We are excited to announce that there will be two Capture The Flag competitions at the Diana Initiative this year!

Welcome to the Capture the Flag  (CTF) competition at The Diana Initiative (TDI)! We have lots to offer players of all backgrounds and levels.

This year we are offering two different CTFs which will run during our one day event, August 5, 2024.

Security Innovation –CMD&CTRL CTF

Cyber Skyline, Inc in conjunction with the National Cyber League (NCL)

Want to tap into your inner evildoer and test your skills in hunting down web application vulnerabilities?

If so, immerse yourself in the industry’s most authentic environment where players exploit their way through hundreds of vulnerabilities that lurk in business applications today. Success means learning quickly that attack and defense is all about thinking on your feet. For each vulnerability you uncover, you are awarded points. Climb the interactive leaderboard as you vie for the top spot! The CMD+CTRL Cyber Range is ideal for anyone interested in learning how web applications are attacked, furthering their cybersecurity acumen, or honing the skills needed to protect the enterprise. From curious bystanders to active practitioners to Risk and Security Executives, there’s something for everyone.

The mission of the NCL is to prepare the next generation of cybersecurity professionals by providing high school and college students, as well as their coaches, an online, safe platform of real-world cybersecurity challenges. We build pathways for students that lead to successful career placements in the cybersecurity field.

What is a CTF?

Capture the Flag (CTF) is a type of cybersecurity competition where participants engage in challenges designed to test their skills in various aspects of information security. The term “Capture the Flag” originates from traditional outdoor games where opposing teams compete to capture each other’s flag.

In the context of information security, a CTF typically involves teams or individuals solving a series of tasks or puzzles related to cybersecurity. These challenges can cover a wide range of topics, including but not limited to:

  1. Cryptography: Tasks involving encryption, decryption, and code-breaking.
  2. Reverse Engineering: Participants are given binary executables or firmware to reverse engineer and find vulnerabilities or secrets.
  3. Web Security: Challenges related to web application security, such as finding and exploiting vulnerabilities like SQL injection, cross-site scripting (XSS), or insecure direct object references (IDOR).
  4. Forensics: Analyzing data or digital artifacts to uncover hidden information or solve a mystery.
  5. Steganography: Finding hidden messages or data within files, images, or other media.
  6. Network Security: Tasks focused on analyzing network traffic, identifying vulnerabilities, or exploiting misconfigurations.
  7. Binary Exploitation: Participants analyze and exploit vulnerabilities in binary programs, such as buffer overflows or format string vulnerabilities.

The goal of each challenge is to “capture the flag,” which is typically a secret or a token that proves the completion of the task. Participants must use their problem-solving skills, technical knowledge, and creativity to solve the challenges and collect as many flags as possible within the time limit.

CTF competitions can vary in format and difficulty level. Some CTFs are designed for beginners, while others target experienced cybersecurity professionals. Additionally, CTFs often provide a platform for participants to learn and improve their skills, as well as an opportunity to showcase their talents to potential employers or peers within the cybersecurity community.

How do I participate?

Participate in our virtual CTF 101 events prior to the conference to learn more about each platform. Register for the event(s) you wish to participate. The CTF platforms will be open for play on the day of The Diana Initiative conference. Stay tuned for more information about the virtual CTF 101 events.

What are the prizes?

  • One team winner – training vouchers from [TCM Security]
  • One individual winner – OnDemand SANS Offensive Operations course at no cost from [SANS]
  • More to be announced!
  • Did you want to donate a prize, let us know!

Thank you to our sponsors!

Prize Sponsors:

CTF Sponsors: