Mark your calendars! Hackfest 2023 is scheduled for June 23, 2023, at Elghazela Technopark. Stay tuned!


National Cybersecurity Competition

Find Out More

Hackfest is a Capture The Flag (CTF) competition

Hackfest is an annual cybersecurity event initally hosted by the Higher School of Communication (SUP'COM). Since 2015, it has brought together cybersecurity experts, businesses, and students under one roof. After huge success in previous editions, Hackfest is back for its 7th edition this year at Technopark El Gazala. This year is noteworthy since Hackfest will be contested in two stages: qualifiers on June 10th and finals on June 23rd.

The CTF consists of two phases: a qualification round and a final round. During the qualification round, contestants will compete individually to win a slot for the final round. Only 80 contestants will qualify for the finals. The final round is a multi-team hacking challenge in which teams compete independently to win prizes
The National Cybersecurity CTF Competition is meant for both beginners and experienced contestants, and it consists of tasks ranging from simple to extremely difficult in various categories:


In this category, you'll attack poorly implemented crypto, outdated crypto, or use well-known vulnerabilities to attack encrypted messages. You might be given for example a few RSA keys whose modulus share a factor, and you decrypt a message encrypted by one of these keys

Binary Exploitation

The program you received is running as a service on a remote machine. Reverse-engineer it, figure out its vulnerability, and use that to take exploit the remote service into serving you a flag. Often, there's a flag.txt you can get the program to read, or perhaps it has a flag in memory you need to get it to accidentally send you.

Web Exploitation

These challenges involve attacking common vulnerabilities in web technology. For example, you might need to use SQL injection to read the "secret_flag" table of a database, use directory traversal to get a web server to serve you "flag.txt", use Cross-Site Scripting to trick a simulated user to send you their password, or bypass some client-side checks implemented by obfuscated javascript

Reverse Engineering

In this category You'll receive a program, but not the source, so you need to disassemble it, look at the assembly, and figure out what it does. Programs can be x86 Windows, x86 Linux, ARM Linux, obfuscated Java, and a whole bevy of more obscure formats


This is a fairly broad category. You might receive an image of a disk in FAT format, and you'll need to un-delete "flag.txt". Maybe you receive a zip file, that contains a 7z file, that contains a tar archive, that contains some obscure file format you've never heard of, and unpacking the entire chain eventually gives you a flag.


These challenges involve attacking Embedded/IoT devices. You might receive an Arduino board, and you'll need to dump and analyse a firmware. Maybe you receive a binary program, that contains memory management vulnerability, exploiting the entire flow gives you a priviliged access to read files.
If you have any questions, please feel free to contact Maro at maroueneboubakri[]gmail[]com !

Join the challenge


The 2k23 Hosts

We are pleased to announce that SUP'COM will be hosting Hackfest'7. As part of our commitment to ensuring the success of this event, we have entrusted the financial management to ADSUP. They will be responsible for overseeing the budget, managing expenses, and ensuring that the event stays within its financial parameters.


Higher School of Communication of Tunis or Engineering School of Communication of Tunis, founded in 1998, is the main school of educating engineers in telecommunications in Tunisia. It is affiliated to the University of Carthage and occupies the advanced ranks in the competitive examination for the access to the engineering studies. As a school of national elites, Sup’Com evenly benefits from the tutelage of both, the Ministry of Higher Education and Scientific Research and the Ministry of Information and Communication Technology. Member of the Réseau Méditerranéen des Ecoles d'Ingénieurs (Mediterranean engineering schools’ network), Sup’Com was admitted since December 2008 as an associated member in the Conférence des Grandes Écoles (CGE), it is furthermore the first foreign school to be associated internationally with the Institut Mines-Télécom.


created on 11/01/2011 following an initiative by a group of Sup'Com alumni. AdSup aims to bring together and maintain contact between graduates of Sup'Com. The association has set the following objectives:

  • Encourage professional and friendly relationships among Sup'Com graduates.
  • Facilitate the integration, improvement, and career advancement of its members in professional life.
  • Promote the image of Sup'Com and its degrees.
  • Promote information and communication technologies (ICT).
  • Strengthen cooperation with organizations with similar objectives and working in the field of ICTs.

What to bring, how to compete...

How to participate


Team size is limited to 4


Bring your own laptop! We also recommend you come with a smartphone and multi-sockets


Bring your favorite software (disassemblers, development tools, hexadecimal viewers, virtual machines, kali etc)


Challenges will be accessible via wifi. Make sure you can access wifi on your laptop.

See Details


The 2k23 program

  • CTF Qualification Round

    CTF Qualification Round

    The CTF Qualification Round is an online event lasting 18 hours, where registered players compete to solve challenges across various categories. Top 60 contestants proceed to the Final Round.

  • CTF Final Round

    CTF Final Round

    The CTF Final Round is a 12-hour on-site competition where selected contestants compete in teams. Held overnight, the competition fosters a distraction-free environment for hackers to focus and collaborate.


The 2k23 sponsors

Hackfest is supported by a range of sponsors, including both local and international companies. It typically takes place over a weekend and attracts a diverse range of participants, from students and recent graduates to experienced professionals in the Cybersecurity field.

Be a part of the excitement at Hakfest 2023 by becoming a sponsor! Take a look at our sponsorship file to learn more about the amazing opportunities available to you. Then, reach out to us at ctfhackfest (at) gmail (dot) com to get started. Let's make this year's hacking festival the best one yet!

Past sponsors

Organizing committee

Marouene Boubakri (maro)


Chadha Sridi

Chadha Sridi Media

Roua Ben Mimoun

Media Manager
Roua Ben Mimoun Media Manager

Amine Manai

Human Ressources
Amine Manai Human Ressources

Anis Ouersighni

Anis Ouersighni Sponsoring

Achref ABIDI

Achref ABIDI Logistics

Youssef Makhlouf


Melek Salaani (layka_)


Amel Rami

Amel Rami Media

Moetez Afif

Moetez Afif Technical

Rami Abidi

Rami Abidi Designer

Iyed Mejri (Wingz)


Knani Alaaeddine (iwd)


Badreddine Chamkhi (retr0)



Previous editions

View Larger Map


The event is located on the ElGazala Technopark
GPS: latitude: 36.8924933, longitude: 10.1871238


A1 highway: Exit from RN8, Take Av. Fethi Zouhir. Keep right to continue toward Av. Fethi Zouhir, At the roundabout, take the 1st exit. Recommend parking: Parking in front of the conference space.


From Airport Carthage Tunis: Upon exiting the airport, you will find a taxi stand where you can hire a licensed taxi. Inform the taxi driver that you would like to go to El Ghazala Technopark. The taxi driver will take the most direct route to the technopark, which is usually via the A1 highway.


Take the Tram line 2 towards Ariana. Get off the TGM at "10 Décembre" station. Take a local bus (bus number 27A) that goes to El Ghazala Technopark.


To go from Tunis to El Ghazala Technopark using public transportation, you can take the public bus number 527 from Jean-Jaurès in Tunis or bus number 27A from Ariana.