Welcome to the Forum of Incident Response and Security Teams - CTF platform

About the CTF

The FIRST Challenge is a series of technical problems designed to provide a fun opportunity to utilize creative technical problem solving abilities to solve incident response inspired challenges.

This specific instance offer challenges that were previously offered and new challenges for fun and trainings.

Categories of challenges may include:
  • network,
  • cryptography,
  • reverse engineering,
  • programming,
  • miscellaneous,
  • puzzle and others.

Who is creating the CTF?

Challenges are made possible with the generous support from the FIRST staff, FIRST community and FIRST SecLounge SIG volunteers

FIRST Challenge Details

Important annnoucements made during the challenge will be automatically pushed out in real time to all clients connected to the framework website on all pages of the website (with an audible alert). There is no need to continually refresh the page to receive notifications. All previous notifications are published on the framework website under the "Notifications" page. Participants are encouraged to monitor this page for important announcements during the challenge.

Additionally, announcements may be made via the Slack collaboration platform. All participants are encouraged to monitor and participate in both the public channel as well as their Team's channel(s) for relevant information related to the Challenge.

Each challenge has a point value (100-500 points) that is awarded upon successful completion. There is no bonus or penalty for the order in which challenges are solved. All pariticpants will receive the same number of points for each solve.

Team rankings are determined first by score and then by the order in which the latest challenge was solved (e.g.: in the event of a tie). If more than one team has the same score, the team rankings will be determined by the timestamp on the latest correct challenge submission. In this case, the team with the oldest timestamp is ranked the highest.

Many challenges have hints available to assist in solving the challenge. Usage of a hint has an associated point cost. Hints may be "purchased" for the specified amount provided a team has already earned enough points by solving other challenges. The hint cost will be deducted from the team's score. In general, the higher the cost of the hint, the more helpful it is intended to be.

Be patient, persistent and don't give up!


  • Pay close attention to answers to the challenges, especially regarding spaces and special characters.
  • Challenges that are multi-part may not have some parts visible until the previous part is solved (the challenge part number is inidcated in the title).
  • All challengenes are designed to be solvable using standard free or open source tools. A standard Linux workstation or forensics focused VM (such as REMNUX or SIFT) should be sufficient.
  • The organisation team (SIG SecLounge) reserve the right to exclude any member engaged in an activity deemed inappropriate. Any dispute will be resolved by the SIG SecLounge members.

Have fun!