• What is a CTF?

    A CTF(short for Capture The Flag) is a computer security competition. Contestants are presented with challenges, which test their creativity and technical skills, along with their general problems solving ability. When a problem is solved, it yields a string (the flag), which can be submitted to the scoring server. CTFs are awesome to get started in hacking, and even have world competitions

  • Who is this for?

    Generally, this CTF is meant for all audiences which are interested in learning hacking and computer security.

  • Why?

    This CTF is mostly made for people to have fun and learn new things! But at the same time, to increase awareness of vulnerabilities, and teach people to think defensively in terms of computer security.

  • When is this?

    The competition will begin on September 6th at 16:00:00 GMT and end on September 13th at 16:00:00 GMT.

  • Where is this?

    This competition is entirely online, and participants can physically play from anywhere.

  • Is the competition difficult?

    Yes, but not too difficult! There are tons of challenges, some of which we expect everyone to be able to solve, and some of which we expect nobody to solve. If the competition is too hard, it won't be fun or educational. If it is too easy, the same applies. Our goal is that most of the challenges are solvable with somewhat little knowledge.

  • Where can I start learning?

    Don't panic! We aren't expecting contestants to be proficient in computer security, but we do reccomend being comfortable with computer programming. As long as contestants are interested, they should be able to learn something and have fun regardless of background.

    We reccomend knowing JavaScript, HTML, Python, along with being able to read Java and C code.

    While this competition will provide you with hints along the way, you can begin learning by reading this GitBook by CAMS CSC. You can also look at other CTF competitions like PicoCTF.

  • What if I have questions about a challenge?

    We have a Discord server where all discussions for the competition will be hosted. Feel free to join here

  • What do i need to compete?

    Participating in the competition requires only a computer with a modern web browser, and being able to install applications. Participation from personal laptops is encouraged.

  • What are the challenges like?

    The challenges will fall into one of the following categories: Cryptography, Forensics, Exploitation, Reverse Engineering, and Miscellaneous.

  • How do I participate?

    Team registration will open shortly.

  • Who can participate?

    Anyone can participate. However, prizes are restricted to Icelandic residents.

  • Are there prizes?

    Aside from knowledge, there will be prizes awarded to top placing teams.

  • How are problems scored? (How do we win?)

    You will be presented with a list of problems which are each worth a fixed number of points based on its difficulty. When a problem is solved, you send the flag to our scoring server, which adds the problem's points to your team's score. The points for a problem does not change as more teams solve it. Once the competition is over, the team(s) with the highest scores are the winners. We calculate the scores independent of time, but time(sum of time spent solving each problem) will be used as a tie breaker.

  • Can I cheat?

    No, any teams caught cheating will be disqualified. See rules below.

  • What is defined as cheating?

    Attacking the scoring server, other teams, or machines which are not targets is cheating. This includes breaking into such machines and denying others access to them. Sharing flags or giving overly revealing hints to other teams is cheating, and so is being assisted by people outside the team.

    Note that using tools from the internet along with information is fine, but specifically asking people on the internet to help you solve the problem is cheating. We encourage you to solve problems on your own using all available resources, but you should solve them yourselves

    Note that we consider all forms of DoS, this includes bruteforcing flags or locations using scripts(a la dirbuster, sqlmap, etc...) cheating unless otherwise specified. In general all tools or scripts that make excessive requests to our services. Problems will generally be set up so that all bruteforcing can happen locally, or remote bruteforcing is kept to a reasonable amount.

  • How many people can be on a team?

    Teams can consist of 1-3 contestants.

  • Can I create more than 1 team?

    No. There is no point in creating multiple accounts. Teams found with duplicated accounts will be disqualified.

  • How much does this cost?

    It's completely free

  • Does this competition condone hacking?

    This of course depends on the definition of hacking. We encourage exploring computer systems, and learning how the computer works - when we say hacking, this is what we mean.

    We do not condone hacking in the sense of breaking into machines illegally, stealing personal information, and launching DDoS attacks, this type of hacking is illegal, and we do not encourage it.