Security is PARAMOUNT

A CTF platform is unlike anything else you've made

Developing a CTF platform is not like any other application, mostly for one core reason: On a normal application you can assume that "some" (relatively small percentage) of your users might try a hack or two... On a CTF platform EVERY user is a hacker, its not "if they try" something, its almost guaranteed.

Don't leave this for later, the bigger the project gets, the harder it will be to secure it. Even if you leave things for later, make sure you document them carefully so that you dont forget them.

Although nobody will expect your platform to be flawless, there will be some types of bugs that will most definitely cause you troubles (and sometimes haunt you).

How you deal with these bugs and the way these bugs are introduced is important.

PreviousForget the BETA notion NextThere will be some failures

Last updated 2 years ago