v0.19.0

• [backend] Add exec support on remote docker container
• [backend/frontend] Add time_zone setting support
• [frontend] Update twitter widget
• [frontend] Make sure we update the player online status on frontend visits
• [frontend] Make past spam checking code into validators
• [backend/frontend] Add support for disabling target spins for a player or a target altogether
• [frontend] Apply css styles on writeup view
• [frontend] Add writeup live preview (client side rendering)
• [backend] Add writeup preview
• [backend] Add view logs operations from running target containers
• [backend] Add full profile view
• [frontend] Validate before displaying existing user data
• [frontend] Update css to make profile settings validation errors stand out
• [backend] Create offline validator for player data
• [backend] Add support to disable writeup submissions for a target
• [backend] Add support to disable routes for a specific player
• [backend] Initial onsite help sections for all operations
• [backend] Add support for mass operations on filtered data of target
• [frontend] Introduce a local cache of memcache keys so that we only query memcache once per sysconfig key
• [frontend] Order network targets
• [backend] Split firewall rules into anchors so that we can manipulate sections independently from each other
• [frontend] Add share button on headshot
• [backend] Mail action templates are now part of the content
• [backend] SSL Parameters are now sysconfig keys
• [backend] Enforce properl Access Rules on all controllers
• [backend] Make leaderboard visibility before and after event start/end a configurable entry
• [backend] Make leaderboard visibility of zero scores a configurable entry
• [frontend] Referral functionality on player profiles
• [frontend] Re-enable autologin after account activation
• [backend] Introduce platform counter tables
• [frontend] Improve login & signup forms
• [frontend] Log registration and activation client IP's
• [backend] Add support for simple dynamic URL rules (not parameterized at the moment)
• [frontend] Make target category field visible on frontend

v0.18

• Validate social media profile links (@HitmanAlharbi)
• Add color border around top 3 positions of leaderboards
• Add rate limit on default nginx snippets
• Replace hardcoded references of echoCTF.RED to event_name sysconfig key
• Add target scenario field to help explain the overall scenario and help in support
• Add per target pre and post headshot resources
• Fix filtering issues on backend network grid
• Disable ovpn download for players with no keys
• Improved backend team management
• Fix docker compose volumes for images
• Fix host header injection when using certain versions of nginx and make it the default on configuration files (@HitmanAlharbi)

v0.17

This release brings the following bug fixes and features

• Make the network name that a target belongs into a link to the network view page
• Make Profile Rank relation return empty object instead of relation error
• Improve error pages so that they dont look so scary
• Make sure we catch exceptions from invalid images instead of error 500
• Add target difficulty definitions on help
• Add support to the backend REST API to be able to add a target into a network
• Add support to the backend REST API to be able to add AuthConf details for registry authentication
• Change Target->parameters from VARCHAR to TEXT
• Add category field on backend target models, forms and views
• Display Levels and their experience ranges on frontend
• Add simple news on dashboard to show updates and announcements
• Fix XSS in team name
• Improve CSRF handling on certain forms to avoid potential "token-spoofing"
• Implement target player metrics on backend
• Implement target docker status pulling on backend
• Make the left side logo rounded on frondend
• Disable publish of empty assets from VoteWidget on frontend
• Show the total points from questions on backend dashboard
• On frontend badge generator make interval an action argument
• On backend player/mail command use the @app alias prefix for accessing the mail template
• Fix bug on password hashing of SettingsForms
• Add target flag to skip healtchecks
• Replace the target uptime parsing from string to the actual creation timestamp on backend cron command
• Introduce api/headshots for list of latest headshots
• Add flag to enable/disable the team management operations on the frontend
• Add truncate CRL operation on backend
• Replace all hardcoded references of echoCTF.RED into event_name sysconfig key
• Replace hardcoded twitter hashtags with sysconfig values
• Add target weight column to be used for ordering
• On frontend target widget show when a target is new

v0.16

This release includes the following changes

• Bring back the dashboard with platform overall 10 day activity
• Add server time on left sidebar
• Make target powerup scheduled data human readable
• Fix bug on dashboard that showed >100% progress for new users
• Fix missing date population for when a user activated a writeup
• Disable authenticated users access to captcha route
• Update all external links to nofollow
• Update help module landing page and move faq/rules/instructions there
• Add challenge solver rating
• Add support for markdown writeups
• FAQ/Instructions/Rules create dynamic table of contents that can be linked
• Force writeup activation through post requests to avoid activation by accident
• Replace all js:confirm() dialogs with sweetAlert ones for frontend
• Add tooltips on header icons
• Add discord menu link
• Add privacy policy link on footer
• A lot of backend improvements for GRID views with related data

v0.15

• [pui] Optimized controller access rules based on sysconfig settings
• [mui] Improved the configuration form (mui/settings/configure)
• [backend] Add points on player treasure and findings
• [pui] Make notifications load below top menu (they no longer block the top bar)
• [docs] Create documentation with a list of all frontend actions
• [pui/mui] Ability to disconnect all current web based sessions of a player
• [pui] Verify email of player again, if it is changed by the settings form
• [mui] Display instructions on starting a container manually by hand
• [pui] Fix XSS on error page url (thnx @HitmanAlharbi)
• [mui/pui] Add networks into the game
• [pui] Updated how social media icons are displayed on profile
• [pui] Improved some column sizes to make it a bit more bearable for smaller size displays
• [pui] Make all entries of rules, faq, instructions and objectives as anchors so that we can link to them directly
• [pui] Extra leaderboards (fastest, most)
• [pui] refresh current page on flag claim
• [pui] display solved challenges on player profile
• [pui] Added avatars on leaderboards and stream
• [pui] Overall code cleanups (we have achieved a perfect 10 on scrutinizer)

v0.14

new targets to be added

v0.13

• Added writeups support
• Added country based leaderboards
• Update profile form to make clear what info needs to go to each field
• Separate widget for headshots on profile
• Separate widget for challenge solvers
• Separate stream message for challenge completion
• Allow users to login with their email as well as username
• Update stream messages for challenge question answers
• Limit visible headshots on target/view
• disable autocomplete on flag claim, on challenge answer and registration forms
• Move reset button to target view and remove from dashboard
• Profile target progress widget now only shows pending targets and not completed
• Various cosmetic improvements

Avatars and badges

• Target and player dynamic badge generation target/<id>/badge and profile/<id>/badge.
• Robohash avatar generation on signup
• Avatar uploads

Better ordering and treasure categorization

Better ordering and treasure categorization

Fastest Gun

Headshot timers and a lot of code cleanups and improvements