Skip to content

22Q4 // Nov 30, 2022

New Features

Dynamic Scoring

We introduced dynamic scoring for CTF events. This mode is calculating points based on the number of participants and solves. Every challenge of an event must have equal points set (e.g. 500 points per challenge). The more users solve the same challenge, the less points the challenge will have. This reduces the need of defining challenges as easy, medium or advanced. Points are dynamically calculated. We still provide a difficulty indicator (easy, medium, advanced) for challenges which is purely informational and does not affect the scoring in dynamic mode.

Scoring Freeze (Leaderboard)

The scoring freeze will stop updating the leaderboard. This may be configured for a CTF for the last hour. Thus, players don't know who won the competition and keep interest high to play the CTF until the end and the award ceremony.

E-Mail Teacher Notifications

Teachers get notified by e-mail about open solutions that need to be graded in Hacking-Lab. Such digest email will be sent once a day and can be turned on or off per teacher. This will remind teachers to grade open solutions continuously.

Tenant Access Policies

Tenant Administrators can set up a global access policy which will be enforced on the whole platform and not only on events. The tenant access policy is based on information stored in the Identity Provider (e-mail).

Event Access Policies

Event Managers can set up access policies on events. The access policy is based on information stored in the User Profile (birthday, e-mail, gender, affiliation, citizen). A user may need to complete his/her profile prior accessing the event.

Organizer Privacy Policy (GDPR)

Tenant Administrator have the option to define an organizer privacy policy per event (GDPR policy). Users must give consent before being allowed to enter the HL event. This is required and important if Hacking-Lab is requested to share event statistics, reports, user solutions to the customer. Please read more here https://www.hacking-lab.com/privacy-policy

Additional Features

  • Assign teachers to child events instead of the whole curriculum.
  • Fast and reliable file download feature using temporary valid, signed CDN URLs.
  • Manual grading mode for offline challenges (grading offline challenges, HW challenges).
  • Bulk grading mode for open solutions.
  • Access check now takes a user intention to better determine which checks need to be performed.
  • Improved solution chat history. Cleanup status and points for flags or write-ups.
  • New operating manual is now available as a website instead of a PDF

Notable Fixes

  • Fix Audit log: it was not working on first login for new users.
  • Fix Role Check: Result of role check was not returned in sidebar.
  • Fix Cloning Events: Cloning an event within the same curricula was not possible.
  • Fix Event Count: Event count was showing wrong number of running events.
  • Fix Report: The number of solutions in the report was wrong.
  • Fix Deletion Events: Deletion of events with nested units was not possible.
  • Fix Leaderboard: Ranking score did not include the step penalty.
  • Fix internal ranking page: Showing all results in the internal ranking and sort the challenges correctly.
  • Fix Dashboard GUI Crash: Dashboard was crashing because of a capitalization error.
  • Fix Exam: Users were unable to start an event that was in exam mode.
  • Fix Report: Fixed multiple issues in classes report module.
  • Fix Solution States: Cleaned up the solution states.
  • Fix GUI: Various layout and styling issues.
  • Fix Editor: Prevent null pointer exception when sections had no steps assigned.
  • Fix Quiz: Quiz solutions are more accessible for users with color blindness.
  • Fix Public Leaderboard: Ranking is working even if none of the represented events is public.

Engineering

  • Improve JPA performance by using streamlined entities and repositories.
  • Use of a single view on the database to calculate the scores.
  • Improved mocking for development and testing.
  • Automatic releases during pipeline execution.

System Monitoring

LiveCD Apple M1/M2

Hacking-Lab Shop

  • Stripe Payment Solution to buy HL trainings online

Discord Community

Support