Challenge Workbenches
The Problem CTFFactory Solves
CTF competitions have always been built on a simple premise: give a player an artifact, let them analyze it, and verify they found the flag. For twenty years, that premise held because the skills gap between a participant and a competent analyst was real and measurable.
That era is over.
Today, a player can take any artifact-based challenge β a packet capture, a memory dump, a steganographic image, a disk image β and submit it to a general-purpose AI model with a single message: "Find the flag in this file." In most cases, the answer comes back in under a minute. The challenge is not solved; it is bypassed. The competition no longer measures who can do forensics β it measures who can prompt an AI most effectively.
This is not a speculative risk. It is the current baseline. As models improve, the gap between what AI can extract from a raw file and what a skilled human can do is closing fast. Every artifact-based challenge on every platform that allows file downloads is, today, effectively optional for any player willing to use a model.
How Workbenches Solve It
CTFFactory's answer is architectural: the artifact never leaves the server.
Instead of giving the player a downloadable file, CTFFactory provisions a dedicated, ephemeral analysis environment β a workbench β for each player session. The challenge artifact is mounted read-only inside that environment. The player connects to it through their browser. There is no download button. There is no path to export the file. There is no outbound network access.
The player must analyze the artifact using the tools available inside the workbench. Those tools are real, professional-grade tools β the same ones a practitioner would use in the field. The flag can only be found by actually using them.
The result: the challenge measures what it was designed to measure.
The Player Experience
When a player opens a workbench-enabled challenge, they see a browser-based workspace rather than a download link. The workspace has two components:
- A web tool β a purpose-built interactive interface for that challenge type (a packet viewer for network challenges, a hex/output viewer for forensics, CyberChef for cryptography and encoding, etc.)
- A web terminal β a full interactive shell with the relevant CLI tools pre-installed, connected to the challenge artifact via an environment variable
The player uses the web tool to explore and orient themselves, then switches to the terminal to run deeper analysis. Output from terminal commands can be saved to a monitored directory and viewed live in the web interface without ever leaving the browser.
Workbench Types
CTFFactory provides a dedicated workbench for each artifact-heavy challenge ecosystem:
| Ecosystem | Web Interface | Terminal Tools |
|---|---|---|
| PCAP / Network | Webshark β interactive packet browser | tshark, scapy |
| Memory Forensics | Output viewer with live polling | Volatility 3, strings, xxd |
| Disk Forensics | Disk browser with partition and inode viewer | Sleuthkit (mmls, fls, icat), pytsk3 |
| Steganography | Image preview + metadata viewer | steghide, zsteg, exiftool, binwalk |
| Cryptography | CyberChef (full offline, 500+ operations) | openssl, RsaCtfTool, python3 |
| Encoding | CyberChef (full offline) | base64, iconv, od, tr, python3 |
| Archives | Terminal only | unzip, 7z, zipdetails, binwalk, python3 |
| Reverse Engineering | Output viewer + r2 web interface | radare2, capa, gdb, objdump |
| Binary Exploitation | Terminal only | pwntools, GDB+PEDA, ROPgadget, checksec |
Security Properties
Every workbench session enforces the following constraints:
No file download. All HTTP responses from the workbench are served with Content-Disposition: inline. There is no endpoint that produces a downloadable file. The artifact itself is only accessible through the tool APIs β never as a raw download.
No external network access. Workbench containers run with no outbound internet connectivity. There is no DNS resolution to external hosts. The player cannot make requests to external AI APIs, upload files to external services, or pull any data from outside the workbench environment.
No cross-player access. Each player session is fully isolated. One player's workbench has no visibility into another player's session, files, or terminal history.
Authentication on every request. Every request to the workbench URL is authenticated against your CTFFactory session. There is no way to share a workbench link with an unauthenticated user.
Automatic expiry. Each session has a configurable TTL (default: 4 hours). When the session expires, the environment is reclaimed and all session data is discarded. Players cannot accumulate workbench access beyond the event window.
Strict resource quotas. CPU and memory limits are enforced per container to prevent abuse and ensure fair resource allocation across concurrent players.
Challenge Integrity in Practice
From the organizer's perspective, workbenches change the threat model of artifact-based challenges fundamentally:
- A player cannot extract the artifact to analyze it offline or with external tools
- A player cannot paste the artifact into a chat interface β there is nothing to paste
- A player cannot share the artifact with teammates who are not enrolled in the event
- A player's only viable path is working within the tools provided
This does not prevent all forms of cheating (flag sharing, for example, remains a social problem). But it closes the largest technical vector that AI models have introduced into CTF competitions.
[!NOTE] Workbenches are available on the Starter plan and above. The number of concurrent workbench sessions is determined by your plan tier.
CTFFactory's Approach to the AI Era
CTF was designed as a human skill assessment. The introduction of powerful general-purpose AI models changes what that assessment can measure β but only if platforms allow AI unrestricted access to the raw challenge materials.
CTFFactory's position is that the answer is not to prohibit AI tools at the policy level (unenforceable) or to design challenges that are AI-resistant (an arms race with no winner). The answer is to restructure how artifacts are delivered so that the capability gap disappears as a vector.
Server-side workbenches are that structural answer. They do not fight AI β they make the AI vector structurally inaccessible. A model cannot analyze a file it cannot see.
As AI capabilities continue to expand, CTFFactory will extend the workbench model to additional challenge categories where the same vector exists.