GitHub - facebook/fbctf: Platform to host Capture the Flag competitions
The Facebook CTF is a platform to host Jeopardy and “King of the Hill” style Capture the Flag competitions.
- Organize a competition. This can be done with as few as two participants, all the way up to several hundred. The participants can be physically present, active online, or a combination of the two.
- Follow setup instructions below to spin up platform infrastructure.
- Enter challenges into admin page
- Have participants register as teams
For more information, see the Admin Guide
The FBCTF platform was designed with flexibility in mind, allowing for different types of installations depending on the needs of the end user. The FBCTF platform can be installed either in Development Mode, or Production Mode.
Quick Setup Guide (Recommended Installation)
The Quick Setup Guide details the quick setup mode which provides a streamlined and consistent build of the platform but offers less flexibility when compared to a custom installation. If you would prefer to perform a custom installation, please see the Development Installation Guide or Production Installation Guide.
First, ensure the issue was not already reported by doing a search. If you cannot find an existing issue, create a new issue. Make the title and description as clear as possible, and include a test case or screenshot to reproduce or illustrate the problem if possible.
If you have issues installing the platform, please provide the entire output of the provision script in your issue. Also include any error messages you find in
You’ve used it, now you want to make it better? Awesome! Pull requests are welcome! Click here to find out how to contribute.
Facebook also has bug bounty program that includes FBCTF. If you find a security vulnerability in the platform, please submit it via the process outlined on that page and do not file a public issue.
Feel free to join our slack by registering your email here: https://fbctf-slack.herokuapp.com/
This source code is licensed under the Creative Commons Attribution-NonCommercial 4.0 International license. View the license here.
- swisskyrepo/PayloadsAllTheThings: A list of useful payloads and bypass for Web Application Security and Pentest/CTF
- GitHub - OWASP/owasp-mstg: The Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security testing and reverse engineering.
- How I found a persistent XSS affecting thousands of career sites
- [ANNOUNCE] Git v2.14.1, v2.13.5, and others
- 2017-08-12 - code execution vulnerability