Awards
Vulnerability Disclosure Champion
Thank you for reporting vulnerabilities! CTF <3
25
Solves
| Challenge | Category | Value | Time |
| Where is the smoke coming from? | ICS Center: Hospital Smoke Signals | 10 | |
| DND: Do Not Defib! | Awareness Center : Vulnerability Management | 10 | |
| Executive Order | Awareness Center: It Is an Order, Executive One! | 5 | |
| You are Fired! | Awareness Center: Malicious PPE Insider | 10 | |
| RTPCR Host Manufacturer's Coordinated Vulnerability Disclosure | COVID-19 Test Lab | 10 | |
| RTPCR Host Manufacturer | COVID-19 Test Lab | 10 | |
| RTPCR Host OS | COVID-19 Test Lab | 10 | |
| What Brand Was It? | COVID-19 Test Lab | 15 | |
| FDA Myths 'n' Facts | Awareness Center : Vulnerability Management | 20 | |
| Are our PGHD protected? | Privacy Center: Hello Halo, Apple Watch and Fitbit! | 10 | |
| Who Fights in our Corner? | Privacy Center: Hello Halo, Apple Watch and Fitbit! | 10 | |
| Fundamental Rights! | What applies? | 10 | |
| Oui Oui! | What applies? | 10 | |
| Happy Birthday! | What applies? | 5 | |
| A Long Way from Home | What applies? | 10 | |
| New code | Certification Center: HCISPP Day3 | 12 | |
| Encryption | Certification Center: HCISPP Day3 | 12 | |
| Patient changes | Certification Center: HCISPP Day3 | 11 | |
| Performance implementation | Certification Center: HCISPP Day3 | 11 | |
| SLA | Certification Center: HCISPP Day3 | 11 | |
| Patient appointment list | Certification Center: HCISPP Day3 | 11 | |
| Notice of privacy | Certification Center: HCISPP Day3 | 11 | |
| HSM | Certification Center: HCISPP Day3 | 11 | |
| Government board | Certification Center: HCISPP Day3 | 11 | |
| H-ISAC | Certification Center: HCISPP Day3 | 11 | |
| Third party responsibilities | Certification Center: HCISPP Day3 | 10 | |
| Private insurance | Certification Center: HCISPP Day3 | 10 | |
| Malware delivery | Certification Center: HCISPP Day3 | 9 | |
| Helthcare system | Certification Center: HCISPP Day3 | 10 | |
| Segregation of duties | Certification Center: HCISPP Day3 | 12 | |
| Cloud type | Certification Center: HCISPP Day3 | 10 | |
| Action plan | Certification Center: HCISPP Day3 | 10 | |
| Information risk assessment | Certification Center: HCISPP Day3 | 9 | |
| Data breach recovery | Certification Center: HCISPP Day3 | 9 | |
| Child abuse | Certification Center: HCISPP Day3 | 9 | |
| Adversarial threat | Certification Center: HCISPP Day3 | 10 | |
| Up in Arms | IT Office : Arm Twisters | 100 | |
| St. Elvis and St. Elvis Digital Twin Out of the Woods | St. Elvis Digital Twin | 200 | |
| Wait a minute, can we really decrypt this thing? | Ransomware | 400 | |
| Shame! Shame! Shame! | Breaches | 5 | |
| We're All Individuals! | Breaches | 5 | |
| CVE | Awareness Center : Vulnerability Management | 5 | |
| FDA Safety Communication | Awareness Center : Vulnerability Management | 20 | |
| Cyberattack | Certification Center: HCISPP Day2 | 10 | |
| First healthcare regulation | Certification Center: HCISPP Day2 | 10 | |
| HSM | Certification Center: HCISPP Day2 | 10 | |
| Third-party agency | Certification Center: HCISPP Day2 | 10 | |
| US agency | Certification Center: HCISPP Day2 | 10 | |
| Confidentiality | Certification Center: HCISPP Day2 | 10 | |
| Third-party risk assessment | Certification Center: HCISPP Day2 | 9 | |
| Security controls | Certification Center: HCISPP Day2 | 9 | |
| Common-access card | Certification Center: HCISPP Day2 | 9 | |
| Data breach notification | Certification Center: HCISPP Day2 | 11 | |
| Disaster recovery | Certification Center: HCISPP Day2 | 11 | |
| DSP toolkit | Certification Center: HCISPP Day2 | 11 | |
| Framing | Certification Center: HCISPP Day2 | 11 | |
| GAPP | Certification Center: HCISPP Day2 | 11 | |
| Healthcare dataset | Certification Center: HCISPP Day2 | 11 | |
| Information policy | Certification Center: HCISPP Day2 | 11 | |
| Intended purposes | Certification Center: HCISPP Day2 | 11 | |
| Internal threat | Certification Center: HCISPP Day2 | 11 | |
| Medical devices integration | Certification Center: HCISPP Day2 | 11 | |
| Safe Harbor and HIPAA | Certification Center: HCISPP Day2 | 11 | |
| Medical Record numbers | Certification Center: HCISPP Day2 | 12 | |
| NIST guidance | Certification Center: HCISPP Day2 | 12 | |
| The physician's office | Certification Center: HCISPP Day2 | 12 | |
| DICOM Prefix | Radiology: Polyglot PE / DICOM Files | 21 | |
| Single-sign-on authentication | Certification Center: HCISPP Day2 | 9 | |
| Digital Twin is Back Up and Running Again! | St. Elvis Digital Twin | 200 | |
| Becoming a true reverse engineer | Ransomware | 200 | |
| For your convenience | Ransomware | 50 | |
| Stage 5 | Ransomware | 50 | |
| Stage 4 | Ransomware | 70 | |
| Into the Breach | Ransomware | 50 | |
| Need better isolation | Ransomware | 30 | |
| The responsible | Certification Center: HCISPP Day1 | 12 | |
| A Tulip by any other Name | Awareness Center : Vulnerability Research | 5 | |
| Observe and Report | Awareness Center : Vulnerability Research | 5 | |
| CIA | Awareness Center: Risk "Management" | 3 | |
| Overexposed | Awareness Center: Risk "Management" | 3 | |
| IoB | Awareness Center : Risk "Management" | 10 | |
| Series of Tubes | Awareness Center : Vulnerability Research | 5 | |
| ISO Need To Tell You About Your Ugly Baby | Awareness Center : Vulnerability Research | 5 | |
| RSS-MD - Functional Impact | Awareness Center: Risk "Management" | 5 | |
| Dual Hats | Awareness Center : Security Research | 5 | |
| Dynamic Duo | Awareness Center : Security Research | 6 | |
| Dangerous Precedents | Awareness Center : Security Research | 10 | |
| Defensive Examination | Awareness Center : Security Research | 10 | |
| Power Trace Side Channel Attack | Embedded Device | 200 | |
| Protection | Certification Center: HCISPP Day1 | 8 | |
| EHR | Certification Center: HCISPP Day1 | 9 | |
| MDM | Awareness Center: Acronyms! Acronyms! Acronyms! | 3 | |
| BSIMM | Awareness Center : Acronyms! Acronyms! Acronyms! | 5 | |
| Veni, vidi, vici | The Device Lab | 500 | |
| ISO/IEC | Awareness Center: Acronyms! Acronyms! Acronyms! | 3 | |
| MDS2 | Awareness Center: Healthcare! Acronyms! | 5 | |
| What is WHO? | Awareness Center : Healthcare! Acronyms! | 5 | |
| EHR | Awareness Center : Healthcare! Acronyms! | 5 | |
| DFIR | Awareness Center : Security 101 | 5 | |
| Ciphers Galore | Technical Training Center: T-ATP | 20 | |
| Compromised PACS / DICOM Server - Question 1 | Radiology: DICOM | 30 | |
| Target on your back | Ransomware | 20 | |
| Ransom note part II | Ransomware | 20 | |
| Ransom note | Ransomware | 15 | |
| WANTED | Biohacking Village Wants YOU! | 0 | |
| The future is here! | St. Elvis Digital Twin | 200 | |
| Primanoculation | Host Access | 40 | |
| WireGuard Filetype | Host Access | 10 | |
| WireGuard Endpoint | Host Access | 10 | |
| Verify me | Orientation | 5 | |
| Discord Communications | Orientation | 20 | |
| Simple Service Access - port 80 | Orientation | 20 | |
| Simple Service Access - port 40 | Orientation | 20 | |
| CTFd - Profile | Orientation | 5 | |
| CTFd - Scoreboard | Orientation | 5 | |
| CTFd - Teams | Orientation | 5 |