HITB-WGMY GSEC Capture the Flag

Registration Closed


This year, HITB-WGMY GSEC CTF will be co-organized by WARGAMES.MY League from Malaysia! A Jeopardy Style CTF Competition is planned for the 29th and 30th of August alongside the conference. The competition will be hosted on-site, utilizing the WGMY Platform developed by WARGAMES.MY. A maximum of 20 teams (with no more than 3 players per team) will be competing for the grand prize over the 2 days of the game (Day 1: 10:00SGT to 18:00SGT, Day 2: 10:00SGT to 16:00SGT). The contest will be hosted in the FREE TO ACCESS CommSec area of the conference, therefore you do not need to be a paid conference delegate in order to compete.


The Jeopardy-Style HITB-WGMY GSEC CTF will use a dynamic scoring model. For starters, each team will be provided with 3 randomly given challenges. Each challenge will start at 500 points and will be dynamically adjusted by the “dynamic scoring system” based on the number of solvers. Let’s say one challenge has been solved by team A, they will get full 500 points. Then, if team B solves the same challenge, the 500 points will be shared between the two teams and resulted in 250 points on each team.

A new challenge will be randomly released for every solved challenge. If any team wants a new challenge beforehand, they need to buy it on the “Challenge Market” – prices range from full price (100 points) for unsolved challenges to half price (50 points) for solved challenges. After 3 hours of non-activity on the scoreboard, the organizer will provide one challenge randomly for free to each team. This is to prevent a stagnant game.

All transactions considered as final and non-refundable. At the end of the competition, the team with the most points will be crowned as the winner. In case of multiple teams with equal scores, the team that reached the score earlier will ranks higher.

P/S: The CTF network will be isolated from the rest of the conference network, and we will NOT provide internet access. However, you are free to use the HITB conference wireless network or get your own dedicated internet.

Registered Teams

  1. z3r0_n1ght (Vietnam)

  2. PDKT (Indonesia)

  3. MP_Underlords (Vietnam)

  4. one (Vietnam)

  5. T0X1C V4P0R (Singapore)

  6. Cloud9 (Malaysia)

  7. hackers_in_town (India)

  8. ISITDTU (Vietnam)

  9. HCL Team (Vietnam)

  10. chicken RCE (Singapore)

  11. Brutal_Cupcake (Singapore)

  12. f3rn (Malaysia)

  13. Ice Bear Reprise (Singapore)

  14. efiens (Vietnam)

  15. team_crayons (Singapore)

  16. PetCatGetFlag (Malaysia)

  17. BlueKeep (Malaysia)

  18. A68 (Vietnam)

  19. ambuyat.io (Brunei)

  20. SKR (Malaysia)


1st place team will be flown to HITB⁺CyberWeek to compete in HITB PRO CTF


CTF Main Sponsor & Prize Sponsor


Things to Bring (for on-site teams)

  • Laptops
  • Network cables
  • Extra power sockets/power gangs.
  • (optional) 4G Router for your own dedicated Internet access


We try hard to keep the competition as free and exciting as possible; however, we do require teams to adhere to a few simple rules:

  • Show up on time or you’ll miss the briefing
  • No cooperation between teams with independent accounts. Sharing of flags or providing revealing hints to other teams is cheating, don’t do it.
  • No off-the-shelf automated scanning tools such as Nessus, OpenVAS, etc. It’s useless and we’ll kick you out for being lame
  • No attacking the competition infrastructure. If bugs or vulns are found, please alert the competition organizers immediately
  • Absolutely no sabotaging of other competing teams, or in any way hindering their independent progress.
  • No brute forcing of challenge flag/keys against the scoring server
  • DoSing the CTF platform or any of the challenges is forbidden
  • All participants must obey to PIT STOP calls. PIT STOP calls are rest intervals where all the players must leave the CTF area to facilitate for the CTF Crew to perform maintenance work. Teams who don’t adhere to the rules will be penalized or disqualified from the competition.

Final Organizers




Questions? Send them to overlord@wargames.my