Our applied security contest (also called "Capture The Flag") opposes 100 teams of 8 people trying to obtain the most points by capturing flags.
Those flags typically are secret messages hidden in different challenges.
The Challenges will be available to teams through a web portal on their own private contest network. Teams are not authorized to attack each other (it's not a red/blue team type of contest). They compete to have the most points on the leaderboard.
2023 is where we go back to our original in-person formula!
We are happy to announce that this year's CTF will be on-site first experience.
Back to teams of 8 people.
The return of the physical track!
The return of the hardware badge!
At any point, we will comply with Quebec government's sanitary measures and adjust our rules to make sure the CTF is both competitive and enjoyable.
If you have any questions, please ask them in #ctf on our Discord.
Challenges proposed will be from multiple security fields including:
networking, web application, binary reverse engineering, data forensics, hardware hacking, and more.
We add more items to your Internet of Things by providing hackable electronic badges that shine. It runs on programmable micro-controllers and features multiple I/Os. Examples from past years include USB, Bluetooth LE, OLED screen, several LEDs and buttons. Everything the badge team does is open source software and open hardware.
Our team is still working out the details for this year. Stay tuned for more details!
During the pandemic when we were remote, we built what is probably the most feature-rich CTF-focused Discord bot out-there. Our intention is to keep innovating with our bot as it greatly simplifies participants' experience. Discord is used as a platform to facilitate text and voice communication between teams and our staff. Furthermore, it has critical meme-sharing capabilities.
Check out https://nsec.io/discord for more information.
Here are few resources to help you prepare for the competition:
Back in 2023! When running the on-site CTF, we have the unique opportunity to leverage physical access. Every year we try to innovate with a dedicated physical track that combines several disciplines. Electronic voting, kiosk hacking, smartcard, lock-picking, UEFI boot tampering, etc. wrapped around a tiny layer of social engineering.
To relax after several hours of non-stop CTF action we provide a social break in the shape of a friendly Hacker Jeopardy competition. Enjoy a beer while watching your peers failing at easy questions because of "stage fright".
46 Internet Simulations1 per team
92 Windows Virtual Machines2 per team
12,543 Linux Containers272 per team
11,244 BGP Router244 per team
3,647,800 IPv6 routing table entries79300 per team
100+ ChallengesChanging every year