Capture the Flag
Break the Curse. Capture the Flag.
Year 13 at BSides Tampa. The CTF is where the curse gets broken. Twenty challenges. Five categories. One leaderboard that doesn't care about your luck.
What is a CTF?
Capture the Flag is a cybersecurity competition where you solve security challenges to find hidden “flags” (proof that you cracked the problem). Challenges span web exploitation, reverse engineering, cryptography, forensics, and pwn, with difficulty levels ranging from beginner to expert.
First CTF? The early problems were built for you. Find the Krewe and we'll point you at a starter challenge. Fiftieth? The late game is waiting. It won't be kind.
Challenge Domains
Five Categories. Twenty Flags.
Web Exploitation
SQL injection, XSS, authentication bypasses, and modern web app vulnerabilities.
Reverse Engineering
Binary analysis, disassembly, and understanding compiled code to find hidden flags.
Cryptography
Breaking ciphers, exploiting weak implementations, and classical crypto challenges.
Forensics
Disk images, memory dumps, network captures, and digital evidence analysis.
Pwn / Binary Exploitation
Buffer overflows, format strings, ROP chains, and low-level exploitation techniques.
“CTF was amazing. Made the entire day.”
- BSides Tampa 2025 participant
Since 2016
A Decade of Terminals and Flags.
Accessible to start, competitive to finish
Never done a CTF before? We try to make the early challenges approachable, and you'll find people willing to help you get started. But it ramps up. The later challenges are designed to test experienced competitors.
Solo or with a team. Prizes for top finishers. No salt shakers, no rabbit's feet, no four-leaf clovers. Just you, your terminal, and a leaderboard that doesn't care about your luck.
Lift the hex. Capture the flag. Break the curse.
CTF Lead
Trey Bilbrey
Questions about the CTF? Jump into our Discord and ask away. Our CTF Krewe and community are happy to help.