🕵️♂️ Breach Village
Welcome to Breach Village — where capture the flag meets real-world impact.
The internet is filled with hidden vulnerabilities — not just in systems, but in the way sensitive information is handled, published, and overlooked. Privacy issues are not confined to made-up hacker stories or simulated environments. They exist right now on the real internet, and many people don’t even know how to spot them, let alone report them responsibly.
This CTF is built differently. Instead of chasing fantasy exploits or solving puzzles from a movie plot, Breach Village is about practical skills and real-world awareness — the kind that can help protect people and make a difference.
🔐 Two Tracks. One Goal.
1️⃣ Hack the Case
Physical or Cyber. Solo or Team.
In this track, you'll face a custom-built physical case with multiple layers of security. You can breach it physically, through traditional lockpicking or tampering, or digitally, by exploiting connected systems. Choose your method — or combine them both.
- Start simple or go advanced.
- Once breached, you can request new lock configurations to increase the difficulty.
- Compete solo or bring your squad.
Test your tactical skills against a real, tangible target.
2️⃣ Privacy Breaches
Learn to Find and Report Real Digital Leaks.
This track is based on a fictionalized scenario involving websites in Puerto Rico. This is not a government-sponsored event, and the scenario is meant purely for educational purposes.
That said, the techniques you'll learn are very real. You'll discover how:
- Sensitive information can accidentally appear on public websites.
- Google Dorking and other OSINT methods can reveal privacy breaches.
- To responsibly report breaches to the proper agencies that manage state or government websites.
The goal here is not exploitation — it’s accountability. We want participants to walk away with the ability to identify and notify the right people when sensitive data is exposed online.
💬 Remember
With great access comes great responsibility. We encourage ethical exploration, responsible disclosure, and never storing or using exposed personal data. Your skills can help make the web a safer place — start here.