Alt text

Security Competition Scoring Engine

ScoreTrak is a scoring engine that tests the availability of services in a cyber-security competition network.

Quick Start

ScoreTrak currently supports deploying via docker and kubernetes. You can find the docker container stored in the github container registry located in the scoretrak org page.

Deployment Options

You can deploy on many platforms and each can be found below.

  1. Kubernetes (Preferred)
  2. Docker (Coming Soon)
  3. Local (Coming Soon)

Models

The database tables and relations diagram can be found below.

Diagram

Diagram can be found at drawsql.app.

img.png

Server

The Scoretrak scoring server is a golang application responsible to executing or delegating checks of services.

Modes

Single Node Master, No Workers

In a small environment, you can run one instance of the scoring engine that will be responsible for executing checks on the services and responding to client requests.

Single Node Master, 1+ Workers

In a medium environment, you can run one instance of the scoring engine that will be responsible for delegating checks to workers via a queue platform. While the single node master will also be responsible for responding to client requests.

Multi Node Master, 1+ Workers

In a large environment, you can run multiple instances of the scoring engine that will be responsible for delegating checks to workers via a queue platform. While the multi node masters will also be responsible for responding to client requests.

Web Client

The web client is how the black, red, and blue team will be interacting with the scoring services from setting up the checks and checking services.

User Roles

Each User will have an assigned role of Black, Red, Blue.

The Black team role will have access to setting up hosts, teams, services, and user accounts.

The Blue team role will have the ability to view the status of their services, as well as their competitors. In addition, changing the connection properties of their services if the black team allows it.

Checks

Scoretrak can check many things from HTTP to WinRM. The connection properties are editable by black team and blue team.

Executable Checks

  • FTP
  • SSH
  • WinRM
  • Ping
  • HTTP
  • LDAP
  • DNS
  • SMB
  • IMAP
  • SQL