TCS HackQuest 2024 I Season 8

About TCS HackQuest:

 TCS HackQuest season 8 organized by TCS Cyber Security Unit as a serious attempt to unearth specific talent who excelled in their favorite game - Catch the Flag! Based on the popular “Catch the Flag” (CTF) format, the competition presents a series of challenges to be completed in 6 hours. Three categories will be used to display the set of challenges: 1. Beginner, 2. Intermediate, and 3. Expert. Each challenge assesses participant skills in ethical hacking and their particular skill in finding vulnerabilities. The participants are allowed to select challenges from many categories, and they are urged to try every challenge in every category to show that they can manage a variety of situations. TCS Cyber ​​Security Practice is seeking students and enthusiasts who are passionate about ethical hacking and, in general, securing the digital future of organizations engaged in the transaction of millions of data points around the world. Associates get unique awards and maybe job offers from TCS in the cybersecurity division at the conclusion of the event.

Join Our WhatsApp Group for Contest & Training Updates:

Contest Structure:

• The contest will be conducted in two rounds. The first round (“Round 1”) is an online ‘Catch the Flag’ competition where all participants can take part and they will be shortlisted for next rounds basis qualification.

• Participants shortlisted after ‘Round 1’ will move to the second round (“Round 2”), which will be conducted over (Microsoft TEAMS/Webex) and participants will have to keep their camera switched 'ON' during the entire period of the 'Round 2'

• Final round will be conducted in person. It will be a Jury evaluation round at TCS premises. The details of which will be intimated to the qualified participants.

• TCS will arrange for remote modalities of evaluating a select list of participants from Round 1. Shortlisted participants are required to stay tuned for real-time updates on Round 2, dates, format etc. Participants shall be solely responsible for keeping track of the announcements and participating accordingly.

Round 1

This will be an online challenge-based test where the participants would be required to log on to an online application with a set of challenge statements. These tests will require the participants to demonstrate their ethical hacking skills and their specific competency in security challenges. The set of challenge statements will be presented in three (3) categories:

Beginner level challenges: This category of challenges has been meticulously crafted for those with limited to no prior experience. These challenges will be based on the fundamentals of cybersecurity, know-how of fundamental tools and techniques. Challenges focus on basic concepts like (not necessarily limited to) password cracking, simple encryption, and basic network vulnerabilities.

Intermediate level challenges: This set of challenges has been designed to test your problem-solving abilities and creative thinking. As you tackle these challenges, you will have to demonstrate your knowledge of advanced cybersecurity tools and methodologies. The challenges include more advanced topics (not necessarily limited to) such as web application security, SQL injection, and network analysis. Will require a deeper understanding of common vulnerabilities and exploitation techniques.

Expert level challenges: This set of challenges has been categorically created to push you to the limits of knowledge and ingenuity. These challenges will demand resourcefulness, deep understanding of cybersecurity principles, and the ability to think out of the box. The challenges are complex and may involve topics (not necessarily limited to) like reverse engineering, advanced cryptography, and sophisticated penetration testing. Attempting these would require a comprehensive understanding of multiple cybersecurity domains.

• N.B. - The participants are free to choose challenges from distinct categories and are encouraged to attempt all challenges across all categories and demonstrate their ability to handle different scenarios. The URL of the application will be shared before the contest begins.

• Round 1 will be for six (6) hour duration during which all the participants are required to use their skills and solve the challenge statement(s) (according to the category chosen) and submit the flags captured in the online portal.

• Post solving a challenge statement, the participant needs to capture a screenshot of the flag with the timestamp visible and prepare a detailed report in the template provided on the site with a step-by-step approach for solving a particular challenge statement.

• The detailed report should be uploaded on the site before the deadline as mentioned on the site. Uploading the report on the site is mandatory and any participant failing to upload the report will NOT be considered for further evaluation. This will result in the automatic disqualification of the participant from the rest of the contest. Please also make sure that your report is original and does not match with any other participant’s report(s) in which case both the participants would be rendered ineligible for further rounds in the contest. The participant should maintain the maximum size requirement for a report provided on the site.

• Participants are free to use tools of their choice. However, usage of tools that send a huge amount of traffic or tools that tamper with the site and/or any of its application(s)/functionalities is strictly prohibited. If any participant is found violating this, he/she will be disqualified immediately from the contest. Participants are advised to take note of the recommended tools provided by TCS on the Site.

The submissions will be evaluated based on the following criteria:

1. Flags captured

2. Quality of report submitted

3. Approach followed for capturing the flags

Round 2

Participants selected from ‘Round 1’ will be eligible to participate in ‘Round 2.’ Round 2 will be conducted in a remote environment and will be proctored by the TCS team.

Activity 1: Penetration testing on hosted challenges

The participant would be provided with the hosted challenge statements which he/she is expected to solve by using his/her intuitive skills. Challenge statements in this round might require expertise in the following areas as well:

1. System exploitation

2. Penetration testing of web applications

3. Mobile Security

4. Digital forensics

5. Threat hunting

6. Incident response

7. Source code analysis

8. Scoring will be based on the flags captured by the participants in above mentioned topics

Activity 2: Case Explanation (3-4 hours) – Remotely

Shortlisted participants will be invited for a case explanation round. In this round, participants will be required to explain their approach to solving challenge statement(s) and answer the queries posed by the jury panel.

Evaluation Criteria:

Participant’s submission ideas would be evaluated on below parameters:

• Adjacency to Tata Steel Businesses

• Feasibility

• Scalability

• Uniqueness of solution/Innovation Quotient

• Impact/Gravity of the problem solved through solution

• Long-term differentiating factor/ Entry barriers

Contest Categories:

• Participants trained in the below security domains will have an added advantage while participating in the contest:

• Application Security

• Network security

• Java/J2EE, PHP, Python. GO

• Information security and risk management

• Ethical hacking

• Digital forensics

• Threat hunting 

• Malware Analysis/Reverse Engineering 

• Any security specific certification like Security+, CEH, ISO 27001, etc.

Who Can Apply:

• The Contest is open to students (enrolled in any recognized college /university / academic institute) in India who will be graduating in the academic year 2024 with any of the following degrees in any specialization:

• Bachelor of Technology (B. Tech)

• Bachelor of Engineering (B.E)

• Master of Technology (M. Tech)

• Master of Engineering (M.E.)

• Bachelor of Computer Applications (B.C.A.)

• Master of Computer Applications (M.C.A.)

• Bachelor of Science (B.Sc.- B.S.)

• Master of Science (M.Sc. - M.S.)

• TCS reserves the right to take necessary steps and seek any relevant documents to verify the eligibility of the participants mentioned above.

• The contest will be considered void if participation in the contest and/or conducting the contest is prohibited by law.

• Participants can take part in the contest only as an individual. Team/Group participation is NOT allowed.

• TCS reserves the right to assess each participant’s eligibility and compliance with the rules at any point during the validity of the contest. Participants must promptly respond with any necessary evidence to verify their eligibility and/or compliance upon TCS’ request. TCS reserves the right to refuse entry to any participant and shall not be obliged to provide any explanations thereof.

• There are no participation/registration/submission/contest related fees. However, expenses, if any, arising from an individual’s participation in the contest shall be borne by that individual. TCS will not sponsor or reimburse any such expenses.

Rewards:

1. The Participant hereby agrees and undertakes that mere announcement/declaration of being announced as a winner shall not entitle him/her to the prize/award/reward. Only upon complying with the Rules and fulfilling all conditions mentioned herein, to the satisfaction of TCS, shall the winning be validated.

2. The top 10 Participants from Round 2 will be invited to attend the award ceremony and interact with TCS leadership.

3. The top performing Participants who clear Round 2 may stand a chance to receive ‘Ninja or Digital’ provisional job offers subject to interview process and other selection criteria as per TCS’ sole discretion and policies in effect.

4. Total prizes worth up to INR 5 Lakhs are given to the top-performing participants. 

5. Certification of merit will be awarded to all top performing Participants.

6. Exceptional performers will be given a chance to work with the TCS Cybersecurity Centre of Excellence.

.............INNOVATE TO WIN..............

Category of the contest: Industry Contest

For Instant Alerts:

LinkedIn Company Page: www.linkedin.com/company/project-contest

ProjectContest YouTube: www.youtube.com/c/projectcontest

ProjectContest Instagram: www.instagram.com/projectcontest

Follow Rajasekar Madhavan: www.linkedin.com/in/rajasekarmadhavan

Disclaimer: Projectcontest.com website was started to support students, industries, and innovators to know various contest updates, we furnish the details in our website post which are taken from the contest link or details given by organizers which were given at the time of contest launch if any changes made in a contest such as a reward, date of closing, rules and regulation projectcontest.com is not responsible for the changes.