Competition (CTF): May 17-18, 2018



Our applied security contest (also called CTF as in "Capture The Flag") opposes 50 teams of 8 people trying to obtain the most points by capturing flags.

Those flags typically are secret messages hidden in different challenges.

The Challenges will be available to teams through a web portal on their own private contest network, they are not authorized to attack each other (it's not a red/blue team type of contest), they compete to have the most points on the leaderboard.



Challenges proposed will be from multiple security fields including:
networking, web application, binary reverse engineering, data forensics, hardware hacking, and more.


Getting prepared

Here are few resources to help you prepare for the competition:


  • RingZer0Team: Many challenges from NorthSec previous editions are hosted on this platform.
  • OWASP Vulnerable Web Application Directory: List of vulnerable web applications to test online or offline.
  • MontreHack: Montly 3 hours mini-CTF held third monday of every month
  • Learning

  • CTF Write-ups Archive: Great source of inspiration for methodology and tool usage based on actual CTF.
  • Reddit /netsec: Blog posts, white papers and news articles related to the latest trends in information security.
  • (archive): Great place to sharpen your reverse engineering skills.

  • Infrastructure

    46 Internet Simulations

    1 per team

    92 Windows Virtual Machines

    2 per team

    12,543 Linux Container

    272 per team

    11,244 BGP Router

    244 per team

    3,647,800 IPv6 routing table entries

    79300 per team

    100+ Challenges

    Changing every year