HKCERT Capture the Flag Challenge 2025

The "HKCERT Capture The Flag 2025," organized by the Digital Policy Office (DPO), the Hong Kong Productivity Council (HKPC) and the Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT), is now in its sixth edition and one of the largest cybersecurity contests in Hong Kong.

In recent years, cybersecurity has become one of the most in-demand and talent-scarce areas in the information technology sector. Positions such as "Penetration Tester," "Ethical Hacker," and "Red Team Operator" require in-depth knowledge in programming, cryptography, and network application systems.

Capture The Flag (CTF) contests are specifically designed to train the relevant mindset and technical skills. It includes four categories: Secondary School, Tertiary Institution, Open Category, and International Category. Participants must identify hidden vulnerabilities in environments modelled after real systems to breach security and capture "flags" to earn points.

These events are held globally to enhance security capabilities, with some even featuring world rankings to determine the best in the world.

In addition to the contest, the event offers various workshops and sharing sessions. Through these TechEd activities, students can improve their skills, while professionals can test their abilities and join global ethical hacker communities to deepen their expertise in cybersecurity.

Last year, the event attracted over a thousand participants, new formats have been added this year, it will be an exciting experience!

Release Date: 12 Nov 2025

Date:12 Nov 2025 - 6 Feb 2026

Organizer: Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT)
Hong Kong Productivity Council (HKPC)

Join now and get ready for the challenge!

CTF Contest Information

Registration Link

https://forms.hkcert.org/hkcertctf2025

Registration Deadline

The application deadline is 14 December 2025 (The Applicant’s registration will not be considered after the deadline)

Enquiry

Please contact our Ms Tracy Choy at +852 2788 5884 or [email protected].

“HKCERT Capture the Flag Challenge 2025” Award List

Awards	School / Team name
Secondary School Category
Gold Award	Sing Yin Secondary School
Silver Award	St. Louis School
Bronze Award	Diocesan Boys’ School
Best School Award	Sing Yin Secondary School
Tertiary Institution Category
Gold Award	Capture the Failures
Silver Award	icebird
Bronze Award	NuttyShell
Open Category
Gold Award	NuttyShell Purple
Silver Award	EICS1
Bronze Award	O1984 – Black Banana
Overseas Category
Gold Award	W&M
Silver Award	ChinaTelecom CyberSecurity Team
Bronze Award	AAA

ORGANISERS

CO-ORGANISERS

Partner

FULLY SUPPORTED BY

SUPPORTING ORGANISATIONS (In arbitrary Order)

Resources

Workshop 1 (2025) Recording

Content

1. Web: These involve hacking websites using common vulnerabilities like SQL injection and cross-site scripting (XSS).

2. Misc: This includes forensics, steganography, and other unique programming challenges.

3. Cryptography: Attack cryptosystems, which may involve encryption, decryption, and cryptanalysis.

Download Material

Web

Misc

Cryptography

Workshop 2 (2025) Recording

Content

1. Reverse Engineering: These involves analyzing a system to understand its components and functionality. It's used for software analysis, security research, and product development.

2. Pwn: This refers to exploiting software vulnerabilities to gain unauthorised access or control. It's used in CTF competitions, security testing, and malware development.

Download Material

Reverse Engineering

Pwn