XpandCTF 2024
π‘οΈ XpandCTF β Highlights
Location: Dead Sea, Jordan
Date: May 11, 2024 (Finals)
Qualified Teams: Top 10 from Online Qualifiers
Duration: 6 hours
Format: Real-life Boot2Root – team-based attack simulation
Topics Covered: Full infrastructure compromise including Active Directory, Web, Pwn, Reverse Engineering, Forensics, OSINT, Privilege Escalation & Lateral Movement
Audience: University students & professionals
Total Prizes: $6,000
Access: Finals held onsite during Day 1 of XpandConf
βοΈ Finals Structure:
- π Each team received access to their own isolated vulnerable infrastructure
- π§ Teams had to gain root access, collect flags, and chain multiple vulnerabilities
- 𧩠Realistic environments to simulate penetration testing under pressure
- π Live scoreboard with continuous flag tracking and instance health checks
- β³ 6-hour race to fully compromise targets
π Top 4 Winning Teams:
| Place | Team Name | Prize |
|---|---|---|
| π₯ 1st | CBL X CarGeine | $2,500 |
| π₯ 2nd | PwnSec | $1,500 |
| π₯ 3rd | M0tH3r5h1p | $1,000 |
| π 4th | 0xL4ugh | $1,000 |
π― Purpose & Impact:
- Encourage red teaming, critical thinking, and post-exploitation skills
- Promote offensive security learning through real-world scenarios
- Engage & reward top cybersecurity talent across the region
- Bridge the gap between theory and practice