Resumen
The article discusses the procedure for introducing game mechanisms into the educational process. The main elements of gamification, the concept of the game element "Capture the flag" ("CaptureTheFlag" - CTF) are described, the basic principles of the architecture of CTF platforms and the general scheme of the organization of CTF competitions are considered. The following types of CTF competitions are considered - "Survey" ("Quiz"), "Attack-Defense" ("Attack-Defense"), "Risk Analysis" or "Problem Solving" ("Jeopardy" or "Task-Based"), "King of the Hill", "Mixed". The article defines the main requirements for CTF platforms and the criteria from the comparison. The following are highlighted as requirements for CTF platforms: ease of installation, cross-platform, ease of configuration, status monitoring, extensibility, interactivity.This article discusses five CTF platforms: WebGoat and Security Shepherd from OWASP, CTFd, FBCTF, RootTheBox from third-party manufacturers. The last three CTF platforms use JuiceShop from OWASP as a demonstratively vulnerable application, which is considered separately. All platforms have implemented the main vulnerabilities from the Top 10 OWASP. All platforms are open source and available on GitHub.