Skip to content


Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?

Latest commit


Git stats


Failed to load latest commit information.
Latest commit message
Commit time


A hybrid CTF game, combining a dev-ops service hack and patch, jeopardy style flags, and an explorable battfield were players go head to head to control strategic network nodes.

Quick start

To use HBCTF as the start of a new project, do the following, preferably in a virtual environment. Clone the repo.

git clone

Then install in locally editable (-e) mode and run the tests.

sudo pip install -e .[test]

Then install couchDB (Developtment and testing is done on Ubuntu 16.04) .. code-block:: console

sudo apt-get install couchDB

Finally, give the command line game control program a try.

HBCTF --help

Services API explaination

Checkin --> Token Decryption --> ScoreTokentSubmit


Player checks into the game server and submits to the server the ip address and port their service is running on. The server responds out to the player with key and an encrypted score token that the player can decrypt and submit to receive points.

  • Player Actions
    • Checkin with IP and port they are running their service on.
    • Accept tokens and decrypts them
    • Submit decrypted tokens back to the server decrypted.
  • Server Actions
    • Recieve checkin information and store it in DB.
    • Pass out tokens every 5 minutes.
    • Recieve decrypted tokens and register scores.


Player submits the decrypted token back to the server to gain their points.

CLI Commands



Flag Type Description
-p, --port -v, --verbose -l, --logging --help INTEGER INTEGER INTEGER Port number to serve the API on. Sets the verbosity of outputs Sets the detail level of logs Show this message and exit.


Command Action
dropdb initdb restart start status stop Drop the database. Initialize the database. Restart the API. Start the API. Show the status of the API. Stop the API.

Dev Roadmap

  • Services API -> unit tests -> documentation.
  • Game Control CLI -> unit tests -> documentation.
  • Expad API for jeopardy stype flags -> unit tests -> documentation.
  • Jeopardy style scoreboard -> unit tests -> recustomization pipeline-> documentation.
  • Expand API for battleground features -> unit tests -> documentation.
  • Build battleground VM's -> Network VM's -> Seutup High Value Nodes and hook them to API -> Recustomization Pipeline -> documentation.

Dev Notes:

To help prevent uncustomized forks of HBCTF from being uploaded to PyPI, I've configured the setup's upload command to dry run. Make sure to remove this configuration from setup.cfg when you customize HBCTF.

  • logging
  • isatty
  • colrama
  • progressbar (progressbar2)