First Place
mixy1
🇲🇹 Malta
Second Place
ENDPOINTLISTADDR
🇩🇪 Senior
Third Place
Pepe
🇩🇪 Senior
Caution
Web
Authentication Service System v4.5.5 Enterprise Edition: Providing a firm foundation for your backend security
Just a simple enterprise-ready database REST API.
Our knowledge base is now ready for the AI age! We're using this new shiny embedding vector database for it, so there should be no way to exploit our app, right?
Dino Bank has setup a test server so e-banking is going to be less painful when going prod!
DinOData gives developers instant access to rich, structured dinosaur data through a fast, modern interface.
You've never touched web hacking before? Learn what happens when you hit Enter in your browser's address bar.
Now that you have a rough grasp on the basics, take a closer look at HTTP request manipulation with ZAP.
Reverse Engineering
Just in Time to deliver a Crypto Rev challenge!
A harder reverse engineering challenge based around a gaming console from an earlier generation.
A reimplementation of part of the DRM behind Tinfoil, a homebrew application for the Nintendo Switch.
Roses are red, violets are blue, I hate computers and so should you.
A sleek Go backup tool saved product codes, books, payment card details, and maybe something more valuable.
A gentle introduction to reverse engineering x86_64 binaries on Linux.
The password is encoded and cannot be found in plaintext. Figure out the right password.
A mystical chart from a spell book might be cursed.
Pwn
Bootloaders and Image Parsers ...
Something's wrong with the brontosaurus powering Fred's car. Find the reset code for the Dino Control Unit.
A patched pwn challenge where the win function doesn't print the flag anymore.
Use a format string to write memory and get the flag.
You are in Qemu and the flag is outside. Remote debugging access is provided.
An Android app lets you excavate secrets buried at the bottom of the app.
Miscellaneous
Captured CAN signals from a device need to be decoded, even though the tooling may lie about the true data.
Welcome C#, do your magic.
..NETT hier. Aber waren Sie schonmal in `../`?
I wonder what this flag does, let's just turn it on.
A developer SaaS allows devs to run `strings` in the cloud.
Rules rules ...
Visualizing trends in species, eras, and discoveries of dinosaurs with Grafana.
Did you read the CSCG 2026 rules?
Cryptography
Encrypted dinosaur designs are uploaded so anyone can verify dinosaur-grade cryptography.
What is this non(c/s)ence everyonce is taking about?
A simple, but insecure MAC scheme protects user-controlled data.
Just guess the flag. If you don't, it makes me sat.
Look at this punky hash. Can you crack it?
A transcript of quantosaurus mating calls uses a post-quantum secure communication protocol known as RAWR.
The flag is embedded in one of the prime factors of the RSA modulus.
An impossible guessing game: guess correctly 25 times in a row to collect a prize.
Forensics
Learn a little bit about Wireshark, filters, protocols, and captured network traffic.
A hidden service was captured. Recover the secret order.
A ransomware variant messed up image files. Recover the image by understanding the file format.
Wireshark in monitor mode captured traffic while playing Super Mario Maker 2.
Game Hacking
