Who can participate

The CTF is open to everyone. If you are interested in cybersecurity, this is the challenge for you. Every team, and each of its members, must be registered to participate in the event. You may register from October 16th to October 27th. Please check out the prize conditions section if you or any member of your team are interested in winning any prizes.

Team Composition

You can participate in teams of 3 people. There will be, at most, 15 teams.

When to participate

The CTF event will be held on October 28th at 10:00h. It is scheduled to end at 18:00h in the same day.

Where to participate

This CTF is an in-person event. If you want to participate, you must be present during the competition at the designated location.

The competition will be located at the Faculty of Engineering of the University of Porto, in room B215.


The three teams with the highest score, at the end of the CTF, will receive the following prizes:

  • 1st place: 100€ FNAC offer card (per team member)
  • 2nd place: 75€ FNAC offer card (per team member)
  • 3rd place: 50€ FNAC offer card (per team member)
Please check out the prize conditions section if you or any member of your team are interested in winning any prizes.

Flag Format

In all of the challenges, the flag you submit should be in the format SINFCTF2023{some_lowercase_ascii_text_here}.

Prize conditions

Prizes will be awarded to the three teams with the highest score at the end of the CTF. In the case that two or more teams finish the competition with the same score, the time at which the last flag was submitted will be used to determine the winner.
Prizes will only be awarded to teams, whose members are currently enrolled in a higher-education institution in Portugal.
If you are awarded any prize, you must prove your student status with proper documentation (proof of tuition payment, enrolment certificate, or other). Failure to do so means you will not receive the prize.
The prizes will be handed over at the closing ceremony of SINF 2023, held on October 31st at 17:30.

Code of Conduct

Attacks against the infrastructure of the CTF (website and challenges) will not be tolerated. These attacks include denial-of-service (DOS), floods, DNS poisoning, ARP spoofing, MITM, and others. Participants who do not respect this rule will be disqualified.
Interfering with other teams' problem-solving ability, including spying, eavesdropping, distracting, etc., will result in team disqualification. Sharing flags, exploits, and tips during the CTF is strictly forbidden.
Be respectful to all the competitors. Inadequate comments will not be tolerated.
Wrongfull or ill-intended behaviour will result in deduction of points on your SINF website profile and might result in disqualification.


Not being possible to list all the rules and exceptions to them, every participant should use common sense in the analysis of the situations provided above. In the case of any doubt, you should contact the organization for further clarification.


Register now!