.
    • 60e6bae [4.0.x] Post-release version bump.
    • See full diff in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump django from 4.0.6 to 4.0.7

    Bump django from 4.0.6 to 4.0.7

    Bumps django from 4.0.6 to 4.0.7.

    Commits
    • e9e9729 [4.0.x] Bumped version for 4.0.7 release.
    • b7d9529 [4.0.x] Fixed CVE-2022-36359 -- Escaped filename in Content-Disposition header.
    • 2eb7ded [4.0.x] Adjusted version 4.0.7 release notes.
    • baeffe8 [4.0.x] Ignored 080359c4c5242ef69ac8c58c92f240e71121ffd7 formatting changes i...
    • 080359c [4.0.x] Fixed warnings per flake8 5.0.0.
    • 1a9f079 [4.0.x] Fixed collation tests on MySQL 8.0.30+.
    • b8b449f [4.0.x] Adjusted release notes for 4.0.7 and 3.2.15.
    • 2c2b748 [4.0.x] Added release date and stub release notes for 4.0.7 and 3.2.15 releases.
    • f78b18f [4.0.x] Fixed #33820 -- Doc'd "true"/"false"/"null" caveat for JSONField key ...
    • 48501c8 [4.0.x] Fixed RelatedGeoModelTest.test08_defer_only() on MySQL 8+ with MyISAM...
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump django from 4.0.4 to 4.0.6

    Bump django from 4.0.4 to 4.0.6

    Bumps django from 4.0.4 to 4.0.6.

    Commits
    • caad462 [4.0.x] Bumped version for 4.0.6 release.
    • c732152 [4.0.x] Updated man page for Django 4.0.6.
    • 0dc9c01 [4.0.x] Fixed CVE-2022-34265 -- Protected Trunc(kind)/Extract(lookup_name) ag...
    • a2b88d7 [4.0.x] Fixed typo in docs/topics/signals.txt.
    • 2b901c1 [4.0.x] Fixed GEOSTest.test_emptyCollections() on GEOS 3.8.0.
    • 4d20d2f [4.0.x] Fixed docs build with sphinxcontrib-spelling 7.5.0+.
    • 8a294ee [4.0.x] Added stub release notes and release date for 4.0.6 and 3.2.14.
    • 1c28443 [4.0.x] Fixed CoveringIndexTests.test_covering_partial_index() when DEFAULT_I...
    • 0f3b250 [4.0.x] Fixed #33789 -- Doc'd changes in quoting table/column names on Oracle...
    • 6661c48 [4.0.x] Updated OWASP Top 10 link in security topic.
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump django from 4.0.2 to 4.0.4

    Bump django from 4.0.2 to 4.0.4

    Bumps django from 4.0.2 to 4.0.4.

    Commits
    • 89807fb [4.0.x] Bumped version for 4.0.4 release.
    • 00b0fc5 [4.0.x] Fixed CVE-2022-28347 -- Protected QuerySet.explain(**options) against...
    • 8008288 [4.0.x] Fixed CVE-2022-28346 -- Protected QuerySet.annotate(), aggregate(), a...
    • 78e553b [4.0.x] Fixed #33628 -- Ignored directories with empty names in autoreloader ...
    • 7700084 [4.0.x] Added stub release notes and release date for 4.0.4, 3.2.13, and 2.2.28.
    • 5137416 [4.0.x] Fixed #32129 -- Adjusted the docs for session expiry helpers.
    • 7d540d6 [4.0.x] Fixed #33598 -- Reverted "Removed unnecessary reuse_with_filtered_rel...
    • f62816b [4.0.x] Updated Oracle docs links to Oracle 21c.
    • 0da9053 [4.0.x] Updated various links to HTTPS and new locations.
    • 7f69c0d [4.0.x] Corrected models.FileField signature in docs.
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump django from 4.0 to 4.0.2

    Bump django from 4.0 to 4.0.2

    Bumps django from 4.0 to 4.0.2.

    Commits
    • b12be7a [4.0.x] Bumped version for 4.0.2 release.
    • f9c7d48 [4.0.x] Fixed CVE-2022-23833 -- Fixed DoS possiblity in file uploads.
    • 0142204 [4.0.x] Fixed CVE-2022-22818 -- Fixed possible XSS via {% debug %} template tag.
    • 6928227 [4.0.x] Fixed #33480 -- Fixed makemigrations crash when renaming field of ren...
    • aff79be [4.0.x] Fixed #33468 -- Fixed QuerySet.aggregate() after annotate() crash on ...
    • 7a1c653 [4.0.x] Updated translations from Transifex.
    • 9a9c5b4 [4.0.x] Fixed #33459 -- Clarified index type in full text search docs.
    • 7c2d4d9 [4.0.x] Fixed #33462 -- Fixed migration crash when altering type of primary k...
    • f4de870 [4.0.x] Fixed #33048 -- Doc'd that DEBUG static files requests don't use midd...
    • f82ca84 [4.0.x] Fixed #33407 -- Fixed .radiolist admin CSS.
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
Releases(v1.0.0)

  • v1.0.0(Dec 23, 2021)

    🚩 CTF Leaderboard

    The goal of this project is to provide a simple web page to allow the participants of an CTF to enter their found flags. Also the live overview over all found flags gives a more competitive feeling to the game.

    This app is written using Python 3 and the Django web framework.

    Features

    • Participants can submit flags found during the CTF challenge
    • Live reload on the leaderboard overview
    • Simple administration through the Django admin UI
    • Custom landing page through the Content-model in the DB for instructions, links and screenshots
    Source code(tar.gz)
    Source code(zip)
Owner
Maurice Bauer
Student of Applied Computer Science at the Corporate State University Baden Württemberg
Maurice Bauer
GitHub Repository
Extensions for using Rich with Django.

django-rich Extensions for using Rich with Django. Requirements Python 3.6 to 3.10 supported. Django 2.2 to 4.0 supported. Are your tests slow? Check

Adam Johnson 88 Dec 26, 2022
✋ Auto logout a user after specific time in Django

django-auto-logout Auto logout a user after specific time in Django. Works with Python 🐍 ≥ 3.7, Django 🌐 ≥ 3.0. ✔️ Installation pip install django-a

Georgy Bazhukov 21 Dec 26, 2022
Django Email Sender

Email-Sender Django Email Sender Installation 1.clone Repository & Install Packages git clone https://github.com/telman03/Email-Sender.git pip install

Telman Gadimov 0 Dec 26, 2021
A Django app that creates automatic web UIs for Python scripts.

Wooey is a simple web interface to run command line Python scripts. Think of it as an easy way to get your scripts up on the web for routine data anal

Wooey 1.9k Jan 08, 2023
System checks for your project's environment.

django-version-checks System checks for your project's environment. Requirements Python 3.6 to 3.9 supported. Django 2.2 to 3.2 supported. Are your te

Adam Johnson 33 Dec 22, 2022
Template de desarrollo Django

Template de desarrollo Django Python Django Docker Postgres Nginx CI/CD Descripción del proyecto : Proyecto template de directrices para la estandariz

Diego Esteban 1 Feb 25, 2022
Dashboad Full Stack utilizando o Django.

Dashboard FullStack completa Projeto finalizado | Informações Cadastro de cliente Menu interatico mostrando quantidade de pessoas bloqueadas, liberada

Lucas Silva 1 Dec 15, 2021
A Powerful HTML white space remover for Django

HTML Whitespace remover for Django Introduction : A powerful tool to optimize Django rendered templates Why use "django_stip_whitespace" ? Adds line b

3 Jan 01, 2022
Zendesk Assignment - Django Based Ticket Viewer

Zendesk-Coding-Challenge Django Based Ticket Viewer The assignment has been made using Django. Important methods have been scripted in views.py. Excep

Akash Sampurnanand Pandey 0 Dec 23, 2021
REST API with Django and SQLite3

REST API with Django and SQLite3

Luis Quiñones Requelme 1 Nov 07, 2021
based official code from django channels, replace frontend with reactjs

django_channels_chat_official_tutorial demo project for django channels tutorial code from tutorial page: https://channels.readthedocs.io/en/stable/tu

lightsong 1 Oct 22, 2021
A modern looking portfolio build with Django.

Django Portfolio A portfolio template using html/css/js in the frontend and Django as the backend framework. Cool features: smooth scrolling responsiv

1 Jan 19, 2022
Silk is a live profiling and inspection tool for the Django framework.

Silk is a live profiling and inspection tool for the Django framework. Silk intercepts and stores HTTP requests and database queries before presenting them in a user interface for further inspection:

Jazzband 3.7k Jan 02, 2023
Use Database URLs in your Django Application.

DJ-Database-URL This simple Django utility allows you to utilize the 12factor inspired DATABASE_URL environment variable to configure your Django appl

Jacob Kaplan-Moss 1.3k Dec 30, 2022
A feature flipper for Django

README Django Waffle is (yet another) feature flipper for Django. You can define the conditions for which a flag should be active, and use it in a num

950 Dec 26, 2022
Store events and publish to Kafka

Create an event from Django ORM object model, store the event into the database and also publish it into Kafka cluster.

Diag 6 Nov 30, 2022
The uncompromising Python code formatter

The Uncompromising Code Formatter “Any color you like.” Black is the uncompromising Python code formatter. By using it, you agree to cede control over

Python Software Foundation 30.7k Jan 03, 2023
This website serves as an online database (hosted via SQLLite) for fictional businesses in the area to store contact information (name, email, phone number, etc.) for fictional customers.

Django-Online-Business-Database-Project this project is still in progress Overview of Website This website serves as an online database (hosted via SQ

1 Oct 30, 2021
Learn Python and the Django Framework by building a e-commerce website

The Django-Ecommerce is an open-source project initiative and tutorial series built with Python and the Django Framework.

Very Academy 275 Jan 08, 2023
A reusable Django model field for storing ad-hoc JSON data

jsonfield jsonfield is a reusable model field that allows you to store validated JSON, automatically handling serialization to and from the database.

Ryan P Kilby 1.1k Jan 03, 2023