CyberGauntlet is a lightweight CTF-style platform focused on cipher challenges. Players download encrypted assets, apply provided hints to recover plaintext, and submit flags or answers. This repository contains a React + TypeScript frontend and a simple challenge layout served from public/challenges.
A quick visual overview of the platform:
- Static challenge delivery via
public/ - Frontend: Vite + React + TypeScript
- Optional Supabase integration for auth/leaderboards (
src/lib/supabase.ts)
Install dependencies and start the development server:
npm install
npm run devThis repository supports an optional Docker-based local development workflow. It is intended to reduce setup friction and keep environments consistent across OSes.
Start the dev stack:
docker compose up --buildFor a deeper walkthrough, see docker_guide.md.
Build and preview a production bundle:
npm run build
npm run previewChallenges are organized under public/challenges. Each challenge should reside in its own folder (for example q1, q2, ...). Recommended contents:
hint.txtβ concise hints or instructionsassets/β encrypted files, ciphertext dumps, images, etc.README.mdβ (optional) description and expected flag format (for exampleFLAG{...})
Example:
public/challenges/q1/
ββ cipher_collection.txt
ββ hint.txt
- Open the challenge page and download the provided assets.
- Use the hints to determine the cipher or encoding.
- Decrypt or decode assets locally to recover the flag.
- Submit the flag following the challenge rules.
Files in public/ are served statically by the dev server and are available for download in the browser.
Use standard command-line tooling. Example (OpenSSL, AES-256-CBC):
# Encrypt
openssl enc -aes-256-cbc -salt -in secretnote.txt -out secretnote.txt.enc -k "yourpassword"
# Decrypt
openssl enc -d -aes-256-cbc -in secretnote.txt.enc -out secretnote.txt -k "yourpassword"Simple Python example (Caesar cipher, shift = 3):
from pathlib import Path
text = Path('cipher_collection.txt').read_text()
def caesar(s: str, shift: int = 3) -> str:
out = []
for c in s:
if c.isupper():
out.append(chr((ord(c) - ord('A') - shift) % 26 + ord('A')))
elif c.islower():
out.append(chr((ord(c) - ord('a') - shift) % 26 + ord('a')))
else:
out.append(c)
return ''.join(out)
print(caesar(text))To add a challenge:
- Create
public/challenges/qX/(replaceqXwith a new identifier). - Add assets and a
hint.txtorREADME.mddescribing the objective and flag format. - Verify assets are downloadable from the dev server.
- Do not commit secrets (API keys, credentials) to the repository.
- For hosted competitions, perform server-side submission validation and rate limiting.
- Tech stack: Vite + React + TypeScript (see
package.jsonfor scripts). - Recommended improvements:
- Challenge authoring CLI to standardize asset creation.
- Server-side submission validation and scoreboard.
- Unit tests and CI workflow for lint/typecheck.
If you would like assistance adding challenges, integrating a scoreboard, or automating challenge creation, please open an issue or request changes in the repository.
Contributions are welcome and appreciated.
Before contributing, please read the following documents to understand our guidelines and expectations:
To contribute:
- Fork the repository
- Create a new branch for your changes
git checkout <feature-branch> - Make your changes following the project standards
git add <FILE> - Commit and push your changes to your fork
git commit -m "<commit-message>"
git push origin <feature-branch>- Open a Pull Request for review
By participating in this project, you agree to follow the Code of Conduct.
This project is licensed under the MIT License. See the LICENSE file for details.
π CyberGauntlet/
ββββπ Databases/
β ββββπ supabase/
β ββββπ migrations/
| ββββπ <date>_create_leaderboard.sql
| ββββπ <date>_create_public_schema.sql
| ββββπ <date>_posts_rls_policies.sql
| ββββπ <date>_create_team_sessions.sql
ββββπ Docs/
β ββββπ screenshots/
| ββββπ Landing.png
| ββββπ Login.png
| ββββπ Objective.png
| ββββπ ADMIN_SETUP.md
| ββββπ CODE_OF_CONDUCT.md
| ββββπ Contributor.md
| ββββπ LEADERBOARD.md
| ββββπ LEADERBOARD_IMPLEMENTATION.md
ββββπ Json/
| ββββπ index.html
| ββββπ package-lock.json
| ββββπ package.json
| ββββπ tsconfig.app.json
| ββββπ tsconfig.json
| ββββπ tsconfig.node.json
ββββπ public/
β ββββπ challenges/
β ββββπ q1/
| | ββββπ cipher_collection.txt
| | ββββπ hint.txt
β ββββπ q3/
| | ββββπ security.c
β ββββπ q4/
| ββββπ secretnote.txt
ββββπ src/
ββββπ components/
| ββββπ ChallengePage.tsx
| ββββπ DocsPage.tsx
| ββββπ GlitchText.tsx
| ββββπ LandingPage.tsx
| ββββπ Leaderboard.tsx
| ββββπ TerminalBox.tsx
ββββπ context/
| ββββπ AuthContext.tsx
ββββπ data/
| ββββπ teamData.ts
ββββπ lib/
| ββββπ supabase.ts
ββββπ pages/
| ββββπ Dashboard.tsx
| ββββπ LeaderboardPage.tsx
| ββββπ Login.tsx
| ββββπ Profile.tsx
| ββββπ ProtectedRoute.tsx
ββββπ App.tsx
ββββπ index.css
ββββπ main.tsx
ββββπ vite-env.d.ts
ββββπ index.html
ββββπ (... 17 more files)
π docs/ β README.md, ADMIN_SETUP.md, Contributor.md,LEADERBOARD_IMPLEMENTATION.md,CODE_OF_CONDUCT.md,
π screenshots
π src/ β Application source code
π public/ β Public assets and challenges
π database/ β Supabase migrations
π config/ β ESLint, Vite, Tailwind, PostCSS, TSConfig files
Feel free to use and modify the code as needed for your own CTF events!