Capture the Flag
12:00 PM October 25th – 3:00 PM October 26th
Solo or Groups (up to 6 people per team)
This year, the CTF has been created and is hosted by, one of our very own board members- Benny Karnes. Benny has been helping with SecureWV since the early days, when it was called Hack3rCon. This year’s CTF is a departure from some of the other CTFs Benny has done in the past as it is not a Network King of the Hill (NkotH) or a Cyber Range event. This year, the CTF will be a Jeopardy-style CTF, covering the OWASP Top 10 items and will include the following catagories:
- Broken Access Control
- Cryptographic Issues
- Hack3r History
- Improper Input Validation
- Insecure Deserialization
- Miscellaneous
- OSINT
- Security Misconfiguration
- Security through Obscurity
- Sensitive Data Exposure
- XSS
- XXE
To play the CTF, we recommend players use a laptop that has a Virtual Manager installed (VirtualBox or VMWare Player) with a Kali or ParrotOS VM set up. Chromebooks or NetBooks will not work for the CTF.
Also, Players will need to have the NetBird VPN Client installed in your VM of choice (see above). See the NetBird documentation for installation: https://app.netbird.io/install. If you are using Kali or ParrotOS as your VM, you will need the Linux tab: has done in the past as it is not a Network King of the Hill (NkotH) or a Cyber Range event. This year, the CTF will be a Jeopardy-style CTF, covering the OWASP Top 10 items and will include the following catagories:
NetBird is a Zero Trust VPN solution we are using for accessing the CTF network. Players will be given a connection code (Setup Key) on Friday of SecureWV and will be available in the CTF room.
The CTF room will open at 9 am on the Friday of SecureWV, but the actual CTF will only run from
Noon on Friday, Oct. 25th, until 3pm Saturday Oct. 26th