Cyber Security Awareness Week 2009

Undergraduate Application Security Challenge

About the Competition

CSAW Application Security Challenge is a cyber attack competition loosely based around the Defcon Pre-quals. Participants are given a series of challenges divided into different categories, each worth a specified number of points. This year, the competition will focus heavily on web application security, however, other topics will not be left out. Make sure you are a jack of all trades or put together a team with a diverse skill set.


Registration Opens : August 15th 00:00 Hrs
Registration Closes : September 20th 23:59 Hrs
Start of competition: September 26th 00:00 Hrs  (challenges, instructions, and rules are put up)
End of competition:  September 27th 23:59 Hrs  (last chance to submit answers)

Judging Criteria

Judges for this event will pick a winning team based on the amount of challenges solved and points earned. Some challenges will be open-ended and allow for variable scoring, to be determined by the judges. Bonus points are possible for discovering things that are not directly a part of the question.

CSAW 2009 Judges will be announced shortly

Travel Grants

Each finalist will receive a travel grant to offset the cost of attending the awards ceremony, where the first-, second-, and third-place place winners will be announced, along with a bonus prize winner. Finalists must be present at the awards ceremony to redeem their prizes.

Contest Type

Include the team name and the names of all your team members during registration. This contest can be done remotely, however, finalists are required to attend the awards ceremony at NYU-Poly on November 12th, where the prize winners will be announced. Students who need to travel more than 100 miles will be given a lump-sum scholarship to offset their travel costs.



If you have any questions about the contest, feel free to e-mail

CSAW 2008 CTF Winners

Place University/School Team Name Team Points
1st place Multiple Team Tefaye 16375
2nd place Rensselaer Polytechnic Institute RPISEC 13575
3rd place University of Idaho Pwntatoes 11475
4th place Ruhr University Bochum FluxFingers 10075
5th place Naval Postgraduate School MyLittlePwnies 9175
6th place RWTH-Aachen teamSparta 7925
7th place Bagsværd Kostskole & Gymnasium The Down Ownerz 7825
8th place DePaul University SecurityDaemons 5025
9th place University of South Florida 0x28Thieves 4200
10th place UCLA WiseguyS 4125

Additionally, a bonus prize is awarded to The Down 0wnerz for being our youngest participants.

CSAW 2008 CTF was Judged by:

CSAW 2007 CTF Winners

1st MyLittlePwnies Naval Postgraduate School
2nd Pwntatoes University of Idaho
3rd CLASY SUNY Stony Brook
4th / Best Undergrads RPISec Rensselaer Polytechnic Institute
5th / Best Individual Caleb SUNY Binghamton