Skip to content
This repository has been archived by the owner on Jun 27, 2023. It is now read-only.


CTF Scoreboard

This is a basic CTF Scoreboard, with support for teams or individual competitors, and a handful of other features.

Copyright 2020 Google LLC. This is not an official Google product.

Author: Please see the AUTHORS file.

This is a version 2.x branch. We've eliminated categories, in favor of tagging challenges. This simplifies the codebase significantly, and is a better fit since so many challenges border on more than one category. However, this branch is not compatible with databases from 1.x. If you need that, check out the 1.x branch, which will only be getting security & bug fixes.


  1. Install Python with PIP and setuptools. If you'd like to use a virtualenv, set one up and activate it now. Please note that only Python 3.6+ is officially supported at the present time, but it should still work on Python 2.7.

  2. Install the dependencies: pip install -r requirements.txt

  3. Install a database library. For MySQL, consider PyMySQL. For Postgres, use psycopg2. (Others may work; untested.)

  4. Write a for your relevant installation. An example is provided in

     SQLALCHEMY_DATABASE_URI = 'mysql://username:password@server/db'
     #SQLALCHEMY_DATABASE_URI = 'postgresql+psycopg2://username:password@server/db'
     SECRET_KEY = 'Some Random Value For Session Keys'
     TEAM_SECRET_KEY = 'Another Random Value For Team Invite Codes'
     TITLE = 'FakeCTF'
     TEAMS = True
     ATTACHMENT_DIR = 'attachments'
     LOGIN_METHOD = 'local'  # or appengine

If you are using plaintext HTTP to run your scoreboard, you will need to add the following to your, so that cookies will work:


If you are developing the scoreboard, the following settings may be useful for debugging purposes. Not useful for production usage, however.

  1. Create the database:

     python createdb
  2. Set up your favorite python application server, optionally behind a webserver. You'll want to use as your WSGI handler. Tested with uwsgi + nginx. Not tested with anything else, let me know if you have success. Sample configs are in doc/.

  3. Register a user. The first user registed is automatically made an admin. You probably want to register your user before your players get access.

  4. Have fun! Maybe set up some challenges. Players might like that more.

Installation using Docker

  1. Navigate to the folder where the Dockerfile is located.

  2. Run the command below to build a docker image for the scoreboard and tag it as "scoreboard".

    docker build -t "scoreboard" .
  3. Run the command below to create the docker container.

    docker create -p 80:80 scoreboard
  4. Find the name of the container you created for the scoreboard.

    docker container ls -a
  5. Run the command below to start the docker container for the scoreboard.

    docker start "container_name"


SCORING: Set to 'progressive' to enable a scoring system where the total points for each challenge are divided amongst all the teams that solve that challenge. This rewards teams that solve infrequently solved (hard or obscure) challenges.

TITLE: Scoreboard page titles.

TEAMS: True if teams should be used, False for each player on their own team.

SQLALCHEMY_DATABASE_URI: A SQLAlchemy database URI string.

LOGIN_METHOD: Supports 'local'


Build Status codecov

Use hooks

ln -s ../../.hooks/ .git/hooks/pre-commit

Test Cases

  • Setup database
  • Create user, verify admin
  • Create challenge
    • With, without attachment
  • Edit challenges
    • Add attachment
    • Delete attachment
  • Download backup
  • Restore backup
  • Create 2nd user, verify not admin
    • Solve challenge
    • Download attachment


This project stands on the shoulders of giants. A big thanks to the following projects used to build this:

And many more indirect dependencies.