Hello! I’m Tom - a member of the RiceTeaCatPanda team and joint project leader on Project Sinensis. Since we announced Sinensis a couple of days ago, I thought I’d give a bit more of an in depth look at the project and our plans for it.
What is Sinensis?
Sinensis is our effort to create a CTF platform that’s the best it possibly can be and is as easy as possible to set up and get working, ultimately making the process of organising and playing a CTF just that little bit easier.
In the past, we’ve used the two most common platforms for running a CTF, CTFx and CTFd, and not been huge fans of either of them. CTFd is… well, CTFd. It’s slow, unwieldy and hard to set up in a manor that ensures it’ll run reliably. On the other hand, there’s CTFx. It’s a very good platform but we’re not massive fans of the tab-based UI as well as the fact that it lacks simple configuration. Things like editing the homepage or creating new dynamic pages require you to dig around inside the PHP source code and change stuff there, since it’s entirely devoid of any HTML templates and documentation. As a result (and just because it’s good fun), we decided we were going to write our own platform from scratch to fix these issues and that we’d call it Sinensis.
How’s it built?
Sinensis has two distinct components - a React frontend and a Go API for the backend. Let’s talk a bit about why we chose these two technologies.
React was the obvious choice for the frontend. For one, it’s got a huge user base, meaning that plenty of people will be able to modify Sinensis for their own needs, or even better, contribute to the project. On top of that, it’s got a good ecosystem and it’s well supported and documented thanks to its backing by Facebook.
The choice of language for the backend was… less straightforward. There were at least four different languages that we considered for their different merits and detriments. Rust and Python were two of them, but in the end we went with Go for its good performance, ease of use and the wide variety of frameworks and libraries that exist. If you’re interested, we’re using the Express.js-inspired Fiber web framework and GORM to interface with the MySQL database that underpins the entire system.
What does it look like right now?
As of today (21st August 2020), we’ve been working on Sinensis for about two months, accumulating about 360 commits across our two repositories. In fact, Sinensis is fully open source and licenced under the GNU AGPL v3 - you can see the project repos here and here. Our aim is to have the project in a functional state in time for our next CTF, RTCP 2021 which goes live on January the 22nd 2021. As for the frontend, here are some super fancy screenshots you can take a nosey at:
I’d show you screenshots of the API, but that’s just text and that’s boring. If you really want, you can download some of the latest development builds from here.
What do you want from Sinensis?
Part of the idea for making Sinensis is to make it the best platform out there. To do that, we need your help - we want to know what you want to see in Sinensis! If there’s a feature you think we should consider, or something you want us to make easier to do in Sinensis, let us know in the sinensis-suggestions channel of our Discord server - we’d love to hear from you!
Bonus - why’s it called Sinensis?
Everyone on the RiceTeaCatPanda team likes tea, which is a good thing. In fact, we like tea so much that decided to name our project after it. More specifically, we named it after camellia sinensis, which is the Latin name for the common tea plant.
If you’ve got any other questions or comments about Sinensis, feel free to ask in our Discord server. Thanks for reading!