Offical URL: https://ctf.bsidessf.net/

The BSidesSF CTF will be kicking off at 4:00pm PDT 04/25/2025 and will run until 4:00pm PDT 04/27/2025. You can register to play at https://ctf.bsidessf.net/register. We have Crypto, Forensics, Web, Mobile and Pwn challenges spread across all difficulty levels.

If you are new to playing CTFs and would like to find folks to play with, check out the "find-a-team" channel on our [Discord](https://discord.gg/QxFf8crUPw).

If you are planning to attend BSidesSF in person, you can play our onsite challenges that involve QR codes and lock-picking when the main con kicks off on Saturday (04/26/2025).

Teams must be onsite to be eligible for prizes, 1 Amazon gift card per team -

* 1st prize - 1500$

* 2nd prize - 750$

* 3rd prize - 250$

Looking forward to watching you solve our challenges! Good luck and have fun!

no logo

CTF events

NameWeight
BSidesSF 2025 CTF25.00
BSidesSF 2024 CTF0.00
BSidesSF CTF 202335.00
BSidesSF 2022 CTF23.94
BSidesSF 2021 CTF23.94
BSidesSF 2020 CTF25.00
BSidesSF 2019 CTF25.00
BSidesSF CTF 20180.00
Related tags: web pwn xss php trivia crypto stego rop sqli hacking forensics base64 android python pcap xor rsa z3 bruteforce c++ reverse engineering forensic urlencode programming c engineering aes exploitation misc pwnable re mobile joy exploit steganography nothing networking injection shell bash packet analysis algorithms format-string ai stuff network guessing libc network hacking game linux all tetris sqlinjection lfi kali easy socket bitflipping miscellaneous caesar csrf blind rev dtmf servers systems rever nmap beginner enumeration csp webshell code-analysis baby shellcode pwntools - ajax decompile decryption hashcat cloud ciphertexts rsa-crypto dos apktools cookies ssti web200 osint aes-cbc stack_overflow blockchain reversing cryptography-rsa owasp websocket hex vulnerability crytography memory cbc curves luks heap-overflow ecc cryptanalysis python3 c cryptography knapsack lll reverse ecb csaw heap binary call for food proxy cookie video scanning stackoverflow csp-bypass search sse cssinjection url_parse mersenne urldecode python-exploitation kubernetes pohlig-hellman cve ritsec scraping randomness xxe __free_hook tcache-poisoning inspect-element johntheripper masterkey tcache_perthread_struct stack-buffer-overflow zaj 101 canary gcp codereview devsecops industrial beginner_friendly tamilctf ☆☆☆☆☆ location on-site