During our lectures, like “IT security” in the Bachelor's and “Real World Crypto Engineering” in the Master's degree, we regularly use CTF challenges as a teaching aid. But both the platform—developed in a project group some time ago—and the challenges have become dated. The platform can be unstable at times, leading to frustration of students trying to solve challenges.

The goal of this project group will be to adapt one of the many open-source platforms for hosting CTF challenges to our needs and to develop new challenges. This requires programming skills in general (the language depends on the project you decide to adapt) and a foundational understanding of IT security (you should have heard at least one of our courses or a similar one).

The general steps of the PG are:

• Search for existing open-source projects that can be used.
• Adapt the project to our specific use case.
  • Set up the platform so future maintenance effort is low.
  • Add capabilities for things like logging in using your ZIM account (SSO).
  • (The exact requirements of the framework will be given to you at the start of the PG; this will inform your choice of project to adapt and give you concrete goals at the very start of the project.)
• Adapt and update existing challenges to the new platform.
• Write new challenges for our lectures. E.g.
  • Web Security challenges with headless browsers.
  • RWCE challenges with TLS or cryptography focus.
  • … whatever you can think of.