OPEN SOURCE INTELLIGENCE CAPTURE THE FLAG
In the OSINT CTF, contestants are expected to obtain flags (pieces of information) about their targets (real humans of our choosing). Unlike most CTFs, you do not need a technical background to win -- just the Internet stalking skills of a scorned ex.
OSINT is about gathering freely available information. Under no circumstances should any of our volunteer “targets” feel victimized by the participants in this CTF. This contest focuses on the information-gathering skills of the contestant. Our goal as sponsors is to raise awareness about the vast amount of information shared by people and how this information can be used in a social engineering attack. Therefore, the following rules must be followed:
No paid search services can be used. All teams must be able to provide a URL for each flag submission upon requestion. We will spot check the winning teams and disqualify any source URLs that cannot be verified without requiring authentication beyond a generic LinkedIn, Spokeo, Twitter, Jigsaw, Flickr, Pastebin, shodan, or Facebook account that has no connection with any of the targets.
Teams are not allowed to call, email, or elicit information from the targets in ANY way.
CG Silvers Consulting reserves the right to disqualify any team that uses unethical means or disregards the intent of the contest.
Format does matter. Please read carefully and take note of the format for each flag.
Read instructions for each individual event, as some guidelines change with each contest (e.g., number of guesses).
At least one member of each team must be present at the awards presentation to win (see schedule below).
Upcoming OSINT CTFs
The OSINT CTF will be played Friday, September 17, 10-2 local time.
Time and space permitting, a panel of winners to discuss OSINT techniques will follow the contest.
Please check back often for an updated schedule, and let us know if you'd like to bring the OSINT CTF to a conference or event near you!
Below are some of the cool prizes that have been awarded at previous cons: