Penetration Testing Encyclopedia

In this competition, you will receive access to only one target. Sounds easy, right? Not so fast, this lab is designed for people interested in a penetration testing career and contains lots of vulnerabilities.

Can you spot them all? We can promise you a journey full of excitement and vulnerabilities that you will probably find over the years in your career.

You should set your goal to find as many issues as possible. We know of at least 15-25 vulnerabilities. 🙂

Goal of the Competition

/ Perform full penetration testing against this service.

/ Find as many vulnerabilities as you can and report them in the expected format. To give you an idea, the app has around 15 – 25 vulnerabilities (that we are aware of). 

/ Submit answers/flags whenever you find them.

/ Submit a write-up like a professional penetration tester does


/ You will receive one or more challenges at the start of the competition

/ From the 3rd day you can also ask for help on the official Discord Channel

/ The exercises are designed to take less than 3 hours to solve

Rules of Engagement

/ This competition is part of DefCamp’s Hacking Village 2021 activity series. You need to have a valid DefCamp ticket

/ Teams can have only one member.

/ No DDoS allowed

/ No sabotage of other players permitted

/ Do not attack the infrastructure. If you find a problem, please report to us.

/ Don’t ask for hints in private. We will only give hints that are available to all the teams.

/ For the final flags you are required to create a write-up.

/  Only the best can win


2021-11-22 09:00:00 UTC — 2021-11-26 12:00:00 UTC


The winners will be selected by raffle out of all players that solved all challenges or the best-ranked player at the end of the competition. 

The best write-up will also be awarded with a cash of 512 EUR

Grand Prize: PEN-200 course + 30 days lab access + OSCP exam certification.

Terms and conditions are here


Other Competitions

DefCamp Capture the Flag (D-CTF) 2022

DefCamp Capture The Flag ( D-CTF) is the most shattering and rebellious security CTF competition in the ..


Overview Back to Contests SpidersNet This a Capture the Flag event. Goal Goal of the Competition / Capture all..

Hack the Secure Open Vote Election Reporting ..

Overview Back to Contests Hack the Secure Open Vote Election Reporting System At DEF CON 26 BiaSciLab hacked ..

Sponsors & Partners

They help us make this conference possible.


At Orange Business Services, we help our customers transform their industries, reimagine their services, create a positive impact and unleash the power of their data into an amazing and trusted resource.

With the dual expertise as a global operator coupled with the agility of an end-to-end integrator, Orange Business Services is a global network-native, digital services company. From connectivity, smart mobility services and the cloud to artificial intelligence (AI), analytics and cybersecurity, Orange Business Services helps businesses at every stage of their data management. Orange Business Services is represented in Romania by the business division of Orange Romania and helps large companies, SMEs and public authorities to transform their organizations through the use of technology and digital information.

Platinum Partners

Gold Partners

pentest tools defcamp

defcamp 2022 booking holdings

Silver Partners

siemens defcamp 2022

huawei defcamp 2022

Bronze Partner

zitec defcamp