Indomitus CTF 2025: Premier Cybersecurity Competition

Competition Overview

Indomitus CTF 2025 was a premier cybersecurity competition held as part of PING 2025 at KEF Auditorium from March 28 to March 30, 2025. This intensive 48-hour offline Capture The Flag (CTF) competition brought together cybersecurity enthusiasts from leading institutions across India for an intense test of technical skills, problem-solving abilities, and teamwork under pressure.

Venue and Duration

• Location: KEF Auditorium, MIT Manipal
• Duration: 48 hours continuous competition
• Format: Offline team-based competition
• Dates: March 28-30, 2025

Participating Institutions

The competition attracted top talent from prestigious institutions including:

• MIT Manipal - Host institution
• MIT Bangalore - Sister institution
• PES University - Leading technical university
• Amrita University - Renowned for cybersecurity programs
• Jain University Bangalore - Strong computer science programs

Competition Statistics

• Total Teams: 20 offline teams
• Total Participants: Over 60 students
• Competition Domains: Multiple cybersecurity disciplines
• Prize Pool: ₹1,00,000 total in prizes

Competition Domains and Challenges

Web Security

• Web Application Security: Identifying and exploiting common web vulnerabilities
• OWASP Top 10: Practical implementation of security testing
• Injection Attacks: SQL injection, XSS, and command injection challenges
• Authentication Bypass: Breaking authentication and session management

Cryptography

• Classical Ciphers: Historical encryption techniques and their weaknesses
• Modern Cryptography: RSA, AES, and hash function challenges
• Cryptanalysis: Breaking encrypted messages and finding keys
• Digital Signatures: Understanding and exploiting signature schemes

Digital Forensics

• Memory Forensics: Analyzing memory dumps for evidence
• Network Forensics: Examining network traffic for malicious activity
• File System Analysis: Recovering deleted files and hidden data
• Steganography: Finding hidden messages in images and files

Reverse Engineering

• Binary Analysis: Disassembling and understanding executable files
• Malware Analysis: Identifying malicious software behavior
• Code Obfuscation: Defeating anti-analysis techniques
• Protocol Reverse Engineering: Understanding custom network protocols

Penetration Testing

• Network Penetration: Identifying and exploiting network vulnerabilities
• Privilege Escalation: Gaining higher system privileges
• Social Engineering: Human-based attack simulations
• Red Team Scenarios: Complex multi-stage attack simulations

Competition Format and Rules

Team Structure

• Teams comprised of 3-4 members
• Mixed skill levels encouraged to promote learning
• Cross-institutional team formation allowed
• Faculty mentors permitted for guidance

Challenge Design

• Realistic Scenarios: Challenges designed to simulate real-world cybersecurity incidents
• Progressive Difficulty: Easy to expert level challenges in each domain
• Creative Problem-Solving: Unique challenges requiring innovative approaches
• Time Pressure: Designed to test performance under stress

Scoring System

• Points awarded based on challenge difficulty and completion time
• Bonus points for creative solutions and detailed writeups
• Penalties for incorrect submissions in certain categories
• Real-time leaderboard updates throughout the competition

Competition Highlights

Opening Ceremony

• Welcome address by competition organizers
• Detailed briefing on rules and regulations
• Team introductions and networking session
• Access to private competition rooms for focused problem-solving

Technical Infrastructure

• Isolated Network Environment: Secure competition network setup
• Challenge Hosting: Robust infrastructure to handle multiple teams
• Monitoring Systems: Real-time performance and security monitoring
• Support Team: Technical support available throughout the competition

Learning Environment

• Knowledge Sharing: Encouraged collaboration and learning
• Mentorship: Industry professionals available for guidance
• Documentation: Teams encouraged to document their approaches
• Post-Competition Analysis: Detailed solution discussions

Prize Distribution

Top Three Teams

• 1st Place: ₹35,000
• 2nd Place: ₹25,000
• 3rd Place: ₹15,000

Recognition Awards

• Next Three Teams: ₹5,000 each
• Special Recognition: Outstanding performance in specific domains
• Innovation Awards: Most creative solution approaches

Skills Developed

Technical Competencies

• Vulnerability Assessment: Identifying security weaknesses in systems
• Exploit Development: Creating proof-of-concept exploits
• Incident Response: Responding to simulated security incidents
• Tool Proficiency: Mastering industry-standard security tools

Soft Skills

• Teamwork: Effective collaboration under pressure
• Time Management: Prioritizing tasks in time-constrained environments
• Problem-Solving: Creative approaches to complex technical challenges
• Communication: Documenting and presenting technical findings

Career Preparation

• Industry Exposure: Understanding real-world cybersecurity challenges
• Network Building: Connections with peers and industry professionals
• Portfolio Development: Practical experience for resumes and interviews
• Certification Preparation: Foundation for advanced cybersecurity certifications

Industry Relevance

Real-World Applications

The challenges were designed to mirror actual cybersecurity scenarios faced by organizations:

• Corporate Security: Protecting enterprise networks and data
• Critical Infrastructure: Securing power grids, transportation, and healthcare systems
• Financial Services: Protecting banking and payment systems
• Government Security: National cybersecurity challenges

Career Pathways

Participants gained insights into various cybersecurity career paths:

• Penetration Testing: Ethical hacking and security assessment
• Incident Response: Managing and recovering from security breaches
• Security Research: Developing new security technologies and techniques
• Compliance and Risk: Managing organizational security policies

Connection to PING 2025

Indomitus CTF 2025 perfectly complemented PING 2025's focus on cybersecurity and digital transformation. While the main event featured expert talks and workshops on cybersecurity trends, the CTF provided hands-on practical experience, allowing participants to apply theoretical knowledge in realistic scenarios.

The competition demonstrated the practical importance of cybersecurity skills in an increasingly digital world, aligning with PING 2025's mission to prepare students for the challenges of Industry 4.0 and beyond.

Legacy and Impact

Educational Impact

• Skill Development: Participants gained valuable hands-on cybersecurity experience
• Awareness Building: Increased understanding of cybersecurity importance
• Career Guidance: Exposure to cybersecurity career opportunities
• Network Formation: Long-lasting professional relationships formed

Institutional Benefits

• Reputation Building: Enhanced MIT Manipal's profile in cybersecurity education
• Industry Connections: Strengthened relationships with cybersecurity companies
• Student Engagement: Increased interest in cybersecurity among students
• Knowledge Exchange: Facilitated learning between institutions

Future Implications

Indomitus CTF 2025 established a new standard for cybersecurity competitions in India, demonstrating how academic institutions can create meaningful learning experiences that bridge theoretical knowledge with practical application. The competition's success paved the way for future events and collaborations in cybersecurity education.

The event's emphasis on ethical hacking, responsible disclosure, and collaborative learning reinforced the importance of developing cybersecurity professionals who can protect digital infrastructure while maintaining the highest ethical standards.