An ETeC 2022 Learning CTF


This year's CTF has a focus on learning. You will see scenarios which are "Guided". These will be guided walk throughs of EI to examine different behaviors (benign or otherwise).
There is also one Breach Scenario where the hints will contain guided steps to complete a challenge. However, using these hints will cost you points, thus lowering your overall score.
The more hints you use, the lower your odds at having the highest score and winning this years ETeCTF. But you can easily use this CTF to see how ESET Inspect can be leveraged to see more about what is happening on monitored systems.

  • Ensure you set your timezone to "Pacific Time (US & Canada) UTC-8". This is because some of the challenges will be looking for timestamps which are expected to be this specific timezone.

Click here to register


Already registered? Click here to login



Rules of the CTF

Breaking the rules can result in penalty points or becoming banned.

1. Use a non-production test environment to complete challenges. Later levels of the CTF can cause endpoint detections, this is why you should use only a test environment. All detections are benign.

2. Only one user account is allowed per person. If you forget your username and/or password, contact whoever is hosting the CTF and let them know the email address you used to register with.

3. Attempting to hack into any part of the CTF or Protect or Inspect servers, is not allowed and will result into an instant ban.

4. Rules can be added at any point of the CTF.


Pro-Tips for the CTF


1. Do not use a production computer. While all challenges in the CTF are benign, there are some that will trigger ESET detections. To avoide confusion, do not use a production environment while participating in the CTF.

2. If you get stuck, you can use existing hints in the challenges. These will cost points to use, so use them wisely.

3. If you find you have used up hints on a challenge, and are still in need of assistance, first ask coworkers for help. Then ask your CTF Host. Asking your CTF Host for help will be treated as using a hint and points may be deducted from your overall score.

4. If you believe you have found a flag, but a challenge is not accepting it, please email your CTF Host with the (1)"Name of the challenge", (2)"The Flag you are supplying", and (3)"Justification or reasoning for why you believe it to be correct".

5. There are both standard flags "FLAG{SomeRandom_Text}" and non-standard flags "can be any string of text like a URL or file hash or other", but all flags are some form of text string.

6. All Inspect user accounts have "Read Only" rights. This means you will not be able to mark alarms as resolved or to create rules.