Mark your calendars! Hackfest 2023 is scheduled for June 23, 2023, at Elghazela Technopark. Stay tuned!

Hackfest

National Cybersecurity Competition

Find Out More

Hackfest is a Capture The Flag (CTF) competition

Hackfest is an annual cybersecurity event initally hosted by the Higher School of Communication (SUP'COM). Since 2015, it has brought together cybersecurity experts, businesses, and students under one roof. After huge success in previous editions, Hackfest is back for its 7th edition this year at Technopark El Gazala. This year is noteworthy since Hackfest will be contested in two stages: qualifiers on June 10th and finals on June 23rd.

The CTF consists of two phases: a qualification round and a final round. During the qualification round, contestants will compete individually to win a slot for the final round. Only 80 contestants will qualify for the finals. The final round is a multi-team hacking challenge in which teams compete independently to win prizes
The National Cybersecurity CTF Competition is meant for both beginners and experienced contestants, and it consists of tasks ranging from simple to extremely difficult in various categories:

Cryptography

 In this category, you'll attack poorly implemented crypto, outdated crypto, or use well-known vulnerabilities to attack encrypted messages. You might be given for example a few RSA keys whose modulus share a factor, and you decrypt a message encrypted by one of these keys

Binary Exploitation

 The program you received is running as a service on a remote machine. Reverse-engineer it, figure out its vulnerability, and use that to take exploit the remote service into serving you a flag. Often, there's a flag.txt you can get the program to read, or perhaps it has a flag in memory you need to get it to accidentally send you.

Web Exploitation

 These challenges involve attacking common vulnerabilities in web technology. For example, you might need to use SQL injection to read the "secret_flag" table of a database, use directory traversal to get a web server to serve you "flag.txt", use Cross-Site Scripting to trick a simulated user to send you their password, or bypass some client-side checks implemented by obfuscated javascript

Reverse Engineering

 In this category You'll receive a program, but not the source, so you need to disassemble it, look at the assembly, and figure out what it does. Programs can be x86 Windows, x86 Linux, ARM Linux, obfuscated Java, and a whole bevy of more obscure formats

Forensics

 This is a fairly broad category. You might receive an image of a disk in FAT format, and you'll need to un-delete "flag.txt". Maybe you receive a zip file, that contains a 7z file, that contains a tar archive, that contains some obscure file format you've never heard of, and unpacking the entire chain eventually gives you a flag.

IoT

 These challenges involve attacking Embedded/IoT devices. You might receive an Arduino board, and you'll need to dump and analyse a firmware. Maybe you receive a binary program, that contains memory management vulnerability, exploiting the entire flow gives you a priviliged access to read files.
If you have any questions, please feel free to contact Maro at maroueneboubakri[]gmail[]com !

Join the challenge

Hosts

The 2k23 Hosts

We are pleased to announce that SUP'COM will be hosting Hackfest'7. As part of our commitment to ensuring the success of this event, we have entrusted the financial management to ADSUP. They will be responsible for overseeing the budget, managing expenses, and ensuring that the event stays within its financial parameters.

SUP'COM

Higher School of Communication of Tunis or Engineering School of Communication of Tunis, founded in 1998, is the main school of educating engineers in telecommunications in Tunisia. It is affiliated to the University of Carthage and occupies the advanced ranks in the competitive examination for the access to the engineering studies. As a school of national elites, Sup’Com evenly benefits from the tutelage of both, the Ministry of Higher Education and Scientific Research and the Ministry of Information and Communication Technology. Member of the Réseau Méditerranéen des Ecoles d'Ingénieurs (Mediterranean engineering schools’ network), Sup’Com was admitted since December 2008 as an associated member in the Conférence des Grandes Écoles (CGE), it is furthermore the first foreign school to be associated internationally with the Institut Mines-Télécom.

ADSUP

created on 11/01/2011 following an initiative by a group of Sup'Com alumni. AdSup aims to bring together and maintain contact between graduates of Sup'Com. The association has set the following objectives:

  • Encourage professional and friendly relationships among Sup'Com graduates.
  • Facilitate the integration, improvement, and career advancement of its members in professional life.
  • Promote the image of Sup'Com and its degrees.
  • Promote information and communication technologies (ICT).
  • Strengthen cooperation with organizations with similar objectives and working in the field of ICTs.

What to bring, how to compete...

How to participate

Team

Team size is limited to 4

Laptop

Bring your own laptop! We also recommend you come with a smartphone and multi-sockets

Software

Bring your favorite software (disassemblers, development tools, hexadecimal viewers, virtual machines, kali etc)

Wifi

Challenges will be accessible via wifi. Make sure you can access wifi on your laptop.



See Details

Schedule

The 2k23 program

  • CTF Qualification Round

    CTF Qualification Round

    The CTF Qualification Round is an online event lasting 12 hours, where registered players compete to solve challenges across various categories. Top 60 contestants proceed to the Final Round.

  • CTF Final Round

    CTF Final Round

    The CTF Final Round is a 12-hour on-site competition where selected contestants compete in teams. Held overnight, the competition fosters a distraction-free environment for hackers to focus and collaborate.

Sponsorship

The 2k23 sponsors

Hackfest is supported by a range of sponsors, including both local and international companies. It typically takes place over a weekend and attracts a diverse range of participants, from students and recent graduates to experienced professionals in the Cybersecurity field.

Be a part of the excitement at Hakfest 2023 by becoming a sponsor! Take a look at our sponsorship file to learn more about the amazing opportunities available to you. Then, reach out to us at ctfhackfest (at) gmail (dot) com to get started. Let's make this year's hacking festival the best one yet!


Past sponsors

Organizing committee

Marouene Boubakri (maro)

CTF
Marouene Boubakri (maro) CTF

Chadha Sridi

Media
Chadha Sridi Media

Roua Ben Mimoun

Media Manager
Roua Ben Mimoun Media Manager

Amine Manai

Human Ressources
Amine Manai Human Ressources

Anis Ouersighni

Sponsoring
Anis Ouersighni Sponsoring

Achref ABIDI

Logistics
Achref ABIDI Logistics

Youssef Makhlouf

Media
Youssef Makhlouf Media

Melek Salaani (layka_)

CTF
Melek Salaani (layka_) CTF

Amel Rami

Media
Amel Rami Media

Moetez Afif

Technical
Moetez Afif Technical

Rami Abidi

Designer
Rami Abidi Designer

Iyed Mejri (Wingz)

CTF
Iyed Mejri (Wingz) CTF

Knani Alaaeddine (iwd)

CTF
Knani Alaaeddine (iwd) CTF

Portfolio

Previous editions

2021

The sixth edition of Hackfest!

 Hackfest 2021 archive

2018

The fifth edition of Hackfest

 Hackfest 2018 archive

2017

The fourth edition of Hackfest

 Hackfest 2017 archive

2016

The third edition of Hackfest

 Hackfest 2016 archive

2015

The first edition of Hackfest

 Hackfest 2015 archve


View Larger Map

Directions

The event is located on the ElGazala Technopark
GPS: latitude: 36.8924933, longitude: 10.1871238

Car

A1 highway: Exit from RN8, Take Av. Fethi Zouhir. Keep right to continue toward Av. Fethi Zouhir, At the roundabout, take the 1st exit. Recommend parking: Parking in front of the conference space.

Airport

From Airport Carthage Tunis: Upon exiting the airport, you will find a taxi stand where you can hire a licensed taxi. Inform the taxi driver that you would like to go to El Ghazala Technopark. The taxi driver will take the most direct route to the technopark, which is usually via the A1 highway.

Tramway

Take the Tram line 2 towards Ariana. Get off the TGM at "10 Décembre" station. Take a local bus (bus number 27A) that goes to El Ghazala Technopark.

Bus

To go from Tunis to El Ghazala Technopark using public transportation, you can take the public bus number 527 from Jean-Jaurès in Tunis or bus number 27A from Ariana.