Root The Box: A Game of Hackers (CTF Scoreboard & Game Manager)

>_ Root the Box

Root the Box is a real-time capture the flag (CTF) scoring engine for computer wargames where hackers can practice and learn. The application can be easily configured and modified for any CTF style game. The platform allows you to engage novice and experienced players alike by combining a fun game-like environment with realistic challenges that convey knowledge applicable to the real world, such as penetration testing, incident response, digital forensics and threat hunting.

Like traditional CTF games, each team or player can target challenges of varying difficulty and sophistication, attempting to collect flags. But Root the Box brings additional options to the game. It has built-in support for “botnets”, allowing players to upload a small bot program to target machines that grant periodic rewards for each bot in the botnet. You have the option to use a banking system, where (in-game) money can be used to unlock new levels, buy hints to flags, download a target’s source code, or even “SWAT” other players. Password hashes for player bank accounts can also be publically displayed, allowing competitors to crack them and steal each other’s money.


  • Distributed under the Apache License, Version 2.0
  • Team Play or Individual Play
  • Real-time scoreboard graphs using websockets
  • Real-time status updates using websockets
  • Flag Types: Static, Regex, Datetime, Multiple Choice, File – w/options for case sensitivity
  • Options for Penalties, Hints, Attempts, Level Bonuses, Dynamic Scoring, Categories and more
  • Built-in team based file/text sharing and Admin game material distribution
  • Freeze Scores at a specific time allowing for end game countdown
  • Optional in-game Botnets or wall of sheep displaying cracked passwords
  • Unlocks and upgrades as users capture flags
  • Export and share Boxes/Flags
  • Site Themes and other cool stuff


See the Root the Box Wiki


Copyright (C) Joe moloch