Rules and Details

Bogus “CyBRICS” events precaution

6 December 2022

⚠️ Please Note: competition runners of CyBRICS Capture The Flag 2019, 2020 and 2021 (SPbCTF community) have not announced any plans on holding CyBRICS in 2023.

If anyone invites you to support, endorse or take part in an event claiming to be “CyBRICS”, we advise against looking at previous years’ CyBRICS CTFs to gauge the new event’s level, and suggest treating it as a separate event with no prior history—previous showrunners and challenge developers are not associated with running that one.

More info on SPbCTF and ITMO University in 2022 →

What is it

CyBRICS is a computer security competition (CTF) organized in a cross-university effort by BRICS countries academia.

In 2021 the event is organized by ITMO University and run by SPbCTF crew: members of CTF teams More Smoked Leet Chicken, SiBears, PeterPEN, and independent experts.

What's a CTF

CTFs are competitive hacking events: like ACM ICPC, but in computer security. Teams get a number of tasks or challenges about cryptography, binary reverse engineering, web vulnerabilities, network security, digital forensics, etc — all the topics that computer security engineers work with.

Each challenge has a goal, e.g. find a vulnerability and extract the administrator's password from website database. Upon solving the challenge, team gets a flag — some secret string like cybrics{Th1S_i5_T3h_R34l_m1C_ch3CK_f1A6}. Team submits it in exchange for points. The team with most points, wins.

To be successful in a CTF, you basically need to know computer systems good and deep.

More info about CTFs on CTFtime website.

CyBRICS 2021

Sat, July 24th, 2021 10:00 UTC — Sun, July 25th, 2021 10:00 UTC (24 hours)

The competition is open to any teams, with any number of people.

Jeopardy Format

There will be 28 challenges assorted into seven categories:

  • Web — web technologies and vulnerabilities,
  • Forensics — analyzing data formats, logs and digital evidence,
  • Reversing — understanding the algorithm of an executable,
  • Network — messing with packets and examining packet dumps,
  • CTB — Crack-The-Box, getting code execution on a remote box,
  • Cyber and rebyC — miscellaneous challenges, everything else: cryptography, fun quirks, coding, etc.

Each category will have four difficulty levels: Baby, Easy, Medium and Hard.

Dynamic scoring will be used: the more teams solve a challenge, the less it will cost in the end.


1st place: 5 000 USD

2nd place: 3 000 USD

3rd place: 2 000 USD

In addition to cash prizes,

  • XCTF League gives the CyBRICS 2021 winner a spot in on-site XCTF Finals in China. It's a yearly event that clashes winners of multiple CTFs in an Attack-Defense competition for some good prizes. Place and date will be notified later.

Competition Rules

Don't Ruin the Fun for Players

CTFs allow using any means or tools to solve challenges and outperform other teams.

At the same time, some actions can break the fun for other people. For example:

  • Don't delete flags or break services. While organizers try to maintain challenge resilience, mistakes will be made. Instead of abusing them, report them to the orgas for kudos.
  • Don't share flags or ask for flags. It's a competition, do your personal best.

Don't Ruin the Fun for Orgas

For example:

  • Don't generate excessive load. Bruteforcing or DirBusting will not be necessary, let's keep it down.
  • Don't troll, spam, flood in the chats.
  • Don't register multiple accounts.

Organizers will guard the fun by punishing the fun-ruiners.

Do Your Best and Have Fun

Good luck!


Should any questions arise, please contact us at

Telegram: @cybrics
WeChat: spbctf