Creating a CTF game to teach devs how to secure their games from exploiters

I’m kinda interested in making a CTF (Capture-The-Flag) game similar to other cybersecurity games that would intentionally leave bugs in levels and challenge the player to complete a certain task (find a flag). Then after the level is completed it would describe in details the problem and how to secure your game from it.

The player would have a GUI command prompt (made using loadstring()) or just a intentionally glitchy element of the level.

An example level could be a store that checks the amount of coins on the client side before buying an item and then sends a RemoteEvent to the server to add that item to the player’s inventory without checking the amount of their coins. The player has to get that item despite having no coins.

My question is, is something like this allowed?
My only intention is to teach other developers how to secure their games.

I don’t see why it wouldn’t be allowed, unless the game is multiplayer and you can just actually use the exploits on everyone else

No that’s not the point of the game. The starting place (lobby) will be multiplayer but it would only contain some quizzes. Each level will be a separate place and singleplayer.

But thanks for the advice.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.