Formatting Support
Guidance supports Discord markdown: bold, italic, strikethrough, code blocks, and links.
CTF Builder
The CTF Builder guides you through creating challenges step-by-step with a friendly interactive interface. No command syntax or markdown required.
Builder Walkthrough
Section titled “Builder Walkthrough”-
Difficulty Selection
- Choose from default levels: Easy, Medium, Hard, Insane
- Or custom difficulties (if admin configured them)
- Sets the visual color and points value (if points mode enabled)
-
Category Selection
- Organize challenges: Web, Crypto, Pwn, Reversing, Forensics, Misc, etc.
- Helps members filter by topic
-
Input Type Selection
- Text Input — members type the flag answer
- File Input — attach a challenge file (binary, image, archive, etc.)
-
Challenge Details Modal
- Title (required) — challenge name (e.g., “SQL Injection 101”)
- Guidance (required) — instructions and description
- Flag (required) — the correct answer
- Max Attempts (optional) — 0 = unlimited, or set a limit
- Hint (optional) — clue for solvers
-
Preview (Optional)
- See how your challenge looks before publishing
- Check formatting and clarity
-
Publish
- Choose which channel to post in
- Challenge embed appears with “Submit Flag” button
- Goes live immediately
Input Types
Section titled “Input Types”Text-Based Challenges
Section titled “Text-Based Challenges”Members see the challenge embed and click “Submit Flag” to open a modal where they type the flag.
Best for:
- Crypto challenges with flag strings
- Puzzles with answers
- CTF competitions where the flag is text
Flag Example:
flag{this_is_the_answer}flag{sql_injection_pwned}CTFLab{welcome_to_ctflab}Tips:
- Flags are case-sensitive
- Include the flag format in your guidance if non-standard
- Consider wrapping in
flag{}for clarity
File-Based Challenges
Section titled “File-Based Challenges”Members download an attached file (binary, image, archive, encrypted data, etc.) and submit the extracted flag.
Best for:
- Reverse engineering (compiled binaries)
- Forensics (image files, disk images)
- Steganography (images with hidden data)
- Misc puzzles (archives, encrypted files)
Workflow:
- Create challenge with File input type
- Attach your challenge file during builder (e.g.,
challenge.bin,image.png) - Publish
- Members download the file, analyze it, extract the flag, and submit
File Editing: When editing a file-based challenge:
- Originally attached files are preserved
- You can edit title, guidance, or flag without re-uploading
- To replace the file, simply attach a new one during edit
Builder Features
Section titled “Builder Features”Difficulty Color Coding
Challenge embeds are color-coded by difficulty for quick visual scanning.
Attempt Limiting
Optionally cap attempts so members can’t brute-force weak challenges. 0 = unlimited.
Hints
Provide optional hints that members can see if they’re stuck. Encourage strategic thinking.
Example: Creating a Web Challenge
Section titled “Example: Creating a Web Challenge”Challenge: SQL Injection vulnerability discovery
Step 1: Run /create-ctf
Step 2: Select Difficulty: Medium
Step 3: Select Category: Web
Step 4: Select Input Type: Text
Step 5: Fill Details
- Title: “SQL Injection 101”
- Guidance:
A company uses a vulnerable login form at example.com/login.phpFind the admin flag by bypassing authentication.Hint: The password field isn't sanitized!
- Flag:
flag{sql_injection_bypassed} - Max Attempts: 5
- Hint: “Try entering ’ OR ‘1’=‘1 in the password field”
Step 6: Preview to check formatting
Step 7: Publish to #ctf-challenges
Example: Creating a Reversing Challenge
Section titled “Example: Creating a Reversing Challenge”Challenge: Reverse engineer a binary to find a hidden flag
Step 1: Run /create-ctf
Step 2: Select Difficulty: Hard
Step 3: Select Category: Reversing
Step 4: Select Input Type: File
Step 5: Fill Details
- Title: “Mystery Binary”
- Guidance:
Analyze the attached binary and find the hidden flag.Tools: IDA Pro, Ghidra, objdump, or any disassembler
- Flag:
flag{reverse_engineering_master} - Max Attempts: 0 (unlimited)
- File Attachment: (upload your compiled binary)
Step 6: Publish
Members will download the binary, reverse it, and submit the flag.
Tips & Tricks
Section titled “Tips & Tricks”Difficulty Tuning
Section titled “Difficulty Tuning”- Easy — introductory level, quick solves (1st Blood usually within minutes)
- Medium — requires basic knowledge, typical 30-min to 1-hour solves
- Hard — requires expertise, could take hours
- Insane — marathon challenge, bleeding-edge techniques
Guidance Best Practices
Section titled “Guidance Best Practices”- Start with a hook (why should members care?)
- Provide clear instructions (what to do)
- Include expected deliverables (what to submit)
- Add context (difficulty, tools needed, time estimate)
Example Guidance Template
Section titled “Example Guidance Template”**Challenge:** [Catchy title]
[2-3 sentence description of the scenario]
**What to do:**1. [Step 1]2. [Step 2]3. [Step 3]
**Expected Output:** A flag in the format `flag{...}`
**Tools:** [Recommended tools or languages]
**Time Estimate:** [30 minutes / 1 hour / 2+ hours]Editing & Managing Challenges
Section titled “Editing & Managing Challenges”Edit a Challenge
Section titled “Edit a Challenge”- Run
/edit-ctf [query] - Modify any field (title, difficulty, category, guidance, flag, etc.)
- Originally attached files are preserved
- Publish changes — all existing progress is preserved
Archive vs. Delete
Section titled “Archive vs. Delete”- Archive — hide from
/ctf-list, but keep all solve history - Delete — permanently remove (irreversible)
Repair a Challenge
Section titled “Repair a Challenge”- Run
/ctf-repair [message_link]if the embed breaks - Reattaches the “Submit Flag” button if it disappears
Next Steps
Section titled “Next Steps”- Create Your First Challenge — Try it now!
- Leaderboard System — How scoring works
- Analytics — Track difficulty metrics