Skip to content
CTFs as you need them
Python HTML JavaScript CSS Shell Dockerfile
Branch: master
Clone or download
dwillie and ColdHeat Strip password before length check (#1155)
* Strip password before length check
* Pin black to an older version
Latest commit 97f5dca Nov 5, 2019
Type Name Latest commit message Commit time
Failed to load latest commit information.
.github Issue template (#455) Nov 14, 2017
CTFd Strip password before length check (#1155) Nov 6, 2019
docs Mark 2.1.5 (#1126) Oct 2, 2019
migrations Only add team_captain_id foreign key if the db backend isn't SQLite (#… Jul 3, 2019
scripts Fix several issues in Vagrant provisioning (#1046) Sep 8, 2019
tests Prevent users from nulling out profile values (#1125) Oct 2, 2019
.codecov.yml Fix admin cannot modify verified status in Edit User (#777) Dec 4, 2018
.dockerignore Adding .dockerignore and making docker-entrypoint consider DATABASE_U… Jul 13, 2017
.flaskenv 1.2.0 (#627) May 3, 2018
.gitignore Format all the things (#991) May 12, 2019
.prettierignore Format all the things (#991) May 12, 2019
.travis.yml Strip password before length check (#1155) Nov 6, 2019 Mark 2.1.5 (#1126) Oct 2, 2019 Documentation improvements (#963) Apr 21, 2019
Dockerfile Revert "Switch Dockerfile from python:2.7-alpine to python:3.7-alpine ( Jul 11, 2019
LICENSE Update LICENSE Jul 29, 2018
Makefile Format all the things (#991) May 12, 2019 Reduce default gunicorn worker count to reduce memory usage (#968) Apr 25, 2019
Vagrantfile Fix several issues in Vagrant provisioning (#1046) Sep 8, 2019
development.txt Improve caching (#1014) Jun 15, 2019
docker-compose.yml Make ctfd user usable for mysql connection (#1028) Jun 21, 2019 Use /dev/shm for worker-tmp-dir in gunicorn in Docker (#1003) May 25, 2019 2.0.0 (#741) Nov 20, 2018 2.0.0 (#741) Nov 20, 2018 2.0.0 (#741) Nov 20, 2018
package.json Format all the things (#991) May 12, 2019 Add argparse to and fix some lints (#1064) Jul 21, 2019 Fix several issues in Vagrant provisioning (#1046) Sep 8, 2019
requirements.txt The place indicator on the team page now excludes counting hidden tea… Aug 30, 2019 Improve caching (#1014) Jun 15, 2019
setup.cfg Starting to write tests Jan 7, 2017 Fix flask run by not monkey patching for gevent in (#1101) Sep 5, 2019
yarn.lock Format all the things (#991) May 12, 2019

Build Status CTFd Slack Documentation Status

What is CTFd?

CTFd is a Capture The Flag framework focusing on ease of use and customizability. It comes with everything you need to run a CTF and it's easy to customize with plugins and themes.

CTFd is a CTF in a can.


  • Create your own challenges, categories, hints, and flags from the Admin Interface
    • Dynamic Scoring Challenges
    • Unlockable challenge support
    • Challenge plugin architecture to create your own custom challenges
    • Static & Regex based flags
      • Custom flag plugins
    • Unlockable hints
    • File uploads to the server or an Amazon S3-compatible backend
    • Limit challenge attempts & hide challenges
    • Automatic bruteforce protection
  • Individual and Team based competitions
    • Have users play on their own or form teams to play together
  • Scoreboard with automatic tie resolution
    • Hide Scores from the public
    • Freeze Scores at a specific time
  • Scoregraphs comparing the top 10 teams and team progress graphs
  • Markdown content management system
  • SMTP + Mailgun email support
    • Email confirmation support
    • Forgot password support
  • Automatic competition starting and ending
  • Team management, hiding, and banning
  • Customize everything using the plugin and theme interfaces
  • Importing and Exporting of CTF data for archival
  • And a lot more...


  1. Install dependencies: pip install -r requirements.txt
    1. You can also use the script to install system dependencies using apt.
  2. Modify CTFd/ to your liking.
  3. Use flask run in a terminal to drop into debug mode.

You can use the auto-generated Docker images with the following command:

docker run -p 8000:8000 -it ctfd/ctfd

Or you can use Docker Compose with the following command from the source repository:

docker-compose up

Check out the wiki for deployment options and the Getting Started guide

Live Demo


To get basic support, you can join the CTFd Slack Community: CTFd Slack

If you prefer commercial support or have a special project, feel free to contact us.

Managed Hosting

Looking to use CTFd but don't want to deal with managing infrastructure? Check out the CTFd website for managed CTFd deployments.


CTFd is heavily integrated with MajorLeagueCyber. MajorLeagueCyber (MLC) is a CTF stats tracker that provides event scheduling, team tracking, and single sign on for events.

By registering your CTF event with MajorLeagueCyber users can automatically login, track their individual and team scores, submit writeups, and get notifications of important events.

To integrate with MajorLeagueCyber, simply register an account, create an event, and install the client ID and client secret in the relevant portion in CTFd/ or in the admin panel:



You can’t perform that action at this time.