Offical URL: https://ctf.bsidessf.net/

The BSidesSF CTF will be kicking off at 2026-03-20 16:00:00 PDT (2026-03-20 23:00:00 UTC and will run until 2026-03-22 16:00:00 PDT (2026-03-22 23:00:00 UTC). You can register to play at https://ctf.bsidessf.net/register. We have Crypto, Forensics, Web, Mobile and Pwn challenges spread across all difficulty levels.

If you are new to playing CTFs and would like to find folks to play with, check out the "find-a-team" channel on our [Discord](https://discord.gg/dCFQ5XAaQC).

If you are planning to attend BSidesSF in person, you can play our onsite challenges that involve QR codes and lock-picking when the main con kicks off on Saturday (04/26/2025).

Teams must be onsite to be eligible for prizes, 1 Amazon gift card per team -

* 1st prize - 1500$

* 2nd prize - 750$

* 3rd prize - 250$

Looking forward to watching you solve our challenges! Good luck and have fun!

* Start: 2026-03-20 16:00:00 PDT (2026-03-20 23:00:00 UTC)
* Stop: 2026-03-22 16:00:00 PDT (2026-03-22 23:00:00 UTC)

no logo

CTF events

NameWeight
BSidesSF CTF 202625.00
BSidesSF 2025 CTF25.00
BSidesSF 2024 CTF0.00
BSidesSF CTF 202335.00
BSidesSF 2022 CTF23.94
BSidesSF 2021 CTF23.94
BSidesSF 2020 CTF25.00
BSidesSF 2019 CTF25.00
BSidesSF CTF 20180.00
Related tags: web pwn xss php trivia crypto stego rop sqli forensics base64 android python pcap xor rsa z3 bruteforce urlencode aes exploitation misc pwnable re mobile joy exploit steganography programming c c++ reverse engineering hacking nothing networking injection engineering shell bash packet analysis algorithms ai stuff network guessing libc network hacking game linux all tetris sqlinjection lfi socket miscellaneous caesar csrf blind servers systems nmap enumeration code-analysis shellcode pwntools ajax decryption hashcat cloud ciphertexts dos cookies owasp hex vulnerability crytography cbc luks cryptanalysis knapsack lll ecb heap call for food proxy cookie video scanning c reverse cryptography heap-overflow reversing dtmf rev easy kali forensic binary - ecc curves rever memory websocket cryptography-rsa aes-cbc osint web200 ssti apktools rsa-crypto webshell csp beginner bitflipping format-string csaw blockchain decompile baby python3 stack_overflow stackoverflow csp-bypass search sse cssinjection url_parse mersenne urldecode python-exploitation kubernetes pohlig-hellman cve ritsec scraping randomness xxe __free_hook tcache-poisoning inspect-element johntheripper masterkey tcache_perthread_struct stack-buffer-overflow zaj 101 canary gcp codereview devsecops industrial beginner_friendly tamilctf ☆☆☆☆☆ location on-site