Car Hacking in the Cloud (for Cheap) at DEF CON, Part 2

The Car Hacking Village CTF, hosted at DEF CON 25, utilized Zappa to deploy Flask-based CTFd on AWS Lambda and API Gateway, resulting in significant cost savings. The deployment was a last-minute idea conceived before the event, but research on less frequently used AWS technologies saved time. Despite initial testing and prior experience with CTFd, the team encountered a bug related to storing IP addresses as integers in a Postgres RDS instance, causing intermittent 500 responses. A test migration to change the column type resolved the issue, allowing the CTF to continue without further hiccups. The deployment handled a large volume of vulnerability scanner traffic and provided valuable learnings for future work.