HackerOne

Creating a CTF: The Success of Flag Hunt Bangladesh

Flag Hunt Banner

Remonsec shares how online challenges with fellow hackers turned into a massive event


About the CTF 

Flag Hunt 2022 CTF was the first ever two-stage event in Bangladesh, where the qualification round took place online among 159 teams and 30 finalist teams participated onsite. Under the banner of CTF Community Bangladesh, a management team of various security specialists from the infosec community oversaw the event. The top teams would compete for monetary prizes, course vouchers, and swag items! 

flag hunt winners


Flag Hunt Winning Teams



Who are the creators/founders of the CTF? 

 In 2019 Amir Hamza (mr_vill4in) posted a challenge online that Remon (remonsec) solved and shared with his fellow researchers. After sharing, Antu (0xAntu), Tasdir (tasdir_x ), Rasel (Mdrasel1230), and Rahat (binsec01) became involved by posting various CTF challenges that others could solve. This trend of CTF development became the catalyst for the formation of CTF Community of Bangladesh. In our yearly event, we receive fantastic support from researchers like Rayhan (Rayhan0x01), Tahsin (SMHTahsin33), and many more. We want to thank everyone who helped us to become what we are now.

What inspired you to create this CTF? 

We enjoyed participating in international CTFs, such as the H@cktivityCon CTF by HackerOne and NahamCon CTF (with another CTF scheduled for December 17th). They inspired us to create an event like this on a national level to encourage more hackers to join cybersecurity and grow the local community more. 

Flag Hunt Community


Flag Hunt Group Photo



What challenges did hackers get to solve? How many challenges were there? 

The challenges solved by the hackers were all built to simulate real-world cybersecurity scenarios. The challenge categories included web, forensics, mobile, binary exploitations, crypto, and OSINT. There were 35 challenges in the qualification round and another 25 in the finals. 

How much time went into planning this event? 

It took two months to plan and organize this event. In the end, the CTF was a success with the determined efforts of bug bounty hunters, security engineers, and a handful of volunteers from the community. The meetings we held collectively pushed an idea into reality. 

Flag Hunt from above


Flag Hunt Teams in Action 



What advice do you have for people running events like these? 

We should remember that mistakes are bound to happen while organizing events like this. But we can learn from those mistakes and make them better each year.

I learned that clear communication is integral when hosting live events! One miscommunication can lead to a snowball effect of confusion. It happened to our internal team at one point. We learned that it is essential for everyone to be clear on their roles and to be able to follow the lead. This stability will lead teams to align and make the right moves.

How did HackerOne get involved/support the event? 

We have seen HackerOne organize CTF events, and they always support the events that help the community grow. The local community had direct communication with HackerOne via their brand ambassador program. We thank HackerOne for supporting this event by sponsoring us!
Flag hunt sign-in


HackerOne Sitting Front and Center at Flag Hunt CTF


 

The Ultimate Guide to Managing Ethical and Security Risks in AI

AI Ebook