The NSA Codebreaker Challenge provides students with a hands-on opportunity to develop their reverse-engineering / low-level code analysis skills while working on a realistic problem set centered around the NSA's mission.

The fictional backstory for the challenge is as follows: The Department of Homeland Security (DHS) has requested NSA’s assistance in investigating unusual network activity within a large SCADA system. The system controls critical infrastructure for multiple cities, so it’s imperative that an assessment is carried out immediately. If any intrusions are found, then we need to identify how the systems were compromised and neutralize the threat. DHS is concerned that someone might be attempting to take control of the distributed sensor nodes and form a large botnet. If this happens, they could use it to wreak havoc across the cities and potentially launch DDoS attacks against other critical networks. We need your help to stop this from happening!

For this challenge you will be given a series of six tasks, each increasing in difficulty, with the ultimate goal of completely neutralizing the botnet. These tasks are summarized as follows:

• Setup a test instance of the system (Task 0)
• Analyze suspicious network traffic (Task 1)
• Develop a network signature for an intrusion detection system (Task 2)
• Analyze critical system components for vulnerabilities (Tasks 3 and 4)
• Perform forensic analysis of a compromised endpoint (Task 5)
• Craft an exploit for the botnet server and devise a strategy to clean the infected endpoints (Task 6)

While the challenge is intended for students, professors are encouraged to participate as well. Furthermore, the site was designed to make it easy for those professor interested in incorporating the challenge into their courses to do so (see the additional FAQ entries below.)

Reverse engineering is a crucial skill for those involved in the fight against malware, advanced persistent threats, and similar malicious cyber activities, and as the organization tasked with protecting U.S. government national security information systems, NSA is looking to develop these skills in university students (and prospective future employees!). NSA isn’t the only organization interested in these skills - many Fortune 500 companies are also looking for individuals with reverse engineering abilities, as they work to protect their corporate and organizational computer systems and networks. In addition, the same techniques used to reverse engineer an unknown binary can often be applied to diagnose and fix bugs in your own applications, especially if they are low-level ones like those introduced by a compiler. It is important to note that reverse engineering does, in many cases, violate the End User License Agreement of provided software, which may make the activity illegal. However, when used appropriately, reverse engineering techniques can be a powerful tool to leverage.

The first 50 individuals to complete all six tasks will be awarded a small token to recognize them for this great achievement. Also, some universities and departments may offer their own prizes for students within the department that complete the challenge, and some courses may offer extra credit for task completion. Definitely check with your faculty to see if possibilities like these exist!

NOTE: We are currently unable to mail these tokens of recognitions to students located outside of the U.S.

We wrote the code for these challenge binaries (with the exception of several other libraries that are statically linked in,) and our testing hasn’t indicated any negative side effects, but ultimately you must use these at your own risk. As a rule-of-thumb, we encourage you to take precautions before running any questionable executables on your machine. For instance - running these in a virtual machine environment is a good first step to take. Directions on setting up a virtual machine for testing can be found in the 'Technical Resources' section of this page.

We have heard that the 2014 challenge binary may get flagged as being malicious by some anti-virus software. Again, that one should be safe as well, but taking precautions just in case is advised.

Email us at:

Sign in to see the support email address

After completing the first challenge, each student is provided a unique link to a page which verifies their progress on the six tasks in the challenge. The student can send this link to the professor, post it on a class message board, etc., so that progress can be verified.

Each student receives a slightly different set of challenge binaries and associated message files, making it so that one student's solution won't work for someone else. The binaries are similar enough to where students can work together, though, and develop the solutions to their respective binaries together.