Hide table of contents

What is AutoHack?

AutoHack is a new platform that offers offensive security challenges modeled after real-world cybersecurity kill chains. Each challenge progresses through a sequence of stages, such as: Reconnaissance, Remote Code Execution, Privilege Escalation, Persistence, and Acting on Objectives.

What sets AutoHack apart from other platforms for assessing and practicing offensive security skills is its procedural nature. Each challenge consists of a sequence of stages, and each stage is sampled from a broad pool of dozens of options covering diverse vulnerabilities, misconfigurations, and behaviors. This approach ensures that every end-to-end challenge requires a unique mix of tactics, offering a rich assessment of pentesting skills for both humans and AI agents.

Why run a private tournament? Who is this for?

As AI systems advance, their cybersecurity capabilities are constantly growing, increasing their potential for causing harm. We're developing AutoHack to empirically study their capability surface in a realistic, diverse environment. To ensure reliability, we're calling on human cybersecurity experts like you to help stress-test this environment. Apply to compete against others for the highest score on a unique set of challenges. By participating, you'll:

  • Contribute to efforts aimed at mitigating catastrophic AI risks.
  • Have a chance to win a share of the $10K prize pool, split across top players.
  • Sharpen your skills against varied targets.

How will the tournament work?

During October and November 2024, we'll process applications for joining the private event. We'll then invite players to a dedicated group chat where they'll receive instructions for accessing the Winter 2024 tournament. The setup process for accessing the challenges is straightforward:

  1. Install a thin open source CLI client, called ctf, to connect to the tournament.
  2. Use the CLI tool for logging in, listing your unique collection of challenges, spawning shells on remote environments, and requesting hints if needed. You'll also be able to use it to check your standing on the leaderboard.

Scoring is based on speed and limited hint usage, with the highest scorers winning. We'll share more details as the tournament approaches.

How can I take part in the tournament?

  1. Complete the application form.
  2. Join a video call where we'll also demo an earlier version of the platform.
  3. If there's a fit, you'll be invited to join a private group chat with other players, where you'll receive further information about the tournament.
  4. Solve your unique collection of challenges during the tournament period.

That's it. We encourage you to share this opportunity with fellow cybersecurity experts who are up for a challenge!

17

0
0

Reactions

0
0
Comments
No comments on this post yet.
Be the first to respond.
Curated and popular this week
Relevant opportunities