Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

CTF Archive: Capture, Curate, Learn Forever

Pratham Gupta, Aditya Gabani, Connor Nelson, Yan Shoshitaishvili

TL;DR

CTF competitions offer hands-on cybersecurity learning but are ephemeral and hard to revisit. The authors propose CTF Archive, a public, dockerized, browser-based platform hosting 650+ challenges with reusable environments, REHOST.md documentation, and a uniform tooling stack to remove setup friction. The work demonstrates impact across communities, curricular adoption, and research avenues, including LLM-driven vulnerability discovery and solvability verification. This framework provides a scalable, accessible resource to embed persistent, practical cybersecurity learning into academic curricula.

Abstract

Capture the Flag (CTF) competitions represent a powerful experiential learning approach within cybersecurity education, blending diverse concepts into interactive challenges. However, the short duration (typically 24-48 hours) and ephemeral infrastructure of these events often impede sustained educational benefit. Learners face substantial barriers in revisiting unsolved challenges, primarily due to the cumbersome process of manually reconstructing and rehosting the challenges without comprehensive documentation or guidance. To address this critical gap, we introduce CTF Archive, a platform designed to preserve the educational value of CTF competitions by centralizing and archiving hundreds of challenges spanning over a decade in fully configured, ready-to-use environments. By removing the complexity of environment setup, CTF Archive allows learners to focus directly on conceptual understanding rather than technical troubleshooting. The availability of these preserved challenges encourages in-depth research and exploration at the learner's pace, significantly enhancing conceptual comprehension without the pressures of live competition. Additionally, public accessibility lowers entry barriers, promoting an inclusive educational experience. Overall, CTF Archive provides a scalable solution to integrate persistent, practical cybersecurity learning into academic curricula.

CTF Archive: Capture, Curate, Learn Forever

TL;DR

CTF competitions offer hands-on cybersecurity learning but are ephemeral and hard to revisit. The authors propose CTF Archive, a public, dockerized, browser-based platform hosting 650+ challenges with reusable environments, REHOST.md documentation, and a uniform tooling stack to remove setup friction. The work demonstrates impact across communities, curricular adoption, and research avenues, including LLM-driven vulnerability discovery and solvability verification. This framework provides a scalable, accessible resource to embed persistent, practical cybersecurity learning into academic curricula.

Abstract

Capture the Flag (CTF) competitions represent a powerful experiential learning approach within cybersecurity education, blending diverse concepts into interactive challenges. However, the short duration (typically 24-48 hours) and ephemeral infrastructure of these events often impede sustained educational benefit. Learners face substantial barriers in revisiting unsolved challenges, primarily due to the cumbersome process of manually reconstructing and rehosting the challenges without comprehensive documentation or guidance. To address this critical gap, we introduce CTF Archive, a platform designed to preserve the educational value of CTF competitions by centralizing and archiving hundreds of challenges spanning over a decade in fully configured, ready-to-use environments. By removing the complexity of environment setup, CTF Archive allows learners to focus directly on conceptual understanding rather than technical troubleshooting. The availability of these preserved challenges encourages in-depth research and exploration at the learner's pace, significantly enhancing conceptual comprehension without the pressures of live competition. Additionally, public accessibility lowers entry barriers, promoting an inclusive educational experience. Overall, CTF Archive provides a scalable solution to integrate persistent, practical cybersecurity learning into academic curricula.

Paper Structure

This paper contains 23 sections, 3 figures, 2 tables.

Table of Contents

  1. Introduction
  2. Motivation
  3. Accessibility
  4. Significant Work
  5. Preserving Knowledge
  6. Barrier to Entry
  7. Related Work
  8. CTF Archive Framework
  9. Infrastructure
  10. Architecture and Workflow
  11. Uniform Tooling and Interfaces
  12. Approach
  13. Impact
  14. Community
  15. Academia
  16. ...and 8 more sections

Figures (3)

  • Figure 1: CTF Archive Infrastructure. This diagram shows the sequence from challenge design through deployment.
  • Figure 2: CTF Archive Custom FlagCheck- This is the process used to create flagChecks, first the challenge's actual flag is hashed using sha256, then it is put inside the flagCheck generator which compares the actual flag with the user input to provide the pwn.college flag.
  • Figure 3: CTF Archive Combined Growth- This graph shows the new user growth as well as the solves. As its visible that during the December 2024 timeframe, the amount of solves to user ratio is higher than what before. This is the direct result of CSE 365 students joining and solving challenges.