HSCTF 4 is here! Ending on Saturday at Noon EST!

HSCTF is an international online hacking competition designed to educate high schoolers in computer science.
Teams of up to 5 students will be challenged to....

Crack Codes

Reverse Engineer

Design Algorithms

Master The Internet



About $1000 distributed to the top 3 teams, and medals/trophies and t-shirts for the top 10 teams

What is a CTF?

CTF stands for "Capture the Flag". CTFs are a type of computer security competition (but HSCTF extends beyond computer security to include other areas of computer science). Certain pieces of information, called "flags", are placed on servers, encrypted, hidden, or otherwise stored somewhere difficult to access. During the competition, different challenges are released which allow the participants to reverse engineer, break, hack, decrypt, and do whatever it takes to capture that flag. When a team submits this flag to a scoring page, they will get points.

What is HSCTF?

HSCTF ("High School Capture the Flag") is the first CTF designed by high schoolers for high schoolers.

Unlike other CTFs, HSCTF isn't purely about computer security. It extends the CTF model of competition to other areas of computer science such as the design and analysis of algorithms and programming languages. Each challenge will still have a flag, and most of our challenges will fall into the traditional CTF categories of cryptography, reverse engineering, programming languages, forensics, and recon.

Capture the Flag (CTF) competitions are traditionally targeted at college students or industry professionals. HSCTF is a CTF designed for younger students who might be interested in computer science.

Our primary goals are to educate students in computer science, and to increase their interest in computer science.

Who can compete?

The competition is open to middle school and high school (6th to 12th grade) students from the United States. Teams can be composed of 5 or fewer students.

There will be a non-competitive division for all participating teams who are disqualified by the above rules.


We love computer science and CTFs. Competing in CTFs is one of our favorite things to do; unfortunately, there aren't many CTFs out there for high schoolers. We found that we learned a lot about computer security very quickly by particating in CTFs. HSCTF will teach participants about other areas of computer science as well. HSCTF is meant to follow up on the success of picoCTF.


HSCTF will take place entirely online at this website. Once the competition starts, teams will be able to log in and view the challenges using the team name and password provided at registration, which will be open throughout the competition. Participants may find it useful to have the ability to install software and have unfiltered internet access.


May 20th to May 27th 2017

Will it be difficult?

Challenges will vary widely in difficulty. We expect some challenges to be solved by every team, and others to be solved by only a few teams or even none. Teams should be potentially capable of performing very well in this competition with no CTF experience. We hope HSCTF will be a fun, educational experience for all competitors.

What resources do I need to compete?

Full participation in the competition requires only a computer with a modern web browser (Firefox, Chrome, Opera, Safari, Internet Explorer 9+, etc.) and the ability to install applications.

How is it scored?

There will be several dozen challenges, each worth a fixed number of points based on its difficulty. When you solve a problem, you send your answer (or 'key', or 'flag') to a scoring server, which adds the problem's value to your team's score. At the end of the competition the team(s) with the highest scores are the winners. Time will be used as a tiebreaker.

What constitutes cheating?

Partipants in HSCTF must abide by a few common sense rules that ensure the competition is fair. These rules are copied from picoCTF's FAQ: Attacking the scoring server, other teams, or machines not explicitly designated as targets is cheating. This includes both breaking into such machines and denying others access to them (for example, by altering a key or ping-flooding). Sharing keys or providing overly-revealing hints with other teams is cheating, as is being directly assisted by personnel outside the team (using tools from the internet is OK; asking people on the internet to help you solve the problem is not). We encourage you to solve problems in novel and creative ways using all available resources, but we do require that you solve them yourselves.

Who is running HSCTF?

HSCTF is organized by students at West Windsor-Plainsboro High School North in New Jersey as part of its computer science club. HSCTF is lead by President Sammy Berger (12th grade), along with a team of dedicated helpers. The founders were Jacob Edelman, Alok Tripathy, Ben Edelman, Aaron Weiss, Ernest Chiu, and Aaron Berger.

Are there any related competitions?

Yes! Look at picoCTF, run by Carnegie Mellon University, and the qualification round of CSAW CTF, run by the New York University Polytechnic School of Engineering. We had a great time participating in both competitions. CSAW CTF is designed for undergraduate students, not high schoolers, but there is a high school division and the challenges are introductory.

USACO is a competition that includes algorithm problems.


Find our practice problems here.

Other Sample Challenges

Find the hidden flag for each challenge (solutions forthcoming)!


65 63 7a 76 6a 63 62 75 20 63 7a 20 71 6a 67 69 6d 77 7a 76 20 6c 6a 6d 20 65 63 70 74 2e 20 71 71 63 20 76 66 67 61 71 20 66 71 66 20 6f 20 73 64 67 66 20 72 71 70 2c 20 65 78 66 65 6d 20 76 76 75 68 20 75 71 6c 67 20 6b 6d 68 20 66 71 62 20 67 6f 65 6e 20 6c 71 20 6a 74 73 6d 7a 2e 20 61 20 63 75 20 6b 61 62 67 77 75 61 67 72 20 66 77 73 76 20 67 71 69 20 69 74 6a 67 20 69 64 7a 71 20 69 67 20 75 77 6e 6a 71 20 69 7a 6b 61 20 63 62 70 20 6e 67 77 20 6c 67 67 71 67 6e 67 20 62 6a 73 20 64 74 6f 63 7a 66 2c 20 6b 74 78 75 6a 20 71 75 20 68 74 74 20 73 70 61 79 73 64 20 69 67 20 76 70 67 20 64 64 64 74 6e 6d 6f 2e 20 68 74 74 20 63 67 67 20 6b 67 20 75 72 73 70 6a 74 33 6f 77 72 30 76 33 75 2e

Reverse Engineering

import java.util.Scanner;

public class SuperSecure {
  public static void main(String[] args) {
    Scanner in = new Scanner(System.in);
    String input = in.next();
    if(input.length() != 10) {
      System.out.println("LOL no");
    String changed = change(input);
    if(changed.equals("fvbl}bf334")) {
      System.out.println("The flag is: " + input);
    } else {
      System.out.println("LOL no");
   private static String change(String s) {
    char[] temp = new char[10];
    for(int i = 0; i < s.length(); i++) {
      temp[i] = (char)(s.charAt(i) + 3);
    return new String(temp);


recon image
Contact Us


[email protected]
[email protected]
[email protected]