A CTF(short for Capture The Flag) is a computer security competition. Contestants are presented with challenges, which test their creativity and technical skills, along with their general problems solving ability. When a problem is solved, it yields a string (the flag), which can be submitted to the scoring server. CTFs are awesome to get started in hacking, and even have world competitions
Generally, this CTF is meant for all audiences which are interested in learning hacking and computer security.
This CTF is mostly made for people to have fun and learn new things! But at the same time, to increase awareness of vulnerabilities, and teach people to think defensively in terms of computer security.
The competition will begin on September 6th at 16:00:00 GMT and end on September 13th at 16:00:00 GMT.
This competition is entirely online, and participants can physically play from anywhere.
Yes, but not too difficult! There are tons of challenges, some of which we expect everyone to be able to solve, and some of which we expect nobody to solve. If the competition is too hard, it won't be fun or educational. If it is too easy, the same applies. Our goal is that most of the challenges are solvable with somewhat little knowledge.
Don't panic! We aren't expecting contestants to be proficient in computer security, but we do reccomend being comfortable with computer programming. As long as contestants are interested, they should be able to learn something and have fun regardless of background.
We have a Discord server where all discussions for the competition will be hosted. Feel free to join here
Participating in the competition requires only a computer with a modern web browser, and being able to install applications. Participation from personal laptops is encouraged.
The challenges will fall into one of the following categories: Cryptography, Forensics, Exploitation, Reverse Engineering, and Miscellaneous.
Team registration will open shortly.
Anyone can participate. However, prizes are restricted to Icelandic residents.
Aside from knowledge, there will be prizes awarded to top placing teams.
You will be presented with a list of problems which are each worth a fixed number of points based on its difficulty. When a problem is solved, you send the flag to our scoring server, which adds the problem's points to your team's score. The points for a problem does not change as more teams solve it. Once the competition is over, the team(s) with the highest scores are the winners. We calculate the scores independent of time, but time(sum of time spent solving each problem) will be used as a tie breaker.
No, any teams caught cheating will be disqualified. See rules below.
Attacking the scoring server, other teams, or machines which are not targets is cheating. This includes breaking into such machines and denying others access to them. Sharing flags or giving overly revealing hints to other teams is cheating, and so is being assisted by people outside the team.
Note that using tools from the internet along with information is fine, but specifically asking people on the internet to help you solve the problem is cheating. We encourage you to solve problems on your own using all available resources, but you should solve them yourselves
Note that we consider all forms of DoS, this includes bruteforcing flags or locations using scripts(a la dirbuster, sqlmap, etc...) cheating unless otherwise specified. In general all tools or scripts that make excessive requests to our services. Problems will generally be set up so that all bruteforcing can happen locally, or remote bruteforcing is kept to a reasonable amount.
Teams can consist of 1-3 contestants.
No. There is no point in creating multiple accounts. Teams found with duplicated accounts will be disqualified.
It's completely free
This of course depends on the definition of hacking. We encourage exploring computer systems, and learning how the computer works - when we say hacking, this is what we mean.
We do not condone hacking in the sense of breaking into machines illegally, stealing personal information, and launching DDoS attacks, this type of hacking is illegal, and we do not encourage it.