Git-based CTF: A Simple and Effective Approach to Organizing In-Course Attack-and-Defense Security Competition

Website Maintenance Alert

Due to scheduled maintenance on Wednesday, October 16, from 10:30 am to 4:30 pm Pacific Daylight Time (UTC -7), parts of the USENIX website (e.g., conference registration, user account changes) may not be available. We apologize for the inconvenience.

If you are trying to register for LISA19, please complete your registration before or after this time period.


SeongIl Wi, Jaeseung Choi, and Sang Kil Cha, KAIST


Security competitions, a.k.a., CTFs, have never been easy to run for a classroom teacher despite there being considerable body of research on these events. It is often frustrating for teachers to organize and administer such an event as doing so requires significant time and human resource investments. Creating new problems for every CTF is challenging as there are many factors to consider while developing a CTF problem such as the difficulty level of each challenge. In this paper, we propose a simple, but effective approach that we refer to as Git-based CTF to hosting an in-class attack-and-defense CTF contest while minimizing the operational costs for teachers. We share our experience and lessons learned by organizing a Git-based CTF in KAIST.

Open Access Media

USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.

@inproceedings {219730,
author = {SeongIl Wi and Jaeseung Choi and Sang Kil Cha},
title = {Git-based {CTF}: A Simple and Effective Approach to Organizing In-Course Attack-and-Defense Security Competition},
booktitle = {2018 {USENIX} Workshop on Advances in Security Education ({ASE} 18)},
year = {2018},
address = {Baltimore, MD},
url = {},
publisher = {{USENIX} Association},
month = aug,