present day… present time.

Espilon CTF

IoT · OT · Hardware · ESP

Join Espilon CTF View challenges
Join the Discord server
6
Categories
25+
Challenges
Solo
Qualifications
2
Qualification weeks

> presentation()

Espilon CTF is a 100% cybersecurity competition focused on Hardware, IoT and OT.

Forget classic CTFs. Here, we flash firmwares, sniff buses, compromise industrial protocols and reverse embedded systems. If you have ever plugged in a JTAG or captured a radio signal, you are in the right place.

Hardware & IoT

Firmware, UART, SPI, I2C, JTAG, radio, BLE...

OT Protocols

Modbus, MQTT, CoAP, realistic SCADA scenarios

ESP32 required

Some challenges require your own ESP32

Realistic scenarios

Reproduced from real audits and pentests

Intermediate to advanced difficulty — no guessing, only technical
2 weeks of online qualifications
Solo qualifications — every player for themselves
On-site finals if enough participants

> format_competition()

Phase 1

Online Qualifications

Two weeks to solve firmware challenges, hardware interfaces, IoT networks and industrial protocols. Solo format: each player tackles the challenges individually.

Jeopardy 25+ challenges 6 categories 2 weeks Solo
Phase 2

On-site Finals

The best teams compete on-site on a unique real-world inspired scenario: analysis, compromise, pivot and system understanding. One single final flag.

The finals will be organized if the number of participants is sufficient. The more of you there are, the bigger we go.

> required_hardware()

ESP32 mandatory for the ESP category

You must own your own ESP32 to participate in challenges from this category. Without hardware, these challenges will be inaccessible.

What you will do with the ESP32

Custom firmware flashing
UART / SPI / I2C communication
GPIO signal analysis
Wi-Fi & BLE attacks
Hybrid ESP + Cloud scenarios
Reverse engineering embedded configurations
A basic ESP32 (DevKit v1) is enough. Available for ~5€ online. Other categories do not require any specific hardware.

> challenge_categories()

IoT

Wireless protocols, BLE, MQTT, connected objects and embedded attack surfaces

OT

SCADA, Modbus, PLCs, supervision and real-time protocols

Hardware

UART, SPI, I2C, JTAG, PCB analysis, flash dump and physical buses

ESP ESP32 required

Flash firmware, GPIO, Wi-Fi, BLE — requires your own ESP32

Misc

Web, crypto, forensics, reverse, OSINT... everything else is here

> who_is_it_for()

Whether you are a curious beginner or an embedded security expert, Espilon CTF offers challenges for all levels — with a real hardware focus.

Cyber students

Learning security? Perfect to discover hardware hacking and IoT in a CTF context.

Pentesters & Red Team

Scenarios from real audits: firmware, SCADA, industrial protocols. Real-world stuff.

Makers & Hackers

Already own a soldering iron and a logic analyzer? These challenges are made for you.

Mixed teams

Mix skills: web, reverse, hardware, crypto. The multi-skill approach is key.

> sponsors()

Interested in sponsoring Espilon CTF?

eun0us@proton.me

no matter where you go… everyone is connected.