The NSA Codebreaker Challenge provides participants with a hands-on opportunity to develop their reverse-engineering / low-level code analysis skills while working on a realistic problem set centered around the NSA's mission.
While the challenge is primarily intended for students, it can also be a fun way for professionals to sharpen their skills. We're excited to offer this opportunity to government and military individuals as part of Armed Forces and Police Week 2021!
For Armed Forces and Police Week 2021, anyone with a .gov or .mil email address may participate. Each team's captain should register an account on behalf of their team.
Note: in order to be eligible to win the competition, your team must also register via the Event Registration System (ERS).
For Armed Forces and Police Week 2021, participation is only open to individuals with a .gov or .mil email account. Keep an eye out for the 2021 Codebreaker Challenge, which will launch later this summer!
Reverse engineering is a crucial skill for those involved in the fight against malware, advanced persistent threats, and similar malicious cyber activities. As the organization tasked with protecting U.S. government national security information systems, NSA is looking to develop these skills in university students and prospective future employees. NSA isn’t the only organization interested in these skills - many Fortune 500 companies are also looking for individuals with reverse engineering abilities, as they work to protect their corporate computer systems and networks. In addition, the same techniques used to reverse engineer an unknown binary can often be applied to diagnose and fix bugs in your own applications, especially if they are low-level / hard to find. It is important to note that reverse engineering might violate the End User License Agreement of some software packages and/or be considered illegal in certain cases. Always check with the appropriate copyright holder / legal counsel if unsure.
We wrote the code for these challenge binaries (with the exception of several other libraries that are statically linked) and our testing hasn’t indicated any negative side effects, but ultimately you must use these at your own risk. As a general rule, we encourage you to take precautions before running any questionable executables on your machine. For instance - running these in a virtual machine environment is a good first step to take. Directions on setting up a virtual machine for testing can be found in the 'Technical Resources' section of this page.
We have heard that the 2014 challenge binary may get flagged as being malicious by some anti-virus software. Again, that one should be safe as well, but taking precautions just in case is advised.
Each team captain receives a slightly different set of challenge binaries and associated files, making it unlikely for one team's solution to work for another team.
You can use the "Get Help" tab at the bottom of the page for help or any type of feedback. If that isn't working (or not available because you cannot login) then email us at: firstname.lastname@example.org