In the domain of information security, Capture The Flag (CTF) is a game-like competition where participants are required to attack and defend computer systems in a controlled environment and in a legal way. Various problem solving tasks require from players knowledge in reverse engineering, web application analysis, cryptanalysis, forensics and exploit development among others.

There are mainly two types of CTF competitions:

  • In *Jeopardy-style* competitions participants are given a number of tasks or problems in various categories and points are awarded for problem solving with respect to the task difficulty. The ranking is established according to points obtained by the teams or individual players.
  • In an *Attack-defense* competition participants are provided with vulnerable environments which they need first to analyse and patch. Afterwards teams environments are interconnected and every team would try to exploit each other services and gain points. The team who gets compromised looses points. 

Many CTF competitions are organised regularly online and locally. It is a good educational experience and a perfect way to learn and practice your skills in different security areas in real-world scenarios. 

Contest details

Faithful to last year edition and to other major information security events, we would like to offer our participants a mini-CTF event on Tuesday Nov 2, 2016 from 4:30 pm till 7:30 pm. This is a Jepoardy-style CTF meaning that participants will be required to solve challenges in different categories (binary analysis, exploitation, forensics, web). 


  • The participation to the Y-NOT-CTF is open to everyone, conference participants and externals alike. 
  • The participation is free.


  • Number of participants is limited to 60.
  • Each participant should register himself by subscribing a free ticket.
    See the page Registration.

Team compositions:

  • You can participate individually or by team
  • The final registration of yourself/your team is done at the beginning of the CTF. We do not need to know the composition of the teams before the CTF.

Further details:

  • You can only participate locally from #CYBSEC16 network. 
  • No network scan. Stick to challenge IPs.
  • No attacks on other players. 
  • No voluntary Denial-Of-Service of CTF infrastructure.


  • The 3 top teams/players will be awarded some cool prizes. 


Why not? 

Organizing partners