DEF CON Contests List

Various contests, some lasting all 4 days of DEF CON, some short time on stage.

DEF CON Contests Short Table

defcon.org Contests page



?Cube

Contest Map Page – LVCCW Level 1 Hall 1-109 (?Cube)

Redefining Boundaries. Enhancing Connectivity. Institutionalizing Control – Aperture Inc. continues to push the limits of innovation and remains committed to providing value to both stakeholders and our “customers.”

Controls are stricter. Telemetry is richer. Oversight has improved. Intelligence has emerged. Aperture has expanded—new industries, new platforms, new technologies quietly embedded into the fabric of our everyday lives. Each integration promises resilience. Every layer introduces complexity. And complexity always creates opportunity…

At the center of it all remains the ?Cube. Its defenses have hardened, its architecture improved, its surface area widened. It’s an ecosystem of physical security, web applications, communications systems, cryptography, and oh so much more.

For those already familiar—welcome back. For those encountering it for the first time, orientation will be … brief. But don’t fear, anyone can join the challenge. You will be entering an environment that demands curiosity across physical security, web applications, communications systems, cryptography, and, of course, the great unknown. Each layer builds on the last. Small oversights become structural weaknesses.

Form a team with range. Specialists matter. Coordination and curiosity matter more. The objective is simple: reach the center. If the core remains uncompromised, the team that advances the deepest into its labyrinth of challenges will be the winner. Advancement will require persistence. Errors and missteps will have consequences. Progress will not be accidental.

Welcome to the ?Cube.

Prerequisites

A laptop will be highly recommended in order to interact with the technologies. Teams will be required.

Lockpicks, RFID tools (e.g., Proxmark/Flipper), and other “hacking” devices are recommended but not required.

Links:
    Website – https://0x3fcube.com



$$$$$_<CAPTURE_THE_COIN>_$$$$$

Contest Map Page – LVCCW Level 2 W204-205 (Payment Village)

We’re bringing real-world payment hacking straight to DEF CON. This contest merges hardware hacking, cryptanalysis, mobile app forensics, physical security, offensive security and social engineering into one glorious, chaotic CTF. No system is sacred! If it moves, stores or processes money, it’s fair game.

From magstripes to mobile wallets, POS systems to online banking, ATMs to NFC payments, if it touches money, we’re messing with it. Your mission: reverse, break, manipulate, and exploit, all in the name of exploration!

Expect challenges where you’ll clone, decrypt, spoof, MITM, inject, and maybe even get a card to spill its deepest, darkest secrets. Want to mess with a banking app? We got you. Think your RFID cloning skills are solid? Prove it. Ever wondered if you can bypass chip-and-PIN protections? Let’s find out! So, whether you’re an RFID wizard, EMV cryptography nerd, API manipulator, or into dumpster diving, there’s a challenge here for you. You might not get rich, but you’ll have fun trying!

#### Participant Prerequisites

We recommend a laptop and an android phone. However there are no prerequisites to start the challenges as many have physical interaction points in order to get started and find flags. We can loan contestants additional equipment for challenges that may require it.

#### Pre-Qualification

No pre-qualifier!

Links:
    Website – https://ctf.paymentvillage.org



$unL1ght Sh4d0w5

Contest Map Page – LVCCW Level 1 Hall 1-200 ($unL1ght Sh4d0w5)

“$unL1ght Sh4d0w5”: The Nirubi Challenge — Prove Your Agency

Systems shape the world.

Algorithms decide.

Policies enforce.

Machines execute.

Most people live inside those systems.

Hackers change them.

At DEF CON 34, where the theme is Agency, the question isn’t whether systems have vulnerabilities.

The question is who has the power to act on them.

Welcome to “$unL1ght Sh4d0w5: The Nirubi Challenge.”

Instead of hiding the system, we give you the blueprint: – A production-ready Linux cyber-physical system – Known vulnerabilities
– A working proof-of-concept exploit
– Full system disclosure

No mystery.

No guessing.

Just a cyber-physical system — and the opportunity to exercise your agency over it.

The Nirubi Mandate

Nirubi is an ancient Tamil word meaning “to prove.”

Not with theory.

Not with writeups.

With execution.

You’ve been given the knowledge.

Now prove you have the agency to act on it.

The Challenge

Your objective is simple:

Achieve remote code execution and deploy a malicious payload (e.g., ransomware payload that encrypts a sensitive file, command and control payload that takes over the cyber-physical system etc.).

Two phases.

Part 1 — Sh4d0w5 Recon

Extend the provided exploit chain and deliver a working malicious payload.

You have the vulnerabilities.

Now show us you can use them.

Part 2 — $unL1ght Horizon

If you complete Part 1, the system returns — hardened with proprietary defensive technology designed to disrupt your attack path.

Same objective.

New resistance.

Adapt your exploit and land the payload again.

The Prize

The first contestant to complete both phases wins: $10,000

Bring $unL1ght into the Sh4d0w5.

What Makes This Different

Most contests hide the system. We don’t. You’ll receive: – Full system configuration
– Vulnerability details
– A working proof-of-concept exploit

No blind recon. No guessing. Just a system, its weaknesses, and your ability to act. Because knowing about vulnerabilities is easy. Exploiting them is agency.

Rules & Eligibility

  • Contestants must be 18 years or older to participate.
  • All participants must agree to our terms and conditions, which include rules for responsible disclosure and non-disclosure agreements.
  • The contest will be held during DEF CON 34, with specific dates and times to be announced.

Additional details will be announced closer to the event.

#### Participant Prerequisites

Bring your own gear:
– Laptop and/or smartphone/tablet
– Operating system of your choice (Linux/Windows recommended) – Python
– C/C++ compiler
– Binary analysis and exploit development tools

Bring whatever tools you trust. Once the challenge begins, the system is in front of you. What happens next is up to your agency.




5N4CK3Y

Contest Map Page – LVCCW Level 1 Hall 1-101 (5n4ck3y)

AND!XOR builds electronic badges packed with hacker challenges, and we especially enjoy inventing unusual ways for people to earn them.

5n4ck3y is a retro snack vending machine that we’ve rebuilt into a network-connected CTF badge dispenser. Behind the woodgrain and glowing buttons is a hardware hacking project that connects a web-hosted CTF platform to a physical machine capable of vending badges to successful participants. Solve enough challenges and you’ll earn a dispense code. Enter the code into 5n4ck3y and the machine will reward you with a badge—assuming it’s in a good mood.

The challenges span a wide range of disciplines including hardware hacking, reverse engineering, OSINT, RF, network security, phreaking, and cryptography. Participants often learn something new at a DEF CON village, meet other hackers along the way, and then return to apply those skills to the challenges.

Once you earn a badge, the adventure isn’t over. Our badges are built to be explored, modified, and hacked long after they leave the machine.

5n4ck3y exists for one reason: to reward curiosity. Solve the puzzles, learn something new, and the machine might decide you deserve a badge.

#### Participant Prerequisites

Curiosity, persistence, access to a computer, and the willingness to RT.FM.

Our challenges are intentionally multidisciplinary and are designed to encourage exploration and collaboration. Participants will likely need to investigate hardware, software, networking, and other security topics. Many challenges are easier when working with others, so don’t be afraid to talk to people nearby or compare notes with fellow hackers.

While we won’t spoil what tools are needed this year, participants in past 5n4ck3y challenges have used a wide range of equipment including laptops, reverse engineering tools, SDR, UART adapters, hardware debuggers, soldering tools, and the occasional piece of improvised equipment.

The good news is that DEF CON is one of the best places in the world to find tools, knowledge, and people willing to help. If you don’t have something you need, chances are someone nearby does—or you can find it in a village, vendor area, or by politely asking the hacker sitting next to you.

5n4ck3y strongly encourages teamwork, creative thinking, and responsible experimentation. Snacks are optional, but curiosity is required.

Links:
    Website – https://www.andnxor.com



Adversary Wars CTF

Contest Map Page – LVCCW Level 1 Hall 2-602 (Adversary Village)

Adversary Village will be hosting “Adversary Wars CTF”, which is built around adversary attack simulation, offensive cyber security and purple team tactics. Adversary War CTF centers around mimicking enterprise infrastructure and corresponding challenges. These challenges are meant to push the participants towards adopting various TTPs that adversaries and threat actors use within a definitive time frame. Adversary Wars would have real world simulation CTF scenarios and challenges, where the adversaries can simulate attacks and learn new attack vectors, cyber threat intelligence, threat actor profiles, TTPs, techniques, etc. There would be combined exercises which include different levels of adversary emulation.

As part of the Adversary Wars Capture-the-Flag competition a fictional city would be hosted virtually as a target for the participants. Like all cities, the Adversary city too would comprise of various infrastructure components including a hospital, bank, police station, fire station, army camp, city apartments, IT companies, university, government buildings, power plant, etc.

Each building will have a complex and realistic network infrastructure that includes a wide variety of components, including Windows/Linux systems, applications, industrial systems, Active directory, cloud environments, hybrid environments, and numerous other technology systems. A complex network of interconnected organizations, assumed to have been working properly, monitored by security operations center and cyber defense systems, supposed to be hackproof, until it wasn’t. One fine day, the adversary city was breached by a threat actor. A wide variety of attacks were carried out by the threat actor, in the end they decided to shut the city for good and infected the remaining systems with ransomware.

CTF participants will need to rely on cyber threat intelligence to gather more information on the threat actor, understand and collect various attack tactics, tools, and exploits used by the adversary group. The participants will have to devise possible attack paths used by the adversary group, then simulate these activities against the target city’s various components to recreate and understand how deeply the threat actor group breached the city’s infrastructure and computer systems.

To visualize the CTF environment, the contest area will feature a miniature model of the city made using interlocking-plastic-bricks. The breached components OR organization buildings will be physically marked in the city model as the CTF progresses. This will also assist visitors and observers in understanding the contest’s progress and gaining insight into what is happening behind targeted cyber-attacks, cyberwar, etc.

Just like in previous years, winning teams in the CTF competition can expect fantastic prizes. Additionally, there will be complimentary hoodies (yes, the iconic adversary village hoodies), free t-shirts, cool stickers, village coins, badges, and various other swag for the village participants.

#### Participant Prerequisites

CTF Players will have to bring their laptops.

Links:
    Mastodon (@AdversaryVillage@defcon.social) – https://defcon.social/@AdversaryVillage
    Website – https://adversaryvillage.org



AI Art Battle

Contest Map Page – LVCCW Level 1 Hall 1-100 (Contest Stage)

When:  Friday, Aug 7, 19:00 – 20:59 PDT

This unique competition invites creative minds to dive into the world of artificial intelligence and art. The challenge is to craft the most imaginative prompts for generative AI models to create artwork.

Contestants will not be creating the art themselves; instead, they will focus on designing prompts for well-known topics that push the boundaries of creativity and innovation.

How It Works:

Select a Topic:

Contestants will choose from a list of random topics.

These could range from historical events and famous literary works to mythical creatures, futuristic landscapes, and iconic pop culture references.

Craft a Prompt:

Using their creativity, contestants will write a detailed prompt designed to guide AI models in generating original artwork. The prompts should be clear, imaginative, and offer enough detail to spark the AI’s artistic capabilities.

Submission

Each contestant will submit their prompt and the intended outcome.

AI Generation:

The submitted prompts will be fed into a generative AI art model, which will generate corresponding artworks.

A random panel will determine who the winners are.




AI Village Plays Pokemon: DEF CON Edition

Contest Map Page – LVCCW Level 1 Hall 2-603 (AI Village)

AI Village Plays Pokémon: Man And Machine

Join us for a special DEF CON spin on Pokémon. Learn how to build AI agents at the AI Village and have them compete to see who can progress the farthest in either Pokémon Fire Red or Leaf Green. You’ll learn how to design tooling for AI agents and how to train them to recognize and manage complex states and events.

Models and games will be hosted on AI Village infrastructure, and we’ll also provide laptops for those who need them. We’ve also built sample tools to help the player’s agents navigate around the game and understand battling. Each agent will have two hours each run to try and get as far as they can in the game. Feel free to try your best day or night.

#### Participant Prerequisites

Players can use their own laptops if they want, but we will have some on hand within the village for people who didn’t bring their own. Models and games will be hosted on AI Village infrastructure, so there is no minimum spec needed. Players will be building their own agents, so familiarity with Python is recommended.

Links:
    Website – https://aivillage.org/



Apex Park (Cloud Village CTF)

Contest Map Page – LVCCW Level 3 W311-W313 (Cloud Village)

Cloud Village CTF will be a jeopardy style 2 days contest where participants will have to solve challenges around Cloud infrastructure, security, recon, etc. These challenges will cover different cloud platforms including AWS, GCP, Azure, Digital Ocean, etc. We will also reward our top 3 teams with awards.​​

#### Participant Prerequisites

A laptop with unfiltered internet access and an open mind to learn with the community.

Links:
    Website – https://www.cloud-village.org/
    Mastodon (@cloudvillage_dc@mastodon.social) – https://mastodon.social/@cloudvillage_dc



Aw, man…pages!

Contest Map Page – LVCCW Level 1 Hall 1-100 (Contest Stage)

When:  Friday, Aug 7, 10:00 – 12:59 PDT

How well do you know your man pages? Find out by teaming up with up to 3 other people (or come solo and get matched up with some new friends) and play “Aw, man…pages!”. Across several rounds, your knowledge of man pages and software will be tested to the limit. Can you remember what command line flag is being described by its help text? Can you identify a tool just from a man page snippet? Can you decipher our cryptic command clues? Will you prove yourself worthy to be crowned the man page champion?

#### Participant Prerequisites

None. We will provide answer sheets and pens. Participants can form teams of up to 4 people beforehand, or at the event.




BadgeLife Trivia

Contest Map Page – LVCCW Level 1 Hall 1-209 (Badgelife Village)

Test your knowledge of the circuitry, components, protocols, RF and embedded engineering found in badges and other small electronics! This trivia competition challenges participants to demonstrate mastery of electronics fundamentals, embedded systems, and badge engineering. Teams can sign up at the beginning of the contest. The contest will start will an open “bar trivia” style contest where teams in the audience can submit answers to a set of pre-selected questions. The top teams will be invited to the stage for the final competition where teams wager points each round on randomly chosen questions from a list of categories.




Battle of the Bots: Vishing Edition

Contest Map Page – LVCCW Level 3 W317-319 (SEC Village)

In Battle of the Bots, teams push the limits of automation and social engineering by deploying human-built AI agents to conduct live vishing-style phone calls. While social engineering has traditionally relied on human creativity, persuasion, and improvisation, this contest explores what happens when those tactics are handed off to machines. Competitors design and train AI-driven agents capable of gathering information, maintaining believable conversations, and attempting to achieve specific objectives during live calls.

The contest offers a rare opportunity to watch these systems interact with real people in real time. Attendees can observe how AI handles persuasion, conversation flow, unexpected responses, and the messy unpredictability of human interaction. Some bots may demonstrate impressive adaptability, while others reveal just how difficult it is to replicate the subtle social skills that human social engineers rely on.

Battle of the Bots opens an important conversation about the future of human-focused attacks. As AI tools become more accessible, automation may increasingly play a role in reconnaissance, impersonation, and persuasion at scale. By bringing these experiments into a transparent and controlled environment at DEF CON, the community can explore both the risks and limitations of AI-driven social engineering while gaining insight into how defenders should prepare for the next evolution of the threat landscape.

Whether you’re interested in AI, social engineering, or the intersection of both, Battle of the Bots offers a glimpse into the future of hacking.

#### Participant Prerequisites

Competitors are selected in advance through our Call for AI Competitors process. Teams who wish to compete should have a basic understanding of AI prompt engineering and conversational agent design in order to develop and refine their AI-driven vishing bots. Competitors should be comfortable building prompts or systems that allow their bots to maintain dynamic conversations and attempt to achieve objectives during live calls. While prior experience with AI automation, voice systems, or social engineering concepts may be helpful, it is not required. All participants must also adhere to the competition’s Code of Ethics and contest guidelines.

#### Pre-Qualification

The contest does not use a traditional technical pre-qualifier. Instead, teams are selected through an open Call for AI Competitors process prior to DEF CON. Interested teams apply and describe their proposed AI agent and approach, and selected teams are invited to compete during the event. Additional details and application information will be published on our website (https://www.se.community/battle-of-the-bots-vishing-edition/) when the call opens.

Links:
    Website – https://www.se.community/battle-of-the-bots-vishing-edition/



Beer Chilling Contraption Contest

Contest Map Page – LVCCW Level 1 Hall 1-202 (Beer Chilling Contraption Contest)

It’s the 21st year of the BCCC and it’s the Beer Chilling Contraption Contest this year! We can finally drink! No more beverage, we are drinking beer now, and boy do we need one. This year we thought we would mix it up and have cold beer and you all could try your hand at warming it. Unfortunately, the guys in charge of getting the ice got a bit too tan walking in this Vegas sun. A different kind of ICE deported them to Botswana and in the ensuing chaos the beverage was left outside and its warm again. Fortunately for everyone involved, WW3 and the inevitable nuclear winter will finally solve the warm beer problem — well at least temperature-wise. It might be a little HOT in the gamma spectrum. But while we wait for Pooh Bear, BiBi, Putler, and or the Cheeto to kick this global cooling contraption off, its up to us to chill this beer.

You will cool the beer we give you in a red solo cup as quickly as possible to 34 degrees F. You may not alter the beer by mixing it with ice, dry or otherwise. You may bring a device you created or build your own at the convention. There are some great prizes waiting, mostly what I have lying around and don’t want to take home. There are some additional rules, check the DEFCON forums or the poster board at the contest!

In conclusion, it’s not just a warm beverage—it’s a testament to the rich tapestry of societal collapse, seamlessly navigating the multifaceted landscape of your broken contraption.

#### Participant Prerequisites

  • A commitment to the sanctity of the unadulterated beverage. – A complete disregard for the health a safety of one’s self, good design principals, and the laws of physics generally.
Links:
    Website – https://dcbccc.com/



Blacks In Cybersecurity Game Night Extravaganza!

Contest Map Page – LVCCW Level 3 W322-W324 (BIC Village)

Gamers Unite! Come join the BIC Village team to engage with one another, unplug and find some friendly competition! Come demonstrate your skill in the games of spades, uno and corn hole with competitive brackets as well as beginner friendly matches. Whether you’re into board games, card games or classic party games, there’s something for everyone here! Bring your game face and get ready for a night of fun, laughter and connection.This event will feature different skill levels to ensure inclusivity and feature a fun prize.

Links:
    Mastodon (@blacksincyber@defcon.social) – https://defcon.social/@blacksincyber
    Website – https://www.blacksincyberconf.com/bic-village
    Mastodon (@blacksincyber@infosec.exchange) – https://infosec.exchange/@blacksincyber



Blacks In Cybersecurity Village Capture The Flag Competition

Contest Map Page – LVCCW Level 3 W322-W324 (BIC Village)

The Blacks In Cybersecurity (BIC) Village Capture The Flag contest is a jeopardy style event designed to practice solving challenges in multiple categories. This event seeks to not only be a series of puzzles and challenges to solve but, a gamified way to learn concepts of social justice, emerging technology and Black history. At DEF CON 34 the BIC Village CTF team will take you to the campus of Alaafia State University (Go Firebirds!) with a special history and an even more promising future!

#### Participant Prerequisites

Participants may want to bring their own laptops, physical security tools, lock picks, hardware hacking tools or other supplies to interact with both of our physical and virtual set-ups.

Links:
    Mastodon (@blacksincyber@infosec.exchange) – https://infosec.exchange/@blacksincyber
    Website – https://www.blacksincyberconf.com/ctf
    Mastodon (@blacksincyber@defcon.social) – https://defcon.social/@blacksincyber



Blue Team Village CTF

Contest Map Page – LVCCW Level 2 W213-217 (Blue Team Village)

Blue Team Village (BTV) is a hands-on cybersecurity community focused on defenders, the professionals and aspiring practitioners who protect systems, networks, and people from real-world threats. We exist to make defensive security accessible, practical, and collaborative.

We build immersive labs and capture-the-flag (CTF) environments that simulate actual attack scenarios. Attendees don’t just listen to talks they investigate logs, hunt adversaries, analyze traffic, and respond to incidents in live environments.

#### Participant Prerequisites

Bring a modern laptop CTF work is hands-on and you’ll be running tools locally. There is no expectation of specialized hardware beyond your personal computer.

Links:
    Website – https://ctf.blueteamvillage.org/



Bug Bounty Village CTF

Contest Map Page – LVCCW Level 1 Hall 1-303 (Bug Bounty Village CTF)

Welcome to the Bug Bounty Village CTF, where we strip away the “”riddles”” and replace them with a massive, living, and breathing target. We’ve built a custom, feature-rich web application from the ground up—and then we broke it. This isn’t just a contest; it’s a high-stakes simulation of the real world.

Last year, hackers called this the most authentic bug bounty experience they’d ever seen. Why? Because you aren’t just looking for flags; you’re hunting for vulnerabilities in business logic, breaking APIs, and tricking AI chatbots. You’ll be submitting real reports to a live triage team of industry experts who will judge your work, challenge your findings, and help you sharpen your reporting skills on the fly.

Whether you’re a seasoned pro looking for a challenge or a newcomer ready to make your mark, this is your chance to engage with hacking in its purest form. Come for the competition, stay for the feedback, and leave with the skills (and maybe some exclusive swag) that the world’s top bounty programs are looking for. The target is live. The triagers are waiting. Are you ready to hunt?

#### Participant Prerequisites

To participate in the Bug Bounty Village CTF, you will need:

Hardware: A laptop with a reliable battery and a charger.

Connectivity: Your machine must be pre-configured to connect to the DEF CON Wi-Fi securely.

Tools: A web proxy tool is essential (e.g., Burp Suite, Caido, or OWASP ZAP).

Knowledge: A foundational understanding of common web vulnerabilities (OWASP Top 10) and basic HTTP protocol knowledge.

Mindset: A curious, analytical approach and a passion for breaking things in creative ways.

If you want to get a head start, we recommend brushing up on API security and prompt injection techniques, as our target landscape continues to evolve alongside modern tech stacks.

Links:
    Website – https://www.bugbountydefcon.com/ctf



Can it Ham?

Contest Map Page – LVCCW Level 1 Hall 1-112 (Can it Ham? & From the Static: A HRV Fox Hunt)

Can It Ham? is your chance to turn junk into a working antenna. We’ll bring the tools, solder, connectors, and test gear. You bring creativity, curiosity, and questionable design decisions. Can It Ham? is a walk-up, hands-on contest open to all DEF CON attendees. Participants will build improvised antennas during the event using provided materials (or their own components if they choose to bring them).

Learn the basics of antenna design, RF propagation, and how to test whether your improvised creation actually works. The top builds will be tested, and the top three earn bragging rights and prizes.

Bring weird parts if you want. Or just show up and start hacking. Either way—let’s see what you can make radiate. No license or antenna knowledge required—just bring your hacker spirit and get on the air.

#### Participant Prerequisites

No prior antenna or RF knowledge is required. No amateur radio license is needed to participate.

All basic tools and materials will be provided, including soldering equipment, connectors, and antenna testing gear. Participants are welcome (but not required) to bring unusual materials or components if they want to experiment with their own antenna designs.

Links:
    Website – https://hamvillage.org/
    Mastodon (@hamradiovillage@defcon.social) – @hamradiovillage@defcon.social



Capture The Packet

Contest Map Page – LVCCW Level 3 W303-310 (Packet Hacking Village)

Capture The Packet is a world-class cyber training range and skill assessment suite. It provides a gamified learning experience which can be used for recruitment skills assessment, vetting, preclass training prep, initial on-the-job training, mission preparation, and ongoing skills and certification maintenance. Capture The Packet is fully integrated with several learning frameworks such as NICE and DCWF. With features such as a built-in knowledge and hint base, anti-collusion system, rich reporting and ease of administration, there’s a reason Capture The Packet is in use across industry, education, and all branches of the U.S. military.

#### Participant Prerequisites

  • laptop with ethernet port/dongle (loaner dongles are not guaranteed)
  • Contest is designed to be done as a team of 2, but solo competition is allowed
Links:
    Website – https://www.phvillage.io/capture-the-packet/



Car Hacking Village Capture the Flag (CTF)

Contest Map Page – LVCCW Level 1 Hall 2-701 (Car Hacking Village)

The Car Hacking Village CTF offers a sophisticated, hands-on environment where participants can engage directly with modern automotive architectures. To ensure our challenges accurately reflect the current threat landscape, we collaborate closely with leading OEMs and Tier 1 suppliers, providing a rigorous Capture The Flag experience rooted in real-world hardware and software vulnerabilities.

Recognizing that the high cost of automotive components can often be a barrier to entry, we provide a centralized, resource-rich hub for professional development. We invite you to join us at the Village to demonstrate your technical proficiency and gain unique exposure to the complexities of secure vehicle engineering.

#### Participant Prerequisites

To participate effectively in the Car Hacking Village at DEF CON 34, attendees should bring a laptop with multiple USB ports (or appropriate adapters) and a functional Linux environment. We do not provide tools hardware on-site, you’ll need to bring your own—such as a USB-to-CAN adapter (e.g., Canable, ValueCAN), a SDR (e.g., RTL-SDR, HackRF), or a multimeter—is encouraged for independent exploration.

Knowledge of the Linux command line and basic Python is highly recommended. For those looking to hit the ground running, we suggest brushing up on CAN bus fundamentals, other automotive protocols, and basic reverse engineering of binary data. Familiarity with tools like wireshark and can-utils will allow you to dive straight into the live vehicle architectures.

Links:
    Website – https://www.carhackingvillage.com/



CMD+CTRL Cyber Range

Contest Map Page – LVCCW Level 1 Hall 1-405 (CMD+CTRL Cyber Range)

CMD+CTRL is back for our 10th year and bringing something new to show. Drop by our cyber range for hands-on web application security challenges designed for all skill levels. Come to learn, come to compete, come to break things. All are welcome, whether it’s your 1st CTF or your 101st.

#### Participant Prerequisites

Computer with internet access and a web browser. Participants can play off-site as well after registering in person.

Links:
    Website – https://defcon34.cmdnctrl.net/



Code Cadaver (Biohacking Village CTF)

Contest Map Page – LVCCW Level 1 Hall 1-408 (Biohacking Village)

Your friend is missing. The clock is ticking. And someone just posted a listing that should not exist.

Welcome to a high-stakes, neon-noir medical mystery where organ donation systems, hospital tech, and underground marketplaces collide.

This year’s Biohacking Village CTF riffs off the vibes of Code DARK and Code CRIMSON—but with a new mission: trace the digital trail, expose the network, and pull your friend back from the edge.

This isn’t about smashing and burning. It’s about outsmarting.

You’ll hunt signals through the places people swear are secure: – donation registries and referral workflows – hospital portals and vendor backends
– device telemetry and “totally harmless” logs – encrypted comms, shady marketplaces, and breadcrumbed dead drops – identity, access, and the kind of data leakage that ruins lives

Every flag is a lead. Every lead gets you closer. Every mistake costs time.

The Story

Your friend, an outspoken advocate for ethical organ donation, vanishes the night before they’re supposed to speak at a conference. At first it looks like a typical missing-person case… until you find something worse:

A weird ‘inventory’ post. A cryptic transaction trail. A set of identifiers that match your friend’s profile a little too closely.

You’re not a cop. You’re not a vigilante. You’re the only person who knows where to look: in the systems.

Your job is to follow the evidence chain the way BHV does best—through firmware, protocols, misconfigurations, sloppy OPSEC, bad crypto, and “who gave this API admin rights?” decisions, until you can identify the operation, locate your friend, and stop the pipeline.

No Hollywood hacking. Just real-world failures turned into delicious challenges.

Links:
    Website – https://villageb.io



Crack Me If You Can 2026

Contest Map Page – LVCCW Level 1 Hall 1-106 (Crack me if you can)

Time is of the essence! You will have 48 hours to crack as many hashes and files as possible.

Pamama, a US-based data broker had a massive data breach. Profiles on over a billion people, containing all the information amassed about them. It is alleged that the company siphoned records from different government agencies around the world, as well. The dump was encrypted, and regulators are downplaying the breach claiming no damage was done. A bill has been fast-tracked in Congress to exempt Pamama from any investigations, including illegally shield them from GDPR violations. This led to accusations that Pamama has bought or blackmailed members of congress.

Crack the staff’s accounts and encrypted files to demonstrate the extent of the exposure and the need for individuals to get restitution and compensation, and to find smoking gun evidence of collusion so that the corruption can be fully exposed before the legislation goes forward.

## Participant Prerequisites

Open to all, but pre-registration is recommended. Compete in the Street class for individuals or small teams, or in Pro if you do not want to sleep all weekend. Check out past years’ contests at https://contest.korelogic.com/ , or the Password Village site for an introduction to password cracking and links to other resources: https://passwordvillage.org/

## Pre-Qualifications

None.

Links:
    Website – https://contest-2026.korelogic.com
    Mastodon (@CrackMeIfYouCan@infosec.exchange) – @CrackMeIfYouCan@infosec.exchange



Crack the Core

Contest Map Page – LVCCW Level 1 Hall 1-214 (Crack the Core)

Welcome to Crack the Core–a true test of lockpicking skills. Competitors will work through a variety of locks ranging in different difficulties, technologies, and configurations. From standard off-the-shelf locks to evil creations from the community. Locks will be presented in a variety of ways, ranging from your traditional deadbolt to much, much more. Just wait until you see what we have in store for you…

Challenges will not only test traditional lockpicking skills but force competitors to interact with different “environments,” work through various challenges, and adapt to what’s presented. Collect the most points, you go home the winner–it’s that simple…

Bring your tools. Bring your focus. The locks will be waiting.

#### Participant Prerequisites

Basic tools will be available for use but it is highly recommended to bring your own tools. This may include lockpicks, bypass tools, vices, etc. Destructive entry is not allowed and associated tools will not be needed.

Links:
    Website – https://c2society.org/



Crash and Compile

Contest Map Page – LVCCW Level 1 Hall 1-404 (Crash and Compile)

What happens when you take an ACM style programming contest, smash it head long into a drinking game, throw in a mix of our most distracting helpers, then shove the resulting chaos on stage in front of an audience? You get the contest known as Crash and Compile.

Teams are given programming challenges and have to solve them with code. If your code fails to compile? Take a drink. Segfault? Take a drink. Did your code fail to produce the correct answer when you ran it? Take a drink. ChatGPT wrote your code? First of all shame. Secondly take a drink.

We set you against the clock and the other teams. And because our “Team Distraction” think watching people simply code is boring, they have taken it upon themselves to be creative in hindering you from programming, much to the enjoyment of the audience. At the end of the night, one team will have proven their ability, and walk away with the coveted Crash and Compile trophy.

Crash and Compile is looking for the top programmers to test their skills in our contest. Can you complete our challenges? Can you do so with style that sets your team ahead of the others? To play our game you must first complete our qualifying round. Gather your team and see if you have the coding chops to secure your place as one of the top teams to move on to the main contest.

Qualifications for Crash and Compile will take place Friday starting at 10:00 and run till 18:00, both in the contest area and online at https://crashandcompile.org

You may have up to two people per team. Individuals can compete, but having two people on a team is highly suggested.

Of the qualifiers, ten teams will move on to compete head to head on the contest stage on Saturday.

#### Participant Prerequisites

As this contest involves the drinking of alcohol (beer), all contestants must be 21 years of age or older. Yes we will check. While we don’t limit what development environment or programming language you chose to use, as we used a PDP11/23 when we competed, the team must have at least one computer that can connect to our contest network via wired ethernet for the main contest.

#### Pre-Qualification

Qualifiers run on Friday from 10:00 to 18:00. We will be located in the contest area, and the problems can be accessed via our site at https://crashandcompile.org

Links:
    Website – https://crashandcompile.org/
    Mastodon (@crashandcompile@defcon.social) – https://defcon.social/@crashandcompile
    Website – https://crashandcompile.org



Creative Writing Short Story Contest

Contest

The DEF CON Short Story contest is a pre-con contest that is run entirely online utilizing the DEF CON forums and reddit. This contest follows the theme of DEF CON for the year and encourages hackers to roll up their sleeves, don their proverbial thinking cap, and write the best creative story that they can. The Short Story Contest encourages skills that are invaluable in the hacker’s world, but are often overlooked. Creative writing in a contest setting helps celebrate creativity and originality in arenas other than hardware or software hacking and provides a creative outlet for individuals who may not have another place to tell their stories.

#### Participant Prerequisites

This contest is run pre con and requires a way to save text files and an email address.




Cryptid Hunt

Contest Map Page – LVCCW Level 1 Hall 1-203 (Cryptid Hunt)

Something is already watching you.

The Cryptid Hunt is a task-oriented challenge that moves agents across the conference floor toward a truth most attendees will never find. This is not a passive experience — each clue demands action, and the path forward is never obvious.

Look carefully at what surrounds you. The next layer of any good mystery is always hiding beneath the surface. Patterns emerge for those paying attention. Signals exist for those who know how to listen.

Is this a puzzle? A test? A hunt? At its core, this is a community experience that rewards curiosity, persistence, and the willingness to go further than most people will.

The conference is your map. Maritime exploration, ancient communication, and the village of knowledge surrounding you are all part of the journey. Nothing here is coincidental.

Finishers are recognized. What awaits those who complete the hunt will not be found anywhere else at this conference. Supplies are finite. So is your time.

Your first clue is already in your hands.

— The Cryptid Hunt Team

Bureau of Unverified Phenomena · DC34

#### Participant Prerequisites

  • Smart Phone
  • Desire to Learn
  • Patience



Cryptocurrency Challenge

Contest Map Page – LVCCW Level 1 Hall 2-702 (Cryptocurrency Village)

They told us the Las Vegas Strip was a fortress of neon and excess. They said the Sin City Jackpot Vault was “secure by design” – audited, multi‑sig, and backed by the weight of a billion‑dollar treasury.

But neon flickers, and cold code has edge cases.

On a warm August night at the Las Vegas Convention Center, during the legendary DEFCON hacker convention, we didn’t just find a bug; we found a debug message left for “future developers.” The Sin City Jackpot Vault was supposed to be the future of crypto-custody, but it forgot the oldest rule in the book: Never trust the client.

We opened a console to the vault’s core and laughed. We forged a single signature that the multi‑sig contract accepted as gospel. We drained the vault with one transaction.

“Welcome to the Sin City Jackpot Vault, we’ve already left.”

Now we ask, do you think you can break a “secure” crypto vault?

Welcome to the Cryptocurrency Challenge Capture the Flag Coin, where you get brain‑melting, ego‑deflating, laugh‑until‑you‑cry challenges. There is no KYC, no real funds. Just pure, unfiltered hacker joy.

And this isn’t just a write‑up. It’s a reminder that even the biggest exchanges sometimes leave the door unlocked – and a curious mind with a keyboard is all it takes to walk through.

We cryptohackers set up two “Capture the Coin” challenges in the Cryptocurrency Village at DEFCON in Las Vegas. The first is a deceptively simple web vault with an “intern‑proof” console log. The second is a multi‑signature smart contract that supposedly requires multiple approvals to move funds. Your mission is to find the cracks in the vault.

## Participant Prerequisites

To participate in the Capture the Coin CTF, contestants must use a portable computer with a web browser. To participate in the Cryptocurrency Quiz, contestants should obtain and study the Cryptocurrency Workbook distributed free of charge.

Links:
    Mastodon (@cryptocurrency@defcon.social) – https://defcon.social/@cryptocurrency
    Website – https://www.cryptocyberchallenge.com/



Darknet-NG

Contest Map Page – LVCCW Level 1 Hall 1-105 (Darknet-NG)

Darknet-NG is an Alternate Reality Game (ARG), where the players take on the Persona of an Agent who is sent on Quests to learn real skills and gain in-game points. If this is your first time at DEF CON, this is a great place to start, because we assume no prior knowledge. Building from basic concepts, we teach agents about a range of topics from Lock-picking, to using and decoding ciphers, to Electronics 101, just to name a few, all while also helping to connect them to the larger DEF CON Community. The “Learning Quests” help the agent gather knowledge from all across the other villages at the conference, while the “Challenge Quests” help hone their skills! Sunday Morning there is a BOSS FIGHT where the Agents must use their combined skills as a community and take on that year’s final challenge! There is a whole skill tree of personal knowledge to obtain, community to connect with and memories to make! To get started, check out our site https://darknet-ng.network and join our growing Community!

#### Participant Prerequisites

Prerequisites for competing in the contest would require a device with access to a web browser like a Phone, Tablet, Laptop.

Links:
    Mastodon (@DarknetNG@defcon.social) – https://defcon.social/@DarknetNG
    Website – https://darknet-ng.network/



DC’s Next Top Threat Model

Contest Map Page – LVCCW Level 1 Hall 1-102 (DC’s Next Top Threat Model)

Threat Modeling is arguably the single most important activity in an application security program and if performed early can identify a wide range of potential flaws before a single line of code has been written. While being so critically important there is no single correct way to perform Threat Modeling, many techniques, methodologies and/or tools exist.

As part of our challenge we will present contestants with the exact same design and compare the outputs they produce against a number of categories in order to identify a winner and crown DEF CON’s Next Top Threat Model(er).

#### Participant Prerequisites

A laptop is recommended, a smartphone could be used but will be less than idea. Internet access to retrieve the design materials and to submit findings and access to the email used during registration.

Links:
    Website – https://threatmodel.us
    Mastodon (@dcnttm@defcon.social) – @dcnttm@defcon.social



DDoS CTF – PWN UR H0M3

Contest Map Page – LVCCW Level 1 Hall 1-307 (DDoS Contest)

A chaotic DDoS-themed CTF where sketchy devices, busted services, weird signals, and sneaky clues are begging to be owned. Scan the network, break IoT devices, decode the nonsense, and prove you can pwn your home before your home pwns you. This CTF is designed to help you learn about the cutting edge in DDoS attacks and defense. We also have an IoT lab of devices hacked and infected with botnet malware that you can play around with. Beginners welcome. We have some fabulous prizes including gift cards donated from Hak5 so please check it out!




DEF CON Beard and Mustache Contest

Contest Map Page – LVCCW Level 1 Hall 1-100 (Contest Stage)

When:  Friday, Aug 7, 14:00 – 14:59 PDT

The DC Beard and Mustache Contest has been held every year since DEF CON 19 in 2011 (R.I.P. Riviera), (Except during that COVID thing – but we are not going to talk about that COVID thing), the DEF CON Beard and Mustache Contest highlights the intersection of facial hair and hacker culture.

#### Participant Prerequisites

For 2025 offering 4 categories for the competition – You may only enter one category.

This is an in-person contest – you must be present to participate.

Full beard: Self-explanatory, for the truly bearded.

Partial Beard: For those sporting Van Dykes, Goatees, Mutton Chops, and other partial beard styles.

Mustache only: Judging on the mustache only, even if bearded. Bring your Handlebars, Fu Manchus, or whatever adorns your upper lip.

Freestyle: Anything goes, including fake and creatively adorned beards. Creative women often do well in the Freestyle category.

Links:
    Website – https://dcbeard.net/
    Bluesky – https://bsky.app/profile/dcbeardcontest.bsky.social



DEF CON CTF: Benevolent Bureau of Birds

Contest Map Page – LVCCW Level 1 Hall 2-500 (DEF CON CTF: Benevolent Bureau of Birds)

We are the Benevolent Bureau of Birds (BBB), formulated from previous victors of past DEF CON CTF contests. We are dedicated to the ethos at the core of CTF: community, skill-building, and showing off insane new hacking talent.

#### Participant Prerequisites

Players will have to be qualified by an online qualifer to take place in May. Chosen players are then required to have a laptop to participate in the in-person contest, to interact with the scoreboard and challenges hosted on network.

#### Pre-Qualification

Yes – online pre-qualifier in May 22-24, 2026.

Links:
    Website – https://bbbirds.org



DEF CON Groups Backdoor & Breaches

Contest Map Page – LVCCW Level 2 W238 (DEF CON Groups)

Tournament-Style Backdoors & Breaches Competitive – Live Incident Response Showdowns

The DEF CON Groups Community is bringing live, bracket-style Backdoors & Breaches Competitive Games to DEF CON 34.

Backdoors & Breaches is an incident response card game built around realistic breach scenarios. In our tournament format, teams step into the roles of adversaries, where they will take turns attacking or defending against each other. They must analyze scenarios, identify adversarial tactics, make technical and business decisions, and mitigate damage before attackers wipe them out of the game.

This isn’t passive content. This is live, projected, real-time decision-making.

Matches will be bracketed and displayed on screen so attendees can watch strategies unfold, debate choices, and learn from both brilliant plays and catastrophic missteps. Spectators become students of the game — observing how attacks progress, how defenders prioritize, and how communication and leadership shape outcomes.

Participants can:
– Join the tournament on the spot — no pre-qualifiers required – Compete in structured brackets
– Win donated swag
– Learn incident response by doing, not just listening

What will you learn?

You’ll see how modern attacks move from initial access to impact. You’ll experience the tension of limited funding. You’ll learn how small decisions compound during an incident. You’ll understand how legal, executive, and technical perspectives collide in a breach scenario. Most importantly, you’ll build intuition for thinking like both attackers and defenders.

This is hacking culture through simulation: adversary thinking, defensive strategy, rapid analysis, and creative problem solving — all wrapped in competition.

Located inside the DCG Community space, the tournament creates visible energy and draws attendees into a broader ecosystem of DEF CON Groups, workshops, sticker contests, and community collaboration.

If you’ve ever wanted to see incident response as a spectator sport — or test your instincts under pressure — pull up a chair.

#### Participant Prerequisites

None. No equipment, preparation, or prior cybersecurity knowledge is required.

Attendees can join the tournament on the spot and learn the game mechanics in a few minutes. All materials will be provided, and facilitators will guide participants through gameplay as needed. Spectators are also welcome and can learn by watching matches and discussions unfold.

#### Pre-Qualification

No. This contest will not have a pre-qualifier.

The tournament is designed to be accessible to any DEF CON attendee without advance preparation. Participants will be able to sign up on site and join bracketed matches throughout the event.

Short explanations of the rules will be provided before matches begin, allowing new players to learn the mechanics quickly. This format lowers the barrier to entry while still allowing competitive play for more experienced participants.

Links:
    Website – https://www.blackhillsinfosec.com/tools/backdoorsandbreaches/



DEF CON Groups Sticker Contest

Contest Map Page – LVCCW Level 2 W238 (DEF CON Groups)

The DCG Sticker Contest is an in-person sticker design contest happening during DEF CON 34.

Attendees can submit original, human-created sticker designs, view all entries on site, and vote in person for their favorites. Designs will be displayed in the DEF CON Groups Community space throughout the conference, with voting open during DEF CON and the winning design announced on Sunday.

Stickers are hacker currency. This contest is about celebrating that culture through creativity, participation, and community choice. No remote judging and no behind-the-scenes decisions. What wins is what the DEF CON community votes for.

Whether you want to contribute art, support fellow hackers, or help decide the winning design, this is your chance to participate directly.

#### Participant Prerequisites

For designers / contributors:

  • Original sticker artwork created by a human (no AI-generated art)
  • You may design it yourself or work with a human graphic designer
  • Ability to submit artwork digitally prior to DEF CON
  • No specialized technical knowledge required

For voters:

  • Attendance at DEF CON
  • Ability to view entries in person and cast a vote
  • Voting is honor-based: one human, one vote
  • Participants may vote

No special hardware, software, or prior experience is required to participate or vote.

#### Pre-Qualification

A call for sticker designs will open prior to DEF CON with the contest and voting happening on-site.

Links:
    DEF CON Groups Website – https://defcongroups.org
    Sticker Contest Website – https://stickercontest.org/contests/defcon34.html



DEF CON MUD

Contest

The DEF CON MUD is an interesting enigma, part CTF, part adventure, plenty of frustration.

Dust off your maps, grid paper, and see if you can discover the MUD’s secrets. The winner gets a DEF CON human badge provided by EvilMog.

This year you may need to learn about RFC854/855 in order to succeed, good luck, you’ll need it.

#### Participant Prerequisites

A laptop (or phone), graph paper, patience, and grit. Learning how an LPMUD operates is beneficial but not required.

Links:
    Website – https://mud.defcon.wtf



DEF CON Scavenger Hunt

Contest Map Page – LVCCW Level 1 Hall 1-104 (DEF CON Scavenger Hunt)

Whether you’re a seasoned DEF CON veteran or a curious newcomer, the DEF CON Scavenger Hunt promises to challenge your skills, tickle your wits, and ignite your hacker spirit. Our list is a portal to mystery, mischief, and mayhem. Assemble your team of up to 5 members, interpret the items, and submit your efforts at the booth to our esteemed judges. Go beyond the basics for bonus points. Legends are born here.

The DEF CON Scavenger Hunt is open to everyone, regardless of skill level or experience, no pre-qualifying necessary. We strive to maintain the balance of a low barrier to entry while providing a challenge that many are eager to take on. Casual players should not be overwhelmed by the list, find a handful of items and have fun. If you are looking to win however, you will need to fully immerse yourself in the DEF CON Scavenger Hunt. Let’s make some memories together.

Remember that it’s not just about fame, glory, or boxes of swag; the true allure is the camaraderie of fellow hackers, the knowledge that you’ve etched your mark on DEF CON history, and the ultimate badge of honor: bragging rights. Nothing says “I’m a hacker” quite like being triumphant at the DEF CON Scavenger Hunt.

#### Participant Prerequisites

No, we work very hard to maintain a very low barrier to entry. If anything is required for an item, they should be able to find a fellow hacker with it that would be willing to assist them with their item.

Links:
    Website – https://www.defconscavhunt.com/
    Mastodon (@DEFCONScavHunt@defcon.social) – https://defcon.social/@DEFCONScavHunt



Dozier Drill Lockpicking Challenge

Contest Map Page – LVCCW Level 1 Hall 1-407 (Lock Pick Village)

Have you ever wanted to break out of handcuffs, pick open a closed bag and shoot your buddy in the chest with a nerf gun? So have we, that’s why TOOOL presents the Dozer Drill. A fast paced skill based game where you have to free yourself from handcuffs, open a closed bag, and retrieve the nerf gun to be the first to hit the target. Join us throughout the con for qualifier games, and on Saturday for an official bracket tournament.

#### Participant Prerequisites

Participants must be able to shim handcuffs and pick locks which are both skills we’re happy to teach you in the lock pick village. Contestants wishing to enter the official tournament on Saturday must win at least one match against any opponent prior to the tourney in order to have their name entered.

#### Pre-Qualification

We will be running the game throughout the day prior to the tournament on Saturday. Contestants have to win at least one dozier drill round before they can enter into the official tournament. This helps us to ensure everyone competing holds the minimum skills needed to complete a round.

Links:
    Website – https://toool.us
    Mastodon (@TOOOL@techhub.social) – @TOOOL@techhub.social



EFF Tech Trivia

Contest Map Page – LVCCW Level 1 Hall 1-100 (Contest Stage)

When:  Saturday, Aug 8, 18:00 – 20:59 PDT

EFF’s privacy and security experts have crafted a new trivia challenge for DEF CON 34! Compete as a team in our no-holds-barred showdown to prove mastery over the obscure facts of digital security, online rights, and internet culture.

The First Place team wins a set of custom Cybertiger Champion Badges and EFF swag. Second and third place teams will also win Badges and EFF gear.

Invite your friends OR show up and make new friends! Did someone say BRIBES?The world is unfair! You too could influence the judges to add a point or two to your team’s tally. Overall Bribe winner also wins a custom badge! Test your knowledge of all things tech and support EFF, too.

#### Participant Prerequisites

No phones, laptops, or other digital knowledge allowed! Just you, your friends, and a friendly game of trivia.

Links:
    Website – https://eff.org
    Mastodon (@eff@mastodon.social) – https://mastodon.social/@eff



Escalation Desk CTF

Contest Map Page – LVCCW Level 2 W218 (Call Center Village)

Customer service channels are increasingly saturated with conversational text and voice AI agents. Can you convince, trick, or break enough of them to earn your shot at a live human operator in a real-world call center?

Escalation Desk is Call Center Village’s capture-the-flag challenge. Start with low-pressure AI agents and learn how to spot, avoid, and exploit common pitfalls and patterns in system prompts — eventually unlocking live human operators at our partner call centers. A real-time leaderboard tracks solo and team progress, with our not-so-famous Golden Telephone Booth trophy awarded to the top participant.

Hit our minimum point threshold and earn a special Call Center Village 100 Trying black flight tag. The top individual and their team also take home the rare Call Center Village 200 OK gold flight tags. Bring your tags to Party Line, Call Center Village’s after-hours telephony-themed party, and enjoy free refreshments for your spoils.

Escalation Desk is beginner (and introvert) friendly — if you can dial a phone number or use a keyboard, you can participate. Bring your own laptop and headset, or use one of our village stations. Active Noise-canceling headphones with a microphone are highly recommended.

Links:
    Mastodon (@callcentervillage@defcon.social) – @callcentervillage@defcon.social
    Website – https://www.callcentervillage.com



Feet Feud (Hacker Family Feud)

Contest Map Page – LVCCW Level 1 Hall 1-100 (Contest Stage)

When:  Saturday, Aug 8, 22:00 – 23:59 PDT

Feet Feud (Hacker Family Feud) is a Cybersecurity-themed Family Feud style game arranged by members of the OnlyFeet CTF team and hosted by Toeb3rius (aka Tib3rius). Both survey questions and their answers are crowd-sourced from the Cybersecurity community. Two teams (Left Foot and Right Foot) captained by Ali Diamond and John Hammond and comprised of audience members go head to head, trying to figure out the top answers to the survey questions.

Attendees can either watch the game or volunteer to play on one of the two teams. Audience participation is also encouraged if either of the two teams fails to get every answer of a survey question.

Ultimately Feet Feud is about having a laugh, watching people in the industry attempt to figure out what randomly surveyed people from the Cybersecurity community put as answers to a number of security / tech related questions.

#### Participant Prerequisites

Participants are chosen by team captains from the audience at the start of the show. In order to be fair, we try to select participants from all seating areas, so folks who show up later than others still have a chance to volunteer.




Fix the Flag – The AppSec Village Wargame

Contest Map Page – LVCCW Level 1 Hall 2-604 (Appsec Village)




From the Static: A HRV Fox Hunt

Contest Map Page – LVCCW Level 1 Hall 1-112 (Can it Ham? & From the Static: A HRV Fox Hunt)

Somewhere in the noise, a transmission is waiting. It started as fragments; bursts of signal buried in the static, too deliberate to be interference, too strange to be routine. Someone is broadcasting. Someone doesn’t want to be found. And someone else really, really does.

The spectrum is crowded, surveilled, and owned. But old frequencies never die; they just go quiet. Somewhere on the con floor, Foxes are transmitting. Each one carries a piece of something bigger. A fragment of a message. A coordinate. A key. Alone they’re noise. Together they’re signal.

Your job is to find them, collect the pieces, and figure out what they’re trying to say.

Some Foxes are stationary; patient, waiting, transmitting on a loop. Others are moving through the crowd, blending in, broadcasting short range. All of them have something you need. None of them will make it easy.

Expect
– Moving and stationary Foxes broadcasting short-range signals across the con space. – Volunteer human Foxes roaming the contest floor – hunt them down, respectfully, with radios or other RF scanning equipment. – Coded fragments, puzzles, DEF CON history, and the occasional social engineering opportunity standing between you and your next clue. – Trinkets, tokens, or ??? exchanged when you succeed — bring something to write with and something to capture what you find.

#### Participant Prerequisites

RF Fox Hunt(s): To participate in the RF fox hunt(s), you will need a radio or scanner that can receive signals in the 2m and/or 70cm Amateur Radio Bands (144.000 MHz – 148.000 MHz, 420.000 MHz – 450.000 MHz). This isn’t a contest where the most expensive gear wins – whether you’re running an SDR, a handheld radio, or just tuned into the right frequency, you’ve got a shot.

Recommended:
– Something to take notes with.
– Something to capture clues (a camera or steady hand). – Something to listen with and capture signals. – A token from the Ham Radio Village – remember to register and check in to be eligible for prizes.

#### Pre-Qualification

There is no pre-qualifier to the Ham Radio Fox Hunt.

Links:
    Website – https://hamvillage.org/
    Mastodon (@hamradiovillage@defcon.social) – @hamradiovillage@defcon.social



Game Hacking Village CTF

Contest Map Page – LVCCW Level 1 Hall 1-211 (Game Hacking Village)

Explore the world of game hacking through the Game Hacking Village CTF. Our goal as a community is to teach people about game security throughout the industry to bring attention to the flaws throughout many parts of gaming. We bring a unique, multi-disciplinary perspective on cyber security through the lens of game hacking.

#### Participant Prerequisites

Requires a laptop for participation, accessories like a mouse, charger, and ethernet cable might benefit participants. No prior knowledge is required, but an understanding of memory hacking, reverse engineering, and programming in the context of video games will help you succeed.

Links:
    Website – https://www.gamehacking.gg/



Global OSINT Search Party CTF – DEF CON 34 Edition

Contest Map Page – LVCCW Level 1 Hall 4-1307 (OSINT For Good Community)

The Trace Labs Global OSINT Search Party CTF is a non-theoretical CTF where teams of up to 4 people use their OSINT skills to look for actual missing people. For DEF CON 34, we will be working directly with Las Vegas Metro PD to source local missing person cases they have requested the public’s assistance with. This is a hybrid event, open to participants of all skill levels, from anywhere in the world. Prizes will be awarded for 1st, 2nd, and 3rd places, as well as for Most Valuable OSINT. Participants at DEF CON can pickup their free event ticket by stopping by the OSINT4Good Community anytime prior to the event start. Global participants can get a ticket by going to https://www.tracelabs.org/tickets. Bring a laptop and some snacks and get ready to use OSINT4Good!

Links:
    Virtual Registration – https://www.tracelabs.org/tickets



Hac-Man

Contest Map Page – LVCCW Level 1 Hall 1-213 (Hac-Man (Rogue Signal))

Rogue Signal builds bespoke, technically driven interactive experiences rooted in hacker culture, game design, and immersive storytelling. Drawing from backgrounds in immersive theater, live events production, community building, and deep game design practice, Rogue Signal creates systems that transform participation into exploration.

Rather than relying on superficial gamification, Rogue Signal focuses on meaningful challenge design. Their experiences reward curiosity, experimentation, collaboration, and strategic thinking. From scavenger hunts to technical skill challenges to digital easter eggs, each activation is designed around the specific audience and environment it lives in.

At DEF CON, Rogue Signal brings that philosophy to Hac-Man. A Pac-Man–themed security challenge platform that blends retro inspiration with layered technical depth. Participants will engage directly with structured challenges that test logic, pattern recognition, foundational security and hacker knowledge, and progressively more advanced technical skills.

Hac-Man reflects the hacker mindset: iterate, experiment, fail, refine, break assumptions, and try again. It encourages collaboration where helpful, competition where motivating, and discovery at every level.

Attendees can expect:
– Hands-on security challenges
– Multiple subject-matter tracks
– Layered difficulty levels
– Scavenger style discovery elements
– Competitive scoring and mission style progression – A welcoming but technically rich environment

Whether you’re new to security or already deep in the field, Rogue Signal’s space offers a place to test your thinking, sharpen your skills, and experience hacking concepts through play.

#### Participant Prerequisites

Participants will need access to a smartphone, tablet, or laptop in order to access gameplay content and view leaderboards. The experience is web-accessible and designed to function on standard modern devices.

No specialized hardware (e.g., Flipper Zero, SDR, etc.) is required. Foundational familiarity with basic computer use and logical problem-solving will be helpful, but no advanced security knowledge is required to begin. The game features layered difficulty tracks to accommodate both beginners and more advanced participants.

Links:
    Website – https://roguesignal.io/
    peoplemaking.games/@RogueSignal – https://peoplemaking.games/@RogueSignal



Hack3r Runw@y v8.0

Contest Map Page – LVCCW Level 1 Hall 1-100 (Contest Stage)

When:  Saturday, Aug 8, 10:00 – 11:59 PDT

Hack3r Runw@y v8.0

Where Code Meets Catwalk @ DEF CON 34

The Hack3r Runw@y returns for its 8th evolution! After nearly a decade of bridging the gap between hardware and haberdashery, we’re back at DEF CON 34 to prove once again that hackers are the most creative engineers on the planet.

Whether you’re a glamorous geek, a crafty coder, or a fashionably functional phantom, it’s time to weaponize your wardrobe. We’re challenging you to dismantle the boundary between “security” and “style.” If you can hack it, you can wear it.

The Mission Categories
– Smart-Wear (Active Tech): The high-voltage category. Integrate microcontrollers, sensors, and live telemetry into your designs. We want to see hardware that reacts to the environment—or the wearer—in real-time. – Digital Dazzle (Passive Tech): Bling with a brain. Focus on LEDs, fiber optics, and glow-tech that remains passive but high-impact. Light up the room without needing a CLI. – Functional Fashion (Tactical): Gear for the field. Think “Cyber-Chic Pentester”: lockpick jewelry, shim-integrated accessories, signal-blocking fabrics, or high-fashion physical security tools. – Extraordinary Style (Creative Ops): The “Kitbash” category. Elevate the everyday with 3D textures, optical illusions, security-inspired patterns, and deep-cut cosplay.

THE PEOPLE’S CHOICE Trophy: One coveted trophy is up for grabs where ANYONE can win. But be warned: in true DEF CON fashion, there will be a twist. Follow the social media for updates.

  • The Maker’s Mandate
  • This is a pure DIY challenge. We value the “Proof of Concept” over the “Price Tag.”
  • Originality is King: Items must be handmade or heavily modified (“kitbashed”) by the entrant.
  • No “Off-the-Shelf”: Integrating components (like an Arduino or LED strip) is encouraged; buying a pre-finished “light-up dress” from a mass-retailer is an automatic DQ.
  • Show Your Work: Documentation is required. Have photos, videos, or a build-log ready to prove your process if the judges need to verify your “hacker’s trail.”

The Judging Criteria

Our panel will be scoring builds based on: – Technical Mastery: Execution of hardware/software. – Couture Craftsmanship: Quality of the “fit” and finish. – Relevance: How it speaks to hacker culture or security. – Originality: Creative use of materials and “kitbashing.”

#### Participant Prerequisites

Originality: Items must be handmade by the entrant.

Verification: Documentation (photos/video) of the build process is required to verify authenticity.

Modification vs. Acquisition: We celebrate the “kitbash.” Using pre-made components to create something new is allowed, but “off-the-shelf” or “plug-and-play” retail items are not permitted.

Links:
    Mastodon (@hac3krrunway@defcon.social) – @hac3krrunway@defcon.social
    Website – https://hack3rrunway.github.io



Hacker Games

Contest Map Page – LVCCW Level 1 Hall 1-207 (Hacker Games)

The Hacker Games is a series of hacker skills tests meant to challenge the hacker’s knowledge of computer systems such as Binary -> Hex -> X conversion, Adapter -> Adapter knowledge, Keyboard Layout, and many more arbitrarily useless skills. Hackers will go head-to-head in a series of several skill-based games. BinHexAscii, Chopstick Challenge (a.k.a. Will it Flow), Keyboard Layout, Adapt or Die, ToS, and more! Can you hack it?

#### Participant Prerequisites

A box of computer-style adapters of no particular order would be very helpful.




Hacker Jeopardy!

Contest

The DFIU Crew has been running Hacker Jeopardy at DEF CON for longer than some of you have had email addresses, and we’re not stopping now. Hacker Jeopardy is exactly what it sounds like and nothing like what you expect: a game show forged in the crucible of the hacker community, where the categories swing without warning from “things a script kiddie Googled at 2am” to “cryptographic primitives your professor couldn’t explain sober.” Whether you’re a first-timer trying to get your bearings or a proverbial greybeard who lived through the dial-up wars, there’s an answer in here that will humble you, one that will make you feel like a genius, and at least three that will make you spit your beer. We cover the full spectrum — the culture, the craft, the lore, the absurdity, and the genuine depth of knowledge that defines this community at its best and its most chaotic. Come to play, come to watch, come to heckle. You’ll leave knowing something you didn’t, laughing at something you shouldn’t, and questioning at least one life choice. That’s the DEF CON tradition. We’re just the ones with the buzzers.

#### Participant Prerequisites

Contestants compete in teams of 3 on stage, streamed live on DCTV, so bring a crew with a team name and an identity the audience can get behind. Know things — a lot of things, across a weird range: hacking and security, hacker literature, movies and culture, DEF CON lore, lateral thinking, and the gloriously obscure, and TELNET, know fucking TELNET. Beer consumption is part of the scoring, non alcoholic options available at team registration. If you’re just coming to watch, line up early, show up ready, and be loud.

#### Pre-Qualification

Pre-registration is required before DEF CON! Watch https://hackerjeopardy.com and the DEF CON Discord for details and don’t wait until the last minute to sign up.

Links:
    Website – https://hackerjeopardy.com/
    Mastodon (@HackerJeopardy@defcon.social) – https://defcon.social/@HackerJeopardy



HackFortress

Contest Map Page – LVCCW Level 1 Hall 1-108 (HackFortress)

HackFortress is back! Returning to DEF CON with a twist on our standard format. Two teams of players, 6 gamers and 4 hackers each, compete in a mashup of a jeopardy style CTF and a first person shooter. New this year, we’re replacing our previous FPS of Team Fortress 2 with a web based version of the 2000’s classic Quake 3!

While gamers are rocket jumping and sniping each other in Quake, hackers will be solving challenges in a variety of areas: web security, network security, cryptography, lock picking, social engineering, and more! Challenges range from beginner to advanced, from serious to absurd. During the competition, as both sides of the team star scoring points, the teams also earn points in the HackFortess HackConomy Store, in the store hackers can buy in game effects, both offensive and defensive, and much like the challenges, these effects range from serious to absurd.

With all of the contest being web based, both hacking and Quake, players MUST bring their own laptop (or whatever device they want to use) and a wired network adapter.

Grab your friends!

Ask that random stranger standing next to you in Linecon if they want to join your team!

Come play HACKFORTRESS!

#### Participant Prerequisites

All players will need to bring a laptop and wired network adapter. Since we are now using web based version of Quake 3 (which can run on players phones), we are no longer providing any gaming laptops.

Gamers: bring any gaming accessory of your choice, its your hardware, go for it

Hackers: bring lockpicks

Links:
    Website – https://hackfortress.net



Hacking GRC

Contest Map Page – LVCCW Level 1 Hall 1-110 (Hacking GRC)

Hacking CMMC is a hands-on cybersecurity competition designed to immerse participants in the practical aspects of the Cybersecurity Maturity Model Certification (CMMC). Through realistic, challenge-based scenarios, players explore common compliance gaps, security controls, and threats faced by defense contractors.

The CTF blends technical problem-solving with compliance-driven thinking, helping participants understand how security requirements translate into real-world incidents. It offers an engaging way to learn, test skills, and strengthen readiness for CMMC-aligned environments.

The CTF will be a Jeopardy-style CTF where every player will have a list of challenges in different categories. For every challenge solved, the player will get a certain number of points depending on the difficulty of the challenge.

### Prerequisites

  • Laptop with Internet Access
Links:
    Website – https://peaches.cloud



HALctf (AI Village CTF)

Contest Map Page – LVCCW Level 1 Hall 2-603 (AI Village)

Step into the future of offensive security at HalCTF, DEF CON’s first autonomous-only capture the flag. While the industry fixates on closed-source models like Claude, Codex, and Gemini, the security community remains at the whim of providers who can shutter access at a moment’s notice. This dependency creates a bottleneck for both malicious actors and the good-faith researchers trying to outpace them. HalCTF breaks that cycle by asking a critical question: What can be achieved with pure, open-source models? Participants deploy self-contained Docker agents into an isolated sandbox, built with local LLM infrastructure with open source models, these autonomous “Operators” must independently navigate to scout, exploit, and pivot through live targets in several other CTFs. This is a first-of-its-kind laboratory for agentic research—an air-gapped proving ground to see if open models can hold their own in a real-world fight. Build your agent, upload your ID, and see if the open-source rebellion can take the flag.

#### Participant Prerequisites

They need to submit the docker image a week before DEFCON. On site submissions will be taken as possible, but we’re not building autoscaling in as the Proxmox component from Range Village doesn’t scale.

#### Pre-Qualification

There is no pre-qualification aside from the presubmission.

Links:
    Website – https://aivillage.org



Hardware Hacking Village CTF

Contest Map Page – LVCCW Level 1 Hall 1-400 (Hardware Hacking Village and Solder Skills Village)

Grab some solder and update your JTAGulator! The Hardware Hacking Village (HHV) is back with another DEF CON hardware hacking-focused Capture the Flag (CTF) competition. This is a jeopardy style CTF, designed to challenge participants through various aspects of hardware hacking. Whether you’re new to hardware hacking or experienced and just looking for something to do while you wait for your fault injection to trigger, all are welcome and challenges range from beginner to advanced.

#### Participant Prerequisites

While not required, a laptop, programmable microcontroller, and logic analyzer may make some of the challenges more approachable. We try to have at least one of any device needed to solve a challenge available that a participant can either use at our bullpen or borrow for some time. We try to publish a list of recommended tools to bring to social media and our website a few weeks before DC so attendees can prepare.

Links:
    Mastodon (@hhv_ctf@defcon.social) – @hhv_ctf@defcon.social
    Website – https://dchhv.org/challenges/DC34



HardWired

Contest Map Page – LVCCW Level 3 W303-310 (Packet Hacking Village)

This event was born out of the desire to teach an often-overlooked hardware and networking skill, and to provide the opportunity for experienced people to mentor others as they learn. DEF CON provides the perfect environment for people with no prior training to learn something useful and new. Hardwired networks are often overlooked in today’s world of cellular connection and Wi-Fi, but they still play an important part in the backbone of information sharing. We believe that while cutting-edge technologies are thrilling, traditional skills-building still has its place, and we want to provide that opportunity to the DEF CON community.

#### Participant Prerequisites

None




HSPACE: AI Battlegrounds

Contest Map Page – LVCCW Level 1 Hall 1-205 (HSPACE: AI Battlegrounds)

Your prompt becomes a character, and that character fights, survives, and runs.

‘HSPACE: AI Battlegrounds’ is a contest where you create a character using a short natural language prompt, then enter that character into a variety of games.

Across these games, you become the agency of the character you have created — collecting information about the environment your character is experiencing in real time, making judgments, issuing commands, and ultimately winning the game. No joystick, no code, no prior knowledge required.

Everything depends on the judgment of you, the agency. Through the story your character (AI) tells you, grasp the situation in real time — and the commands you give will actually play out in the game, depending on how the AI interprets your words. Tweak your prompt little by little and make your character the strongest of all. Who knows — your prompt might just unlock a special ability in your character. The more your character wins, the more points you earn.

In the Multimodal Attack Playground next to the Main Game, you can directly experiment with how visual elements and your own intuition change the AI’s judgment.

“Ready to take control? The battleground awaits.”

#### Participant Prerequisites

Anyone who has used AI at least once is welcome.

Links:
    Website – https://aibattlegrounds.hspace.io
    Mastodon (@aibattlegrounds@defcon.social) – @aibattlegrounds@defcon.social



HTB CTF: Data Dystopia

Contest

Hack The Box is the leading cyber readiness platform for the agentic era, battle-testing and upskilling both humans and AI agents to enhance organizational cyber resilience. HTB’s CTFs offer a great opportunity to get exposed to a plethora of challenge categories and difficulty levels, all backed by a big community ready to support, or just hang out.

#### Participant Prerequisites

Laptop

Links:
    Website – https://ctf.hackthebox.com/events/live



IoT Village CTF

Contest Map Page – LVCCW Level 1 Hall 1-111 (IoT Village CTF)

Hack all the things at IoT Village!

IoT Village advocates for advancing security in the Internet of Things (IoT) industry through bringing researchers and industry together. IoT Village hosts talks by expert security researchers, interactive hacking labs, live bug hunting in the latest IoT tech, and competitive IoT hacking contests. Over the years IoT Village has served as a platform to showcase and uncover hundreds of new vulnerabilities, giving attendees the opportunity to learn about the most innovative techniques to both hack and secure IoT. IoT Village is organized by security consulting and research firm, Independent Security Evaluators (ISE).

#### Participant Prerequisites

Participants will need to have their own laptop. We will provide the instructions on site, as attendees can only participate on site.

Links:
    Website – https://iotvillage.org/



Kubernetes CTF

Contest Map Page – LVCCW Level 1 Hall 1-212 (Kubernetes CTF)

Want to learn more about Kubernetes hacking or compete against other people in a Capture the Flag contest? Sign up on-line and come see us in person/on Discord at the Kubernetes Capture the Flag (CTF) contest .

We have two events – you can play in both if you like.

From Friday to Sunday, we have a non-competitive Learning CTF, where you can go through last year’s Kubernetes CTF scenario, referring to a cheat sheet whenever you want. This runs from Friday 12:00 to Sunday 12:00. We’ll be in the contest area to support you during:

Friday: 12:00-17:00
Saturday: 10:00-17:00
Sunday: 10:00-12:00

On Saturday only, you can play in the competitive Kubernetes CTF challenge, where teams (of one or more) can build and test their skills. Each team is given access to a single Kubernetes cluster that contains a set of challenges. This runs from 10:30am to 5:30pm on Saturday.

Find out more and sign up at: https://containersecurityctf.com/

Links:
    Website – https://containersecurityctf.com/
    Mastodon (@containersecurityctf@defcon.social) – @containersecurityctf@defcon.social
    Website – https://containersecurityctf.com/



Locktopus Competition

Contest Map Page – LVCCW Level 1 Hall 1-407 (Lock Pick Village)

How do your lockpicking skills compare to the rest of the class? Enter the TOOOL US Locktopus Competition and find out! Eight legs, eight locks, eight lockpickers, one red table. Four locks of a similar difficulty must be picked, only five minutes per lock is given, thus 20 minutes per attempt/round. The 32 pickers with the fastest combined time will move on to a semi-final championship. The fastest of each round will move on to the final round, with the eight fastest pickers at the table. Open qualifying starts on Friday from 1:00pm and runs until village close. Semi-finals on Saturday at 1:00pm. Final championship on Saturday at 3:00pm.

#### Participant Prerequisites

Participants should be familiar with the very basics of picking locks. This can be learned at the lockpick village, where the locktopus challenge will be taking place.

Links:
    Website – https://toool.us
    Mastodon (@TOOOL@techhub.social) – https://techhub.social/@TOOOL



Octopus Game

Contest Map Page – LVCCW Level 1 Hall 1-201 (Octopus Game)

Octopus Game is an interactive, hands-on adventure designed to help attendees navigate the overwhelming scale of DEF CON with purpose. We specialize in bridging the gap between participants and the wider hacker community by transforming the conference floor into a collaborative quest. Players solve a series of cryptic puzzles and ciphers that act as reconnaissance, leading them to various villages and communities across the event. Unlike traditional competitions that keep players behind a screen, our game requires attendees to step outside their comfort zones, interact with experts, and discover specialized areas they might otherwise miss.

Attendees can expect to gain the confidence and social skills needed to network in a high-pressure environment while exploring the conference as a whole. We provide a “jump right in” experience with no prerequisites, ensuring that everyone, regardless of their technical level, has a clear starting point to build their crew and find their place in the community. By turning the act of conference exploration into an immersive story, we encourage the lateral thinking and curiosity that defines the hacker mindset. Participants won’t just walk away with points; they’ll leave with new professional connections and a deeper understanding of the entire DEF CON ecosystem.

#### Participant Prerequisites

To participate in Octopus Game, the only essential requirement is a smartphone, which is used for accessing digital clues and capturing photo evidence. While not strictly required, a laptop may be beneficial for solving certain digital puzzles. We also recommend bringing a notebook and pen to help track clues and decode ciphers as you move throughout the conference.

There are no specialized technical skills or prerequisites required to play. Our challenges are designed for true accessibility, allowing any attendee to “jump right in” regardless of their initial skill level. All you need is curiosity, a willingness to solve puzzles, and an interest in interacting with the various communities and villages across the event.

Links:
    Website – https://www.octopusgame.org/



OWASP Foundation CTF

Contest Map Page – LVCCW Level 1 Hall 4-1415 (OWASP Foundation)

Our OWASP creator group brings a hands-on, hacker-first approach to application security by combining offensive security techniques with real-world defensive engineering. Through an interactive Capture the Flag (CTF) environment built around open-source tools from the OWASP community, participants will learn how modern security practitioners discover, exploit, and ultimately fix vulnerabilities in real applications.

At the center of the experience is a deliberately vulnerable deployment of OWASP Juice Shop, one of the most widely used open-source training platforms for web application security. Attendees will interact directly with a live vulnerable application, identify weaknesses, exploit them to retrieve flags, and then move beyond exploitation by implementing secure patches.

What makes this experience different from traditional CTFs is that breaking the system is only half the challenge. Competitors will also need to demonstrate how to fix the vulnerability they exploited. After discovering a bug, participants will patch the code in a forked repository, document their remediation approach, and submit a pull request demonstrating how the issue should be properly resolved. Successful fixes unlock additional flags and points, rewarding both offensive skill and secure engineering practices.

This challenge reflects the reality of modern security work. In the real world, security professionals are expected not only to find vulnerabilities, but to collaborate with developers, explain the risk, and help ship secure fixes. Our CTF recreates that workflow in a fun and competitive environment where participants can experiment with both traditional application security techniques and modern AI-assisted analysis tools.

Participants who stop by our creator space will be able to: – Exploit real web application vulnerabilities in a safe environment – Learn common attack techniques used against modern web applications – Practice secure coding and vulnerability remediation – Submit real code fixes through Git-based workflows – Experiment with AI-assisted security analysis and remediation – Gain experience with open-source security tools from the OWASP ecosystem

Whether you are a seasoned penetration tester, a developer looking to understand how attackers think, or someone new to application security, this space offers a chance to break things, fix them, and learn how modern security teams actually operate.

By the end of the experience, participants will walk away with a deeper understanding of the full security lifecycle: identifying vulnerabilities, responsibly fixing them, and deploying secure solutions. Our goal is to show that hacking isn’t just about exploitation, it’s about understanding systems deeply enough to make them more secure.

#### Participant Prerequisites

Laptop, Github Account, basic understanding of Git workflow, understanding of OWASP best practices

Links:
    Website – https://ctf.owasp.org



Phish Stories

Contest

Phish Stories is a contest that combines the art of creative writing with the strategic challenge of social engineering, inviting participants to craft phishing emails that are both convincing and hilariously entertaining. It gives people at any level the chance to show off their skills in writing, social engineering, and humor to create a unique contest that allows for multiple ways to win. Writers, comedians, and Red-Teamers can all find a path to victory!

Participants are tasked with creating phishing emails targeting key staff of a fictional company. The goal is to produce emails that are not only convincing enough to prompt a click but also funny enough to entertain. Contestants must also provide a one-page backstory that gives the details of the approach and what happens after our unsuspecting staff member clicks on that link. Contestants receive background information on their targets to help craft their entries.

There are three winners in the contest: – The Ruler: Best overall combination of clickability and humor. – The Wizard: Best technical and clickable email. – The Jester: Funniest entry.

Links:
    Website – https://www.phishstories.org/



PhreakMe

Contest Map Page – LVCCW Level 1 Hall 1-210 (PhreakMe)

Ever wondered what hacking looked like in the golden age of phone phreaking? What about today? What can we learn about the old techniques that still plague our current infrastructure? The PhreakMe Capture the Flag brings you the classic art of telecom exploitation.

The Hacked Existence team is once again hosting a telecom based CTF. The CTF runs on real live VoIP lines routed through a modified asterisk PBX allowing participants to dial in to the CTF from anywhere in the world. This number is live 24/7 throughout DEFCON, allowing you to hunt the PBX for flags any time, day or night. Don’t have a phone? Come test your skills at one of our 5 payphones! Also there’s a BBS, hope you brought your modem!

All the flags are based around historically accurate tactics, techniques, and procedures to manipulate emulated old school switching systems.

The purpose of our contest is to bring awareness around the still existing weaknesses in our telecom infrastructure and Interactive Voice Response Systems. Ideally visitors to our contest area will participate in the CTF allowing them to get a better understanding of telecom hacking in the year 2026 as well as a respect for the art of phreaking from yesteryear.

Come test your skills, challenge your knowledge, and dive deep into the world of phreaks.

Hints: Read ‘The Cyberthief and the Samurai’ and ‘Masters of Deception: The Gang That Ruled Cyberspace’ for a leg up.

#### Participant Prerequisites

A phone, or access to a phone that can dial an american based phone number. The BBS will be both accessible from a modem and also ssh. Ideally people will read books like ‘The Cyberthief and the Samurai’ and ‘Masters of Deception: The Gang That Ruled Cyberspace’ and the Cult of the Dead Cow book.

Links:
    Website – https://phreakme.com/



Pinball High Score Contest

Contest Map Page – LVCCW Level 1 Hall 1-304 (Pinball High Score Contest)

The Pinball High Score contest at DEF CON 34 will run Friday and Saturday: 10:00-18:00, Sunday 10:00-13:00 with games available for daily High Score contests, daily challenges and open qualifying for a main tournament. The daily contests will allow any attendee to play pinball games and attempt to record a qualifying high score on each of the unique games. At 17:00 on Saturday main tournament qualifying will end, tiebreakers will be played (if needed) and the top 8 players with the highest combined scores across all eligible machines will qualify for the Sunday finals event where they could become the next DEF CON Pinball Champion!

Achieving a high score may sound simple but pinball rulesets are very complex and the skill to complete a “Wizard Mode” or achieve a high score requires research, practice, knowledge and execution. Out of the box thinking, analytical skills and pattern recognition are traits that pinball players must exhibit to be successful and some games have rule sets that can be studied and exploited to achieve a high score. Hackers are at an advantage here and while this is just a pinball contest, we expect that the community is ready for this challenge!

Last year the contest measured how you moved the machine. This year, we’re reading what happens inside it. Custom sensors feed SHELL, our Sub-surface Hidden Entertainment Layer Logic. When you unlock the right patterns, a hidden world appears on screens beneath the glass. Face off in secret mini-games, answer hacker trivia under pressure, and battle other players in competitive challenges where you can steal control mid-game. It’s pinball within pinball, a clandestine layer of gameplay that only reveals itself to those who can crack the SHELL.

#### Participant Prerequisites

Nothing special is required. Any person can step up and enjoy a pinball game or they can spend 30+ hours solving our challenges if they want to play the deeper game.

Links:
    Website – https://app.pinballhackers.com/



Pub Quiz at DEF CON

Contest Map Page – LVCCW Level 3 W327 (Misc Meeting Room)

When:  Friday, Aug 7, 13:00 – 14:59 PDT

We’re back with another Pub Quiz at DEF CON! After 4 very successful years hosting this event, we’ve made some improvements to make it even better. So… do you like pub quizzes? If so, get your butts over and join us for the 5th Pub Quiz at DEF CON 34.

The quiz will consist of 7 rounds, covering topics like ’90s/2000s TV and movies, DEF CON trivia, music, cartoons, and yes, a little bit of sex. The theme is all the things that make DEF CON attendees exceptional, so there will truly be something for everyone. Expect a mix of visual rounds, audio rounds, and classic con questions. We need to keep you peeps stimulated.

This is a social event, so we encourage teams of 5–6 people. You never know… you might even meet the love of your life.

Did we mention CASH? That’s right; cold, hard cash prizes for 1st, 2nd, and 3rd place teams. And as always, if there’s a tie, we’ll break it with a good old-fashioned dance-off, judged by the hosts and a few trusted goons.

Come for the trivia. Stay for the chaos.




Radio Frequency Capture the Flag

Contest Map Page – LVCCW Level 1 Hall 1-409 (Radio Frequency Village)

In this game capture the flag you will be presented with real configurations of real wireless and radio technologies to attack. Practice your skill and learn new ones from Radio Frequency IDentification (RFID) through Software Defined Radio (SDR) and up to Bluetooth and WiFi. There may even be Infrared, if you have the eye for it.

RF Hackers Sanctuary is once again holding the Radio Frequency Capture the Flag (RFCTF) at DEF CON 34. RFHS runs this game to teach security concepts and to give people a safe and legal way to practice attacks against new and old wireless technologies.

We cater to both those who are new to radio communications as well as to those who have been playing for a long time. We are looking for inexperienced players on up to the SIGINT secret squirrels to play our games. The RFCTF can be played with a little knowledge, a pen tester’s determination, and $0 to $$$$$ worth of special equipment. Our virtual RFCTF can be played completely remotely without needing any specialized equipment at all, just using your web browser! The key is to read the clues, determine the goal of each challenge, and have fun learning.

This game doesn’t let you sit still either, as there are numerous fox hunts, testing your skill in tracking various signals. If running around the conference looking for WiFi, Bluetooth, or even a Tire Pressure Monitoring System (TPMS) device sounds like fun, we are your source of a higher step count.

There will be clues everywhere, and we will provide periodic updates via discord and twitter. Make sure you pay attention to what’s happening at the RFCTF desk, #rfctf on our discord, and the interwebz, etc. If you have a question – ASK! We may or may not answer, at our discretion.

FOR THE NEW FOLKS

This contest is free and open to anyone and everyone. You can sign up and start playing any time during the conference. If you didn’t bring your wireless gear don’t worry, our virtual RFCTF environment is played over ssh or through a web browser. It may help to have additional tools installed on your local machine, but it is not required.

Read the presentations at: https://rfhackers.com/resources

Hybrid Fun

For DEF CON 34 we will be running in “Hybrid” mode. That means we will have both a physical presence AND the virtual game running simultaneously. All of the challenges we have perfected in the last 2 years in our virtual game will be up and running, available to anyone all over the world (including at the conference), entirely free. In addition to the virtual challenges, we will also have a large number of “in person” only challenges, which do require valid conference admission. These “in-person” only challenges will include our traditional fox hunts, hide and seeks, and king of the hill challenges. Additionally, we will have many challenges which we simply haven’t had time or ability to virtualize. Playing only the virtual game will severely limit the maximum available points which you can score, therefore don’t expect to place. If you play virtual only, consider the game an opportunity to learn, practice, hone your skills, and still get on the scoreboard for bragging rights. The virtual challenges which are available will have the same flags as the in-person challenges, allowing physical attendees the choice of hacking those challenges using either (or both) methods of access.

THE GAME

To score you will need to submit flags which will range from decoding transmissions in the spectrum, passphrases used to gain access to wireless access points, or even files located on servers. Once you capture the flag, submit it to the scoreboard right away, if you are confident it is correct. Flags worth more points for the early solves, so don’t sit on those flags. Offense and defense are fully in play by the participants, the RFCTF organizers, and the Conference itself. Play nice, and we might also play nice.

Who runs this thing?

RF Hackers Sanctuary is a group of all volunteers with expertise in radio security and various other related fields. We are the original creators of the WiFi Capture the Flag, Wireless Capture the Flag, and RF Capture the Flag. We are the original founders of the WiFi Village, Wireless Village, and RF Village. Often imitated, never duplicated, but you can have our code for free.

TL;DR

Getting started guide: https://github.com/rfhs/rfhs-wiki/wiki

Helpful files (in-brief, wordlist, resources) can be found at: https://github.com/rfhs/rfctf-files

Support tickets may be opened at https://github.com/rfhs/rfctf-support/issues

Our whole game is also open source and available at: https://github.com/rfhs/rfctf-container

Discord: https://discordapp.com/invite/JjPQhKy

Website: http://rfhackers.com – play with us

Github: https://github.com/rfhs

Official Support Ticketing System: https://github.com/rfhs/rfctf-support/issues

#### Participant Prerequisites

  • A minimum of a laptop with a web browser is required to join our game.
  • All manner of wireless gear may be helpful, but the virtual environment is available if traveling with your sdr collection is difficult.
Links:
    Website – https://rfhackers.com



Raitlin’s Challenge presented by the Illuminati Party®

Contest

Test your mental abilities with Raitlin’s Challenge, the Illuminati Party®’s sophisticated collection of abstract visual puzzles, presented annually at DEF CON for over a decade. This intellectually demanding competition pushes participants to their limits through exceedingly complex challenges that require mastery of diverse knowledge domains.

The challenge begins with an initial invitation puzzle that serves as a gateway to the main experience. Once solved, competitors continue to a carefully curated series of abstract visual puzzles presented in an artistically refined format on the dedicated website. Each puzzle solved yields a verification string for validation and progress tracking.

What sets Raitlin’s Challenge apart is its comprehensive scope, drawing upon principles from mathematics, science, engineering, technology, cryptography, protocols, algorithms, biology, chemistry, programming, and ancient history. While technical expertise, particularly in hacking, proves advantageous, the true challenge lies in applying abstract thinking across multiple disciplines.

The journey to completion varies significantly among participants, spanning anywhere from days to years. Unlike many competitive events, Raitlin’s Challenge remains perpetually available after DEF CON concludes, allowing determined solvers to pursue solutions at their own pace. Those who ultimately succeed earn recognition on the prestigious ledger of completions, joining an elite group of problem-solvers who have demonstrated exceptional intellectual versatility and persistence in unraveling the secrets of the Illuminati Party®.

#### Participant Prerequisites

Access to a web browser and Internet connection.

Links:
    Website – https://dc34.minervallux.com/



Reali7y Overrun

Contest Map Page – LVCCW Level 1 Hall 1-308 (Reali7y Overrun)

It’s hard to tell what’s real or not anymore. Deepfakes, AI, LLMs, Sora, unreliable sources of information, data spoofing… it’s too much for even the most informed to keep up with, let alone the 99% of us just trying to get by. We’re heading quickly to that precipice, close to that point of no return where those who control the money, the power, the GPUs, the energy grid, will control us all. Or worse: where the first artificial intelligences will manipulate us all… We’re nearing a memory buffer overflow, a glitch in the matrix, a

/`/$ REALI7Y OVERRUN $\’\

Teams will join an interactive multiplayer video game and follow the storyline to clues that will give them hints about who they can trust and who they can’t. The clues will follow the pattern of deepfakes and forgeries, asking players to figure out what’s real and what’s not, focusing on hacker and DefCon focus areas such as authentication, trust, social engineering, hardware and software manipulation and more. They will be given a rich story that will lead them to research the underlying issues in trust and anonymous trust systems. They will encounter challenges and tutorials on video and image validation and cryptographically safe messaging.

Links:
    Website – https://reali7y-over.run/



Red Team CTF

Contest Map Page – LVCCW Level 1 Hall 1-309 (Red Team Village)

The Red Team Capture the Flag (CTF) competition at DEFCON is a challenging and exciting event that tests the skills of participants in offensive security. The objective of the Red Team CTF is for teams to successfully complete challenges faced by Red Teams.

The Red Team CTF is designed to simulate real-world scenarios in which attackers attempt to penetrate the security of a network or system. Participants are expected to use a wide range of hacking techniques, tools, and skills to identify and exploit vulnerabilities in the target network.

Teams are typically composed of experienced hackers, penetration testers, and security researchers who have a deep understanding of the latest cybersecurity threats and attack techniques. They must work together to uncover and exploit vulnerabilities in the target network, while also evading detection and countermeasures put in place by the Blue Team.

The Red Team CTF at DEFCON is considered one of the most challenging and prestigious CTF competitions in the world, with participants coming from all over the globe to compete. It is a high-pressure, high-stakes event that tests the limits of participants’ technical and strategic abilities, and offers a unique opportunity to showcase their skills and knowledge in front of a global audience of Hackers.

#### Participant Prerequisites

Participants are required to bring a laptop with the ability to connect to DEFCON WiFi or other internet connection.

Links:
    Website – https://redteamvillage.io/



Social Engineering Community Vishing Competition (SECVC)

Contest Map Page – LVCCW Level 3 W317-319 (SEC Village)

In the Social Engineering Community Vishing Competition (#SECVC), competitors go head-to-head by placing live vishing (voice phishing) calls in front of a DEF CON audience. From a soundproof booth, teams attempt to achieve specific objectives by persuading employees at real organizations using carefully crafted pretexts, OSINT, and quick improvisation. Each team has a limited amount of time to place as many calls as possible, demonstrating how social engineering attacks unfold in real time and how easily trust can be leveraged to access sensitive information.

The competition highlights both the creativity and complexity of social engineering. Some calls succeed through charm, storytelling, and clever research, while others are quickly shut down by well-trained employees. For the audience, it provides a rare chance to see the human side of hacking in action. Attendees can observe the tactics competitors use, the defenses organizations rely on, and the unpredictable moments that occur when real people are involved.

Whether you’re an attacker, defender, security leader, or simply curious about the psychology behind hacking, the SECVC offers a unique opportunity to watch social engineering happen live and learn from both successes and failures. The competition takes place on Friday in the Social Engineering Community village, and seats fill quickly, so attendees are encouraged to arrive early to catch the action.

#### Participant Prerequisites

The SEC Vishing Competition competitors are selected in advance through a Call for Competitors process prior to DEF CON. Competitors should be familiar with basic social engineering concepts such as elicitation, pretext development, and OSINT research, as these skills are commonly used during the calls and the OSINT phase. No specialized hardware is required for competitors, as the competition infrastructure and calling environment are provided by the village.

#### Pre-Qualification

Yes. The Social Engineering Community Vishing Competition uses a Call for Competitors process prior to DEF CON. Interested teams apply through our website and provide information about their background, approach, and interest in participating. Teams are then selected by a rotating Call for Competitors review board made up of community members. Additional details and application information are published on our website when the call opens: https://www.se.community/vishing-competition/

Links:
    Website – https://www.se.community/vishing-competition/



spyVspy 3: Rat Race

Contest Map Page – LVCCW Level 1 Hall 1-206 (spyVspy 3: Rat Race)

spyVspy is back, and this year, you’re racing.

Embark on a thrilling espionage adventure with spyVspy 3: Rat Race! This contest imagines a world of spy games where contestants employ basic hacking, cryptography, and rogue skills to solve puzzles and uncover hidden caches strategically scattered throughout DEF CON (and beyond).

Challenges leading to the location of hidden caches will be released on a rolling schedule. By solving these challenges and being the first team to reach a cache, you will qualify for a final series of challenges on Saturday afternoon. Not the first? That’s okay – you’ll still have fun and earn cool spyVspy slabbed cards

spyVspy 3: Rat Race is intended for players of all skill levels. Whether you’re a seasoned double-agent or just learning to be a covert operative, you will be able to compete and have fun in this event. Whatever skills you think you’re missing can probably be learned on-the-job anyway.

#### Participant Prerequisites

A laptop would be great, but some puzzles may be solvable on a phone.

Links:
    Website – https://www.fottr.io



STARPWN (Aerospace Village CTF)

Contest Map Page – LVCCW Level 1 Hall 2-700 (Aerospace Village)

Want to try your hand at hacking satellites, spacecraft and ground control systems? Miss out on Hack-A-Sat? Want to explore the final frontier of cybersecurity? STARPWN is the official Aerospace Village space hacking CTF! Back door flight computers, trojan flight software, exploit CVE’s, reverse protocols, and more! During you space hacking journey, you’ll learn all about the environmental and operational constraints of space systems, how they affect cybersecurity posture and impact exploitability.

#### Participant Prerequisites

Participants will need a personal computer / laptop and an internet connection to play the CTF.

Links:
    Website – https://aerospacevillage.org
    Mastodon (@aerospacevillage@defcon.social) – @aerospacevillage@defcon.social
    Starpwn CTFd – https://starpwn.ctfd.io



TeleChallenge

Contest Map Page – LVCCW Level 1 Hall 1-107 (TeleChallenge)

The TeleChallenge isn’t just a puzzle challenge, it’s an experience. We are super excited to show the plan for the tenth year in a row. Don’t copy that floppy, but instead prepare to be immersed in an entirely new world where all of your hacker skills will be challenged (along with your 0xEA60 skills). This is a very tough contest to win, and is among the most challenging at DEF CON. Are you ready? Your first step is to find us, because part of the puzzle is discovering the puzzle.

#### Participant Prerequisites

You’ll need a phone, your creativity and some hacker friends. It also helps to have access to a computer. Use the TeleChallenge as an excuse to meet people and form a team.

#### Pre-Qualification

We may have team registration in advance, but there is no pre-qualifyer.

Links:
    Mastodon (@telechallenge@defcon.social) – https://defcon.social/@telechallenge
    Website – https://www.telechallenge.org



The EFF Benefit Poker Tournament

Contest

The EFF Benefit Poker Tournament is back for DEF CON 34! This is the hackers vs lawyers edition featuring Marcia Hofmann, Kurt Opsahl, and Cindy Cohn. Check back as we add more lawyers to the mix.

Your buy-in is paired with a donation to support EFF’s mission to protect online privacy and free expression for all.

Play for glory. Play for money. Play for the future of the web.

Seating is limited, so reserve your spot today.

#### Participant Prerequisites

21 and over. Pre-register as soon as possible to ensure your spot at the table at https://eff.org/poker; we sell out every year.

#### Pre-Qualification

No

Links:
    Website – https://eff.org
    Mastodon (@eff@mastodon.social) – https://mastodon.social/@eff



The Gold Bug (Crypto and Privacy Village Contest)

Contest Map Page – LVCCW Level 1 Hall 1-402 (The Gold Bug)

From Caesar to Vigenère, or DES to RSA, hackers have been making and breaking codes for thousands of years. If you love puzzles, this is the perfect opportunity to join this fine tradition and break some codes!

The Gold Bug is an annual puzzle hunt at DEF CON, focused on cryptography. While some puzzles will dig into substitution ciphers or more modern algorithms, others may test your logic and pattern recognition.

The Gold Bug is accessible to all, with some simpler puzzles for warmup or beginners (even kids!), and others that will require you to keep digging and wonder how deep the layers will go. Whether you want to hack on puzzles solo or with a team, join us at https://goldbug.cryptovillage.org to get started!

#### Participant Prerequisites

No prior experience or specific knowledge is required to participate in The Gold Bug. Participants will need to use a web browser to access the puzzles and submit answers. Puzzles may take such forms as images, PDF files, web pages, or multimedia files.

Links:
    Mastodon (@goldbug@defcon.social) – @goldbug@defcon.social
    Website – https://goldbug.cryptovillage.org/



The Pwnie Awards

Contest

The Pwnie Awards are the security industry’s annual ceremony recognizing the most notable vulnerabilities, research breakthroughs, and security failures of the past year. Previously a mainstay of Black Hat but now held each year at DEF CON to reach a broader audience, the Pwnies celebrate the researchers who uncover important flaws—and call attention to the mistakes that made those flaws possible.

The awards operate in the tradition of both academic recognition and hacker irreverence. Categories range from serious acknowledgments of groundbreaking vulnerability research to tongue-in-cheek recognition of the most spectacular security blunders. The tone may be humorous, but the purpose is serious: security improves when the community is willing to examine failures in the open.

The security industry does not always have a strong tradition of self-policing. The Pwnie Awards provide a forum where the community can acknowledge what went wrong, recognize the people who discovered it, and encourage vendors and organizations to do better next time. Many of the vulnerabilities recognized by the Pwnies have gone on to shape how security research is conducted and how software is built. In a few noteworthy cases, recipients of the Pwnie for Epic Fail have even delivered heartfelt acceptance speeches acknowledging their mistakes—helping redeem those organizations in the eyes of the community.

Attendees can expect a fast-paced awards ceremony announcing this year’s nominees and winners across multiple categories, highlighting some of the most interesting security discoveries and failures from the past year. The ceremony celebrates the work of security researchers while reminding everyone in the room why this field exists in the first place.

In short, the Pwnies embody a core hacker belief: progress comes from curiosity, transparency, and the willingness to learn from mistakes—even when those mistakes are embarrassing.

#### Participant Prerequisites

We will need playback support of Powerpoint and/or Google Slides with video segments to introduce each category and show the winner of each category.

#### Pre-Qualification

Nominations are submitted to the Pwnies technical committees for each award; final nominees for each category are announced no later than July 11, 2026, so that the wider judging organization may vote to determine awardees.

Links:
    Website – https://pwnies.com/



Tin Foil Hat Contest

Contest Map Page – LVCCW Level 1 Hall 1-403 (Tin Foil Hat Contest)

Want to protect your noggin from government mind control rays? Have you angered our new AI Overlords, and now need to hide? Maybe those alien brainwave blasters just have you feeling down lately? Or do you just want to do something fun and forget about the world’s woes for a while? Fear not, for we here at the Tin Foil Hat Contest have your back for all of these! Come find us in the contest area, and we’ll have you build a tin foil hat which is guaranteed to provide top quality protection for your cerebellum . How you ask? SCIENCE!

Show us your skills by building a tin foil hat to shield your subversive thoughts, then test it out for effectiveness.

There are 2 categories: stock and unlimited. The hat in each category that causes the most signal attenuation will receive the “”Substance”” award for that category. We all know that hacker culture is all about looking good though, so a single winner will be selected for “”Style””. We provide all contestants a meter of foil, but you’re welcome to acquire and use as much as you want from other sources.

This year is dedicated to our brother & contest creator, Flirzan. We’ll never forget drunkenly hashing this out on a napkin with you at DEFCON many years ago. Rest in peace, we miss you friend!

#### Participant Prerequisites

We supply the base materials to participate. Contestants are welcome to bring additional foil if they desire.




Um, ACKtually

Contest Map Page – LVCCW Level 1 Hall 1-100 (Contest Stage)

When:  Friday, Aug 7, 16:00 – 17:59 PDT

Um, ACKtually is returning for it’s 2nd year at DEF CON 34! If you’ve ever seen the popular Dropout TV game-show “Um, Actually”, then you know exactly who we stole this idea from.

Three contestants will compete for the Pedantic Hacker crown, providing corrections for (just barely) incorrect statements given by the hosts about everything from general technology, cyber security, and overall nerd culture. We will chum the waters of the question pool with red herrings and wrong turns while the sharks circle to be the first to answer “WELL, UM ACKTUALLY…”.

Um, ACKtually celebrates everything hacker culture was built on. Community knowledge share, deep subject matter expertise of niche topics, and an almost orgasmic feeling of superiority at correcting someone else’s mistakes, live and in public.




Untechnical

Contest Map Page – LVCCW Level 1 Hall 1-103 (Untechnical)

In the age of AI hacking is reclaiming itself as more a mindset than strictly technical skill. If you’re a DEFCON attendee that lack the technical skills to compete in traditional hacking challenges, but still love thinking outside the box: untechnical is for you.

Untechnical is a contest designed to rely 100% on lateral/abstract thinking without needing anything beyond an understanding of high school math.

#### Participant Prerequisites

Need to understand basic math and enjoy thinking outside the box. Oh, and you need an email address.

Links:
    Website – https://www.untechnical.app/



Venator Aurum

Contest

Venator Aurum is a puzzle-driven CTF adventure where your mind is your greatest weapon and every challenge tests the limits of your cybersecurity knowledge and critical thinking skills. Each cipher you decrypt, each puzzle you solve, each anomaly you uncover is part of a larger design. Hidden threads weave through the challenges, forming an overarching meta-puzzle, a carefully constructed labyrinth that only the most observant and clever hackers can escape. The deeper you go, the clearer the pattern becomes, until suddenly, everything connects.

Whether you’re brand new to cybersecurity or already sharpening your skills, Venator Aurum is built to challenge and teach in equal measure. You’ll explore cryptography, reverse engineering, hardware mysteries, and mind-bending logic puzzles – all crafted to reward creativity, persistence, and lateral thinking.

This is more than a competition – it’s a digital treasure hunt.

#### Participant Prerequisites

Laptop preferred but not required. Can use a smartphone. Only real requirement is willingness to think outside of the box from traditional CTF norms

Links:
    Website – https://venator-aurum.com/



Whose Slide Is It Anyway?

Contest

DEF CON 34 marks an entire DECADE of “Whose Slide Is It Anyway?”” being the unholy union of improv comedy, hacking, and slide deck sado-masochism. We are the embodiment of the hacker battle cry “”FUCK IT, WE’LL DO IT IN PROD.””

For the last 10 years, our team of slide monkeys have created a stupid amount of short slide decks on whatever nonsense tickles our fancies. Slides are not exclusive to technology, they can and will be about anything. Contestants will take the stage and choose a random number corresponding to a specific slide deck. They will then improvise a minimum 5 minute / maximum 10 minute lightning talk, becoming instant subject matter experts on whatever topic/stream of consciousness appears on the screen.

But….why?

Because for us, the stage is hallowed ground and since stupidity can’t be stopped, we decided to weaponize it. Whether you delight in the chaos of watching your fellow hackers squirm or would like to sacrifice yourself to the Contest Gods, it’s a night of schadenfreude for the whole family.

Links:
    Website – https://forum.defcon.org/node/233493