We don't want to have to enforce restrictions on you, but there are a few things we would like to politely ask you not to do:

  1. Please do not attack the competition infrastructure or other players. The challenges are your targets. That's it.
  2. You do not need to use automated scanners like sqlmap, DirBuster, nmap, Metasploit, nikto or others. Please do not use them against the challenges.
  3. Please do not brute-force flags.
  4. Please do not share flags with other players, or explicitly and deliberately cheat.
  5. Please do not blatantly ask for hints. The proper to way to ask for help is to explain what you have tried and showcase(in a direct message) what errors or output you may have.
Flag Format

Flags for this competition will follow the format: flag\{[0-9a-f]{32}\}. That means a `flag{}` wrapper with what looks like an MD5 hash inside the curly braces. If you look closely, you can even find a flag on this page!


For admin support in the case of any technical issues, please join the NahamSec Discord server:

You should find a #ctf-general channel in the NahamCon 2024 category and direct your questions there. When your question requires discussing a specific challenge, please direct message one of the challenge authors as noted in the challenge description.


Patchstack Logo Zoom
YesWeHack Flare Snyk
blank_space HackingHub Intigriti paranoids pentesttools plextrac blank_space