President's Cup Cybersecurity Competition VI

"Established in response to Executive Order 13870 , the President's Cup Cybersecurity Competition is a national cyber competition aiming to identify, recognize, and reward the best cybersecurity talent in the federal executive workforce. Hosting challenges from across the National Initiative for Cybersecurity Education (NICE) Cybersecurity Framework, competitors will face a diverse array of challenges and will require an extensive skill set to succeed."
- President's Cup VI

I am working with Ops Tech Alliance on developing security challenges for the President's Cup, Season 6. The entire repository of PCCC challenges and their solutions can be found on GitHub: https://github.com/cisagov/prescup-challenges

Below are the now publicly available challenges that I developed for the competition.

Round 2 Teams

Car-tastrophe
- My first challenge. It was inspired by a vulnerability discovered in the Nissan Leaf several years ago.
Finsta
- A straightforward web exploitation challenge. The challenge involves exploiting several vulnerabilities on a fake social media site.

Finals Teams

Weak Web Warnings
- A web challenge using simple vulnerabilities, but with small caveats that add a lot of complexity. Includes SQL Identifier Injection!

Finals Individuals A

The Modfather
- An ICS challenge that tasks you with using an OPC UA server to defend several Modbus devices

Finals Individuals B

Kessel Run
- A Star Wars-themed challenge that tasks you with creating a novel multi-layer HTTP smuggling attack.
va_list Adventure
- A small choose-your-own adventure game written in C. Vulnerable to a buffer overflow attack that allows you to corrupt the va_list struct.

Page updated

Google Sites

Report abuse

President's Cup Cybersecurity Competition VI​

Round 2 Teams

Finals Teams

Finals Individuals A

Finals Individuals B

President's Cup Cybersecurity Competition VI