OWASP University Challenge

Revision as of 02:09, 1 July 2014 by Ivan Buetler (talk | contribs)

Jump to: navigation, search
OWASP Project Header.jpg

OWASP University Challenge

OWASP AppSec conferences invite university teams (contestants) to the so-called OWASP University Challenge! The University Challenge is a competition among teams comprised of university students that will be held during the training days of the larger OWASP AppSec conferences (AppSec US, AppSec EU, …). There is no admission fee for the University Challenge – participation in the conference is possible for free. During the University Challenge teams will solve mission style security challenges using the Hacking-Lab framework. The OWASP University Challenge could be limited to 8 teams, depending on available space and budget. Teams will consist of 4-8 students, with one team per university. All team openings are on a first come first serve basis. If multiple teams are received from the same university the second team will be put on a wait list. All team members must be registered. Registration for the University Challenge event is free. Food and beverages will be provided during the challenge and all participants will get an OWASP University Challenge t-shirt. Of course, the first three winning teams will get some small prizes (to be announced).


The OWASP University Challenge is a one or two day mission style security challenge event during the AppSec conferences training days! University / Student teams can compete solving hack challenges and defending insecure applications.

What is the OWASP University Challenge?

OWASP University Challenge provides:

The AppSec conference should take care of:

  • Venue / rooms during the conference training days
  • Feed the students
  • Local pr / announcements at local Universities


Link to presentation

Project Leader

Ivan Buetler

Mateo Martinez

Related Projects

Quick Download

News and Events

In Print


Owasp-incubator-trans-85.png Owasp-builders-small.png
Project Type Files CODE.jpg

Conference Organisation:

  • Announcement
  • Room / Space for the University Challenge
    • Internet connection
    • Video projector (scoring/ranking)
    • Power and extensions
  • Outreach to the local Universities
  • Sponsor for winner prizes
  • Winner announcement during the main track / (before) end of the conference


During the two training days

  • challenges will be organized together with Hacking-Lab
  • Hardware (challenge server) come from Hacking-Lab
  • Hardware (wilreless routers) come form the Education Committee


Travel and lodging has to be organized and covered by the student teams themselves The Conference should feed the students

Travel and lodging of the University Challenge project leader (running the challenge) must be covered by the conference

We recommend to give the University Challenge teams free entrance to the conference


We could need the conference organization team to help finding sponsors for the prices.

Previous events:

  • AppSec EU 2014 Cambridge
  • AppSec-EU 2013 Hamburg
  • AppSec-EU 2012 Athens
  • AppSec-US 2012 Austin
  • AppSec-US 2011 Minneapolis

Ticket winning" pre-conference challenges:

-> option for conference to offer free tickets via solving Hacking-Lab challenges -> qualifying for UC? -> Team qualifying

   Q1: When typically has the event run at AppSec, during the training days or during conference proper?
   A1: The UC is normally hosted during the training days
   Q2: What size of room or seating capacity has typically been used?
   A2: Depending to the PR and number of teams (teams have a max of 8 members)
   Q3: What prizes are usually awarded?
   A3: depends, if the conference manages to find sponsors there are prices. At the AppSec-Eu 2013, there where no prices, only the honor of winning
   Q4: Do the teams  have free conference access?
   A4: No, the teams have to organize travel and lodging themself. all we do is hosting the UC and feed them.
   There are no entrance / attendance fees charged previously
   The attendees usually get free access to the conference (because they travel from foreign countries too) 


XXX is developed by a worldwide team of volunteers. The primary contributors to date have been:

  • xxx
  • xxx


  • xxx
  • xxx

As of XXX, the priorities are:

  • xxx
  • xxx
  • xxx

Involvement in the development and promotion of XXX is actively encouraged! You do not have to be a security expert in order to contribute. Some of the ways you can help:

  • xxx
  • xxx

What does this OWASP project offer you?
What releases are available for this project?
what is this project?
Name: OWASP University Challenge (home page)
Purpose: As first time organized at the OWASP AppSec-US 2011 in Minneapolis, this project is to enable "attack & defend" challenges.

First, at OWASP AppSec conferences, later also to enable this outside AppSec conferences.

License: Creative Commons Attribution ShareAlike 3.0 License
who is working on this project?
Project Leader(s):
  • Ivan Buetler @
  • Mateo Martinez @
how can you learn more?
Project Pamphlet: Not Yet Created
Project Presentation:
Mailing list: Mailing List Archives
Project Roadmap: View
Key Contacts
  • Contact Ivan Buetler @ to contribute to this project
  • Contact Ivan Buetler @ to review or sponsor this project
  • Contact the GPC to report a problem or concern about this project or to update information.
current release
Not Yet Published
last reviewed release
Not Yet Reviewed

other releases