A CTF leaderboard for the submission of flags during a CTF challenge. Built using Django.

Related tags

Djangoctf-leaderboard
Overview

🚩 CTF Leaderboard

The goal of this project is to provide a simple web page to allow the participants of an CTF to enter their found flags. Also the live overview over all found flags gives a more competitive feeling to the game.

This app is written using Python 3 and the Django web framework.

Screenshot

Features

  • Participants can submit flags found during the CTF challenge
  • Live reload on the leaderboard overview
  • Simple administration through the Django admin UI (at /admin)
  • Custom landing page through the Content-model in the DB for instructions, links and screenshots

Getting started

Create and activate a virtual environment for the app:

$ python3 -m venv venv
$ source venv/bin/activate

Install all the necessary dependencies:

$ python3 -m pip install -r requirements.txt

Copy the .env.dist file to a .env file and make suitable adjustments (SECRET_KEY is important).

Create the database through migration and create a superuser for the admin UI (at /admin):

$ python3 manage.py migrate
$ python3 manage.py createsuperuser
$ python3 manage.py collectstatic

Run the server:

$ python3 manage.py runserver

Participant-Name-Format (name e.g. "Group B" in the screenshot): max. 20 chars
Name-Format (custom_name e.g. "Maurice, Gabriel" in the screenshot): max. 40 chars [a-zA-Z0-9_ ,]*
Flag-Format (secret): max. 200 chars [a-zA-Z0-9_]+

Feature ideas

This is a list of features some users requested but still need to be implemented. Feel free to implement one of them and submit a pull request. Thank you! Hint: we are roughly following the PEP 8 guideline using autopep8.

  • Crown the winner of the CTF who first found all the flags
  • Allow the creation of multiple pages (not only one homepage)
  • Enable multiple simultaneous CTFs through a list of available CTFs or unique URLs
Comments
  • Bump django from 4.0.7 to 4.0.8

    Bump django from 4.0.7 to 4.0.8

    Bumps django from 4.0.7 to 4.0.8.

    Commits
    • 7d5cb49 [4.0.x] Bumped version for 4.0.8 release.
    • 23f0093 [4.0.x] Fixed CVE-2022-41323 -- Prevented locales being interpreted as regula...
    • 4a30e0d [4.0.x] Set date and added stub notes for 4.0.8 and 3.2.16 releases.
    • 898f0aa [4.0.x] Added CVE-2022-36359 to security archive.
    • 60e6bae [4.0.x] Post-release version bump.
    • See full diff in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump django from 4.0.6 to 4.0.7

    Bump django from 4.0.6 to 4.0.7

    Bumps django from 4.0.6 to 4.0.7.

    Commits
    • e9e9729 [4.0.x] Bumped version for 4.0.7 release.
    • b7d9529 [4.0.x] Fixed CVE-2022-36359 -- Escaped filename in Content-Disposition header.
    • 2eb7ded [4.0.x] Adjusted version 4.0.7 release notes.
    • baeffe8 [4.0.x] Ignored 080359c4c5242ef69ac8c58c92f240e71121ffd7 formatting changes i...
    • 080359c [4.0.x] Fixed warnings per flake8 5.0.0.
    • 1a9f079 [4.0.x] Fixed collation tests on MySQL 8.0.30+.
    • b8b449f [4.0.x] Adjusted release notes for 4.0.7 and 3.2.15.
    • 2c2b748 [4.0.x] Added release date and stub release notes for 4.0.7 and 3.2.15 releases.
    • f78b18f [4.0.x] Fixed #33820 -- Doc'd "true"/"false"/"null" caveat for JSONField key ...
    • 48501c8 [4.0.x] Fixed RelatedGeoModelTest.test08_defer_only() on MySQL 8+ with MyISAM...
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump django from 4.0.4 to 4.0.6

    Bump django from 4.0.4 to 4.0.6

    Bumps django from 4.0.4 to 4.0.6.

    Commits
    • caad462 [4.0.x] Bumped version for 4.0.6 release.
    • c732152 [4.0.x] Updated man page for Django 4.0.6.
    • 0dc9c01 [4.0.x] Fixed CVE-2022-34265 -- Protected Trunc(kind)/Extract(lookup_name) ag...
    • a2b88d7 [4.0.x] Fixed typo in docs/topics/signals.txt.
    • 2b901c1 [4.0.x] Fixed GEOSTest.test_emptyCollections() on GEOS 3.8.0.
    • 4d20d2f [4.0.x] Fixed docs build with sphinxcontrib-spelling 7.5.0+.
    • 8a294ee [4.0.x] Added stub release notes and release date for 4.0.6 and 3.2.14.
    • 1c28443 [4.0.x] Fixed CoveringIndexTests.test_covering_partial_index() when DEFAULT_I...
    • 0f3b250 [4.0.x] Fixed #33789 -- Doc'd changes in quoting table/column names on Oracle...
    • 6661c48 [4.0.x] Updated OWASP Top 10 link in security topic.
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump django from 4.0.2 to 4.0.4

    Bump django from 4.0.2 to 4.0.4

    Bumps django from 4.0.2 to 4.0.4.

    Commits
    • 89807fb [4.0.x] Bumped version for 4.0.4 release.
    • 00b0fc5 [4.0.x] Fixed CVE-2022-28347 -- Protected QuerySet.explain(**options) against...
    • 8008288 [4.0.x] Fixed CVE-2022-28346 -- Protected QuerySet.annotate(), aggregate(), a...
    • 78e553b [4.0.x] Fixed #33628 -- Ignored directories with empty names in autoreloader ...
    • 7700084 [4.0.x] Added stub release notes and release date for 4.0.4, 3.2.13, and 2.2.28.
    • 5137416 [4.0.x] Fixed #32129 -- Adjusted the docs for session expiry helpers.
    • 7d540d6 [4.0.x] Fixed #33598 -- Reverted "Removed unnecessary reuse_with_filtered_rel...
    • f62816b [4.0.x] Updated Oracle docs links to Oracle 21c.
    • 0da9053 [4.0.x] Updated various links to HTTPS and new locations.
    • 7f69c0d [4.0.x] Corrected models.FileField signature in docs.
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
  • Bump django from 4.0 to 4.0.2

    Bump django from 4.0 to 4.0.2

    Bumps django from 4.0 to 4.0.2.

    Commits
    • b12be7a [4.0.x] Bumped version for 4.0.2 release.
    • f9c7d48 [4.0.x] Fixed CVE-2022-23833 -- Fixed DoS possiblity in file uploads.
    • 0142204 [4.0.x] Fixed CVE-2022-22818 -- Fixed possible XSS via {% debug %} template tag.
    • 6928227 [4.0.x] Fixed #33480 -- Fixed makemigrations crash when renaming field of ren...
    • aff79be [4.0.x] Fixed #33468 -- Fixed QuerySet.aggregate() after annotate() crash on ...
    • 7a1c653 [4.0.x] Updated translations from Transifex.
    • 9a9c5b4 [4.0.x] Fixed #33459 -- Clarified index type in full text search docs.
    • 7c2d4d9 [4.0.x] Fixed #33462 -- Fixed migration crash when altering type of primary k...
    • f4de870 [4.0.x] Fixed #33048 -- Doc'd that DEBUG static files requests don't use midd...
    • f82ca84 [4.0.x] Fixed #33407 -- Fixed .radiolist admin CSS.
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

    You can disable automated security fix PRs for this repo from the Security Alerts page.

    dependencies 
    opened by dependabot[bot] 0
Releases(v1.0.0)

  • v1.0.0(Dec 23, 2021)

    🚩 CTF Leaderboard

    The goal of this project is to provide a simple web page to allow the participants of an CTF to enter their found flags. Also the live overview over all found flags gives a more competitive feeling to the game.

    This app is written using Python 3 and the Django web framework.

    Features

    • Participants can submit flags found during the CTF challenge
    • Live reload on the leaderboard overview
    • Simple administration through the Django admin UI
    • Custom landing page through the Content-model in the DB for instructions, links and screenshots
    Source code(tar.gz)
    Source code(zip)
Owner
Maurice Bauer
Student of Applied Computer Science at the Corporate State University Baden Württemberg
Maurice Bauer
GitHub Repository
Location field and widget for Django. It supports Google Maps, OpenStreetMap and Mapbox

django-location-field Let users pick locations using a map widget and store its latitude and longitude. Stable version: django-location-field==2.1.0 D

Caio Ariede 481 Dec 29, 2022
A simple plugin to attach a debugger in Django on runserver command.

django-debugger A simple plugin to attach a debugger in Django during runserver Installation pip install django-debugger Usage Prepend django_debugger

Sajal Shrestha 11 Nov 15, 2021
Neighbourhood - A python-django web app to help the residence of a given neighborhood know their surrounding better

Neighbourhood A python-django web app to help the residence of a given neighborh

Levy Omolo 4 Aug 25, 2022
this is a simple backend for instagram with python and django

simple_instagram_backend this is a simple backend for instagram with python and django it has simple realations and api in 4 diffrent apps: 1-users: a

2 Oct 20, 2021
Resolve form field arguments dynamically when a form is instantiated

django-forms-dynamic Resolve form field arguments dynamically when a form is instantiated, not when it's declared. Tested against Django 2.2, 3.2 and

DabApps 108 Jan 03, 2023
A simple REST API to manage postal addresses, written in Python/Django.

A simple REST API to manage postal addresses, written in Python/Django.

Attila Bagossy 2 Feb 14, 2022
A prettier way to see Django requests while developing

A prettier way to see Django requests while developing

Adam Hill 35 Dec 02, 2022
A clone of https://virgool.io written in django

Virgool clone A clone of virgool blog written in django Installation first rename the .env.sample to .env and fill it. with docker docker-compose up -

Danial Selmipoor 7 Dec 23, 2022
Ugly single sign-on for django projects only

django-usso Ugly single sign-on for django projects only. Do you have many django apps with different users? Do you want to use only one of those apps

Erwin Feser 1 Mar 01, 2022
based official code from django channels, replace frontend with reactjs

django_channels_chat_official_tutorial demo project for django channels tutorial code from tutorial page: https://channels.readthedocs.io/en/stable/tu

lightsong 1 Oct 22, 2021
Indonesia's negative news detection using gaussian naive bayes with Django+Scikir Learn

Introduction Indonesia's negative news detection using gaussian naive bayes build with Django and Scikit Learn. There is also any features, are: Input

Harifzi Ham 1 Dec 30, 2021
PEP-484 type hints bindings for the Django web framework

mypy-django Type stubs to use the mypy static type-checker with your Django projects This project includes the PEP-484 compatible "type stubs" for Dja

Machinalis 223 Jun 17, 2022
The new Python SDK for Sentry.io

Bad software is everywhere, and we're tired of it. Sentry is on a mission to help developers write better software faster, so we can get back to enjoy

Sentry 1.4k Jan 05, 2023
A Powerful HTML white space remover for Django

HTML Whitespace remover for Django Introduction : A powerful tool to optimize Django rendered templates Why use "django_stip_whitespace" ? Adds line b

3 Jan 01, 2022
An URL Shortener with Basic Features.

Simple Url Shortener What is that? Yet another url shortener built with Django framework. Preview HOW TO RUN? 1. Virtual Environment First create a vi

Ethem Turgut 6 Jan 25, 2022
No effort, no worry, maximum performance.

Django Cachalot Caches your Django ORM queries and automatically invalidates them. Documentation: http://django-cachalot.readthedocs.io Table of Conte

NoriPyt 980 Jan 06, 2023
Django application and library for importing and exporting data with admin integration.

django-import-export django-import-export is a Django application and library for importing and exporting data with included admin integration. Featur

2.6k Dec 26, 2022
A Django app for managing robots.txt files following the robots exclusion protocol

Django Robots This is a basic Django application to manage robots.txt files following the robots exclusion protocol, complementing the Django Sitemap

Jazzband 406 Dec 26, 2022
💨 Fast, Async-ready, Openapi, type hints based framework for building APIs

Fast to learn, fast to code, fast to run Django Ninja - Fast Django REST Framework Django Ninja is a web framework for building APIs with Django and P

Vitaliy Kucheryaviy 3.8k Jan 01, 2023
Easy thumbnails for Django

Easy Thumbnails A powerful, yet easy to implement thumbnailing application for Django 1.11+ Below is a quick summary of usage. For more comprehensive

Chris Beaven 1.3k Dec 30, 2022