Cybersecurity Competitions
2022 Summer Social Engineering Event
Deadline for the 2022 Summer Social Engineering event is tomorrow, 4/30 at 12pm ET.
Theme: The CARE Lab is hit with ransomware
Website: https://sites.temple.edu/socialengineering/2022-se/ransomware/
Platform: Virtual (Zoom)
Fee: The event is FREE!
Who: high school, undergraduate, graduate Where: students from all over the world are
eligible
Deadline: 4/30 at 12pm ET
US Cyber Challenge: Cyber Quests
Description: Cyber Quests are a series of fun but challenging on-line competitions allowing participants
to demonstrate their knowledge in a variety of information security realms. Each quest
features an artifact for analysis, along with a series of quiz questions. Some quests
focus on a potentially vulnerable sample web server as the artifact, challenging participants
to identify its flaws using vulnerability analysis skills. Other quests are focused
around forensic analysis, packet capture analysis, and more. The quests have varying
levels of difficulty and complexity, with some quests geared toward beginners, while
others include more intermediate and ultimately advanced material.
Organizer(s): Counter Hack Challenges LLC.
Frequency: Every Spring
Website/contact information: https://uscc.cyberquests.org/
Next event date/location: Spring 2022
DEF CON
Description: DEF CON (also written as DEFCON, Defcon or DC) is one of the world's largest and most
notable hacker conventions, held annually in Las Vegas, Nevada. The first DEF CON
took place in June 1993 and today many attendees at DEF CON include computer security
professionals, journalists, lawyers, federal government employees, security researchers,
students, and hackers with a general interest in software, computer architecture,
hardware modification, conference badges, and anything else that can be "hacked".
The event consists of several tracks of speakers about computer- and hacking-related
subjects, as well as cyber-security challenges and competitions (known as hacking
wargames). Contests held during the event are extremely varied, and can range from
creating the longest Wi-Fi connection (aircrack-ng) to finding the most effective
way to cool a beer in the Nevada heat.
Other contests, past and present, include lockpicking, robotics-related contests,
art, slogan, coffee wars, scavenger hunt and Capture the Flag. Capture the Flag (CTF)
is perhaps the best known of these contests and is a hacking competition where teams
of hackers attempt to attack and defend computers and networks using software and
network structures. CTF has been emulated at other hacking conferences as well as
in academic and military contexts (as red team exercises).
Federal law enforcement agents from the FBI, DoD, United States Postal Inspection
Service, DHS, us-cert.gov, and other agencies regularly attend DEF CON.
Organizer(s): DEF CON Communications, Inc.
Frequency: Annual
Website/contact information: https://www.defcon.org/
Next event date/location: Def Con - August, 2022, Las Vegas
NYU-CSAW (Cyber Security Awareness Week)
Description: Designed as an entry-level CTF, this competition requires players to integrate concepts,
develop skills, and learn to hack as they go. Challenges mimic real-world scenarios
modeling various computer security problems. To succeed, teams must demonstrate a
profound understanding of the roles and ramifications of cyber security in these situations.
Topics include Pwnable, RE, Web, Crypto, and Forensics.
The top teams to emerge from Quals will compete on-site at one of CSAW's global regions,
vying for the coveted top three places.
Organizer(s): NYU Tandon School of Engineering OSIRIS Lab (https://www.osiris.cyber.nyu.edu/)
Frequency: Annual (April – November)
Website/contact information: https://csaw.engineering.nyu.edu/ctf
Next event date/location: Spring 2022, location varies
Southeast CPTC
Description: The Collegiate Penetration Testing Competition (CPTC), has grown from one region
(ten teams) to five regions (fifty teams) including an international region as well.
The CPTC provides a vehicle for up and coming cybersecurity student teams to build
and hone the skills required to effectively discover, triage and mitigate critical
security vulnerabilities. This competition is unique in offering a simulated environment
that mimics real world networks. The competition focuses on improving the security
posture of a fictitious organization and reporting on risks in a manner that is similar
to a real professional environment.
Organizer(s): Rochester Institute of Technology
Frequency: Every Fall
Website/contact information: https://nationalcptc.org/
Next event date/location: October - TBD
National Cyber League
Description: The National Cyber League (NCL) is a biannual cybersecurity competition for high
school and college students. The competition consists of a series of challenges that
allows students to demonstrate their ability to identify hackers from forensic data,
break into vulnerable websites, recover from ransomware attacks, and more. Students
compete in the NCL to build their skills, obtain scouting reports of their performance
for hiring purposes, and to represent their school.
The NCL challenges are based on the CompTIA Security+™ and EC-Council Certified Ethical
Hacker (CEH)™ performance-based exam objectives and include the following content:
Open Source Intelligence, Scanning, Enumeration and Exploitation, Password Cracking,
Traffic Analysis, Log Analysis, Wireless Security, Cryptography, and Web Application
Security.
Organizer(s): National Cyber League
Frequency: Biannual Website/contact information: https://www.nationalcyberleague.org/
Next event date/location: Winter 2022 Season Registration - check the site
Facebook Capture the Flag Competition
Description: A Capture the Flag (CTF) event is a computer security competition that encourages
players to solve security puzzles in a safe and controlled environment. The goal of
these events is to further the education of security professionals and to promote
Facebook's security culture. CTFs typically consist of challenge "levels" that represent
real security issues found in networks and systems. The players will compete with
each other, often in teams, to see who can solve these levels first and thereby win
valuable points to progress up a leader-board. At the end of the game the team with
the most points is declared the winner.
The Facebook CTF builds on years of experience and combines classic attack techniques
of penetration testing with defensive levels that require teams to patch the security
flaws that they find to prevent other teams from exploiting them. In doing this they
learn both offensive and defensive security skills while gaining points in a fast-paced
real-time game. It provides levels that include challenges in reverse-engineering,
web application security, network sniffing and basic system administration. The goal
is to expose players to the most common methods hackers use to break into systems,
and then to think about how they would defend against these attacks.
Facebook CTFs are played in an isolated network that ensures that all of the players
are on a level playing field. Facebook builds the game and the levels and welcomes
players from all backgrounds and abilities to play!
Organizer(s): Facebook
Frequency: N/A
Website/contact information: https://www.facebook.com/officialctf and https://github.com/facebook/fbctf
Next event date/location: Check the site for upcoming dates
Department of Energy CyberForce Competition
Description: The Department of Energy (DOE), capitalizing on the expertise of current national
laboratory staff that previously hosted four successful cyber defense competitions
to exercise interactive, scenario-based events, where teams engage in cybersecurity
activities includes methods, practices, strategy, policy, and ethics. Through the
CyberForce Competition™, DOE has worked to increase 1) hands-on cyber education to
college students and professionals, 2) awareness into the critical infrastructure
and cyber security nexus, and 3) basic understanding of cyber security within a real
world scenario.
Organizer(s): US Department of Energy (DOE)
Frequency: At least once a year
Website/contact information: https://cyberforcecompetition.com
Next event date/location: November at one of the DOE national laboratories