LATEST
Registration is now open! Only Prince Sultan University students can participate.
ACM/Cyber-Tech CTF 2.0
HACK THE CHALLENGE. CAPTURE THE FLAG.
11DAYS
:
10HOURS
:
49MINS
:
41SECS
CHALLENGE CATEGORIES
/CAT_CRYPTO
Cryptography
Crack ciphers and decode hidden messages.
/CAT_WEB
Web Security
Exploit vulnerabilities in web applications.
/CAT_FORENSICS
Digital Forensics
Analyze files and memory dumps to find traces.
/CAT_OSINT
OSINT
Gather intel from publicly available sources.
EVENT SCHEDULE
APR 19
Recon & Web Proxies
APR 20
Access Control
APR 21
Injection Attacks
APR 22
Broken Authentication
APR 23
API Exploitation & File Attacks
APR 25
ACM/Cyber-Tech CTF 2.0 Main Event
PREPARATION WORKSHOPS
DAY 1
Recon & Web Proxies
Apr 19
TBD
Laying the ground
Recon, proxies, disclosure, discovery
Capture traffic and uncover hidden endpoints
DAY 2
Access Control
Apr 20
TBD
Weak authentication and authorization
Sessions, access control, privilege bypasses
IDOR and parameter tampering challenge
DAY 3
Injection Attacks
Apr 21
TBD
Exploiting vulnerable input handling
SQLi, command injection, SSTI
Exploit SQLi to extract lab data
DAY 4
Broken Authentication
Apr 22
TBD
Attacking the user through the browser
Brute force, reset tokens, session handling
Reset-token brute force and session proof
DAY 5
API Exploitation & File Attacks
Apr 23
TBD
Going deeper with APIs and server-side flaws
API exploitation, file upload, LFI/RFI
API challenge and local-file read exploit
LEARNING RESOURCES
CHALLENGE CATEGORIES
BEGINNER
Cryptography
50–300 pts
INTERMEDIATE
Web Security
100–500 pts
INTERMEDIATE
Digital Forensics
100–400 pts
ADVANCED
OSINT
200–600 pts
PRACTICE PLATFORMS
picoCTF
Great for beginners
TryHackMe
Guided learning paths
HackTheBox
Advanced practice
COMPETITION RULES
1.No attacks against the competition infrastructure. Target only the designated challenge instances.
2.Do not share flags or solutions with other participants during the competition.
3.Brute-forcing forms or SSH is strictly prohibited unless explicitly stated in the challenge description.
4.Any violation of these rules or university code of conduct will result in immediate disqualification.
5.Have fun, learn, and collaborate with your team members!
FREQUENTLY ASKED QUESTIONS
Do I need prior hacking experience?
∨
No! We provide preparation workshops prior to the event to teach you the basics.
Who can participate?
∨
Only students from Prince Sultan University can participate.
Is it a team or individual competition?
∨
You can compete as an individual or in a team of up to 4 members.
What should I bring?
∨
Your laptop, a charger, and your university ID. We'll provide WiFi and everything else you need.
HAVE A QUESTION? EMAIL US
acm@psu.edu.saABOUT THE EVENT
ACM CTF 2.0 is the premier cybersecurity competition hosted jointly by the ACM Student Chapter and the Cyber-Tech Club at Prince Sultan University's College of Computer and Information Sciences (CCIS).
Designed to challenge students in practical offensive and defensive security scenarios, the event aims to foster a community of passionate cybersecurity enthusiasts in Riyadh and beyond.
This event was built through a close collaboration between the ACM Club and the Cyber-Tech Club, with each team contributing a distinct part of the experience.
ACM Club
Together
Cyber-Tech Club
ACM Club
- Organized the event from end to end and created the cryptography challenges.
- Funded the prizes for the competition.
- Handled approvals, professor coordination, and the event website.
Cyber-Tech Club
- Designed the challenges.
- Wrote the workshop content.
- Facilitated the workshops.
The presidents of both clubs also played a shared role in facilitating communication and keeping coordination smooth between the two teams.
ORGANIZING TEAM
SA
Shoug Alomran
ACM Club
Liaison and Website Developer
SA
Sultan Alharbi
Cyber-Tech Club
Cyber Tech President
YH
Yawar Hayat
ACM Club
ACM President
TA
Turki Alhussain
Cyber-Tech Club
Challenge Designer
FA
Faisal Aldabesh
Cyber-Tech Club
Workshop Writer