TCS HackQuest Season 8 [Prizes Worth Upto Rs. 5 Lakhs; BE/B.Tech; BSc/MSc; BCA/MCA]: Register by Jan 23

Applications are invited for the TCS HackQuest Season 8. Grab the Ninja provisional job offers and other exciting prizes. Get yourself registered before Jan 23, 2024!

About TCS HackQuest Season 8

Technology advancements and increased digital focus expose organizations to greater security challenges. Hacking is now more organized and pervasive, with cyber attackers using various techniques to gain unauthorized access, steal sensitive information, or disrupt digital operations. In the wake of a post-pandemic era, the role of a massive ethical hacking community has become imperative, requiring cyber sentinels to safeguard decentralized systems.

Contest Details

HackQuest started in 2016 to unearth talents who excel in playing their favourite game – Catch the Flag! Based on the popular ‘Catch the Flag’ (CTF) format, the contest presents challenges to be completed in 6 hours.

• The set of challenges will be presented in 3 categories- 1. Beginner, 2- Intermediate, 3-Expert.
• The participants are free to choose challenges from distinct categories and are encouraged to attempt all challenges across all categories and demonstrate their ability to handle different scenarios.
• In the end, associates are awarded special prizes and potential job offers from TCS in the cybersecurity unit.

Eligibility Criteria

The Contest is open to students (enrolled in any recognized college /university / academic institute) in India who will be graduating in the academic year 2024 with any of the following degrees in any specialization:

• Bachelor of Technology (B. Tech)
• Bachelor of Engineering (B.E)
• Master of Technology (M. Tech)
• Master of Engineering (M.E.)
• Bachelor of Computer Applications (B.C.A.)
• Master of Computer Applications (M.C.A.)
• Bachelor of Science (B.Sc. – B.S.)
• Master of Science (M.Sc. – M.S.)

TCS reserves the right to take necessary steps and seek any relevant documents to verify the eligibility of the participants mentioned above. The contest will be considered void if participation in the contest and/or conducting the contest is prohibited by law.

Participants

Participants can take part in the contest only as an individual. Team/Group participation is NOT allowed.
TCS reserves the right to assess each participant’s eligibility and compliance with the rules at any point during the validity of the contest.

• Participants must promptly respond with any necessary evidence to verify their eligibility and/or compliance upon TCS’ request.
• TCS reserves the right to refuse entry to any participant and shall not be obliged to provide any explanations thereof.
• There are no participation/registration/submission/contest-related fees. However, expenses, if any, arising from an individual’s participation in the contest shall be borne by that individual.

TCS will not sponsor or reimburse any such expenses.

Registration Process

• Once the registration window is open, the participants are required to register for the contest on this site with a valid TCS NextStep reference ID (CT/DT number).
• To create a valid TCS NextStep reference ID (CT/DT number), the participant needs to login to the TCS NextStep (https://nextstep.tcs.com/campus/) in the ‘IT’ section (Not BPS), fill in the required fields, and submit.
• The participant will receive a pop-up with the TCS NextStep reference ID (CT/DT number). TCS NextStep reference ID (CT/DT number) is mandatory for participating in the contest.
• Apart from the TCS NextStep reference ID (CT/DT number) generated through TCS Next Step, the participant will receive a unique credential to take part in the contest.
• This credential is of utmost importance and should not be shared with any other participants.
• During registration, participants interested in the contest will register on the site along with the necessary profile details.

Structure

• The contest will be conducted in two rounds. The first round (“Round 1”) is an online ‘Catch the Flag’ competition where all participants can take part and they will be shortlisted for the next round basis qualification.
• Participants shortlisted after ‘Round 1’ will move to the second round (“Round 2”), which will be conducted over (Microsoft TEAMS/Webex) and participants will have to keep their camera switched ‘ON’ during the entire period of the ‘Round 2’
• The final round will be conducted in person. It will be a Jury evaluation round at TCS premises. The details of which will be intimated to the qualified participants.
• TCS will arrange for remote modalities of evaluating a select list of participants from Round 1. Shortlisted participants are required to stay tuned for real-time updates on Round 2, dates, format etc.
• Participants shall be solely responsible for keeping track of the announcements and participating accordingly.

Round 1

This will be an online challenge-based test where the participants would be required to log on to an online application with a set of challenge statements. These tests will require the participants to demonstrate their ethical hacking skills and their specific competency in security challenges. The set of challenge statements will be presented in three (3) categories:

• Beginner-level challenges
  • This category of challenges has been meticulously crafted for those with limited to no prior experience.
  • These challenges will be based on the fundamentals of cybersecurity, and know-how of fundamental tools and techniques.
  • Challenges focus on basic concepts like (not necessarily limited to) password cracking, simple encryption, and basic network vulnerabilities.
• Intermediate-level challenges
  • This set of challenges has been designed to test your problem-solving abilities and creative thinking.
  • As you tackle these challenges, you will have to demonstrate your knowledge of advanced cybersecurity tools and methodologies.
  • The challenges include more advanced topics (not necessarily limited to) such as web application security, SQL injection, and network analysis.
  • Will require a deeper understanding of common vulnerabilities and exploitation techniques.
• Expert-level challenges
  • This set of challenges has been categorically created to push you to the limits of knowledge and ingenuity.
  • These challenges will demand resourcefulness, a deep understanding of cybersecurity principles, and the ability to think out of the box.
  • The challenges are complex and may involve topics (not necessarily limited to) like reverse engineering, advanced cryptography, and sophisticated penetration testing.
  • Attempting these would require a comprehensive understanding of multiple cybersecurity domains.

Other Details

• N.B. – The participants are free to choose challenges from distinct categories and are encouraged to attempt all challenges across all categories and demonstrate their ability to handle different scenarios. The URL of the application will be shared before the contest begins.
• Round 1 will be for six (6) hours duration during which all the participants are required to use their skills and solve the challenge statement(s) (according to the category chosen) and submit the flags captured in the online portal.
• Post solving a challenge statement, the participant needs to capture a screenshot of the flag with the timestamp visible and prepare a detailed report in the template provided on the site with a step-by-step approach for solving a particular challenge statement.
• The detailed report should be uploaded on the site before the deadline as mentioned on the site.
  • Uploading the report on the site is mandatory and any participant failing to upload the report will NOT be considered for further evaluation.
  • This will result in the automatic disqualification of the participant from the rest of the contest.
  • Please also make sure that your report is original and does not match with any other participant’s report(s) in which case both the participants would be rendered ineligible for further rounds in the contest.
  • The participant should maintain the maximum size requirement for a report provided on the site.
• Participants are free to use tools of their choice. However, usage of tools that send a huge amount of traffic or tools that tamper with the site and/or any of its application(s)/functionalities is strictly prohibited. If any participant is found violating this, he/she will be disqualified immediately from the contest. Participants are advised to take note of the recommended tools provided by TCS on the Site.
• The submissions will be evaluated based on the following criteria:
  • Flags captured
  • Quality of report submitted
  • The approach followed for capturing the flags

Round 2

• Participants selected from ‘Round 1’ will be eligible to participate in ‘Round 2.’ Round 2 will be conducted in a remote environment and will be proctored by the TCS team.
• Activity 1: Penetration testing on hosted challenges
• The participant would be provided with the hosted challenge statements which he/she is expected to solve by using his/her intuitive skills. Challenge statements in this round might require expertise in the following areas as well:
  • System exploitation
  • Penetration testing of web applications
  • Mobile Security
  • Digital forensics
  • Threat hunting
  • Incident response
  • Source code analysis
  • Scoring will be based on the flags captured by the participants in above mentioned topics
• Activity 2: Case Explanation (3-4 hours) – Remotely
• Shortlisted participants will be invited for a case explanation round. In this round, participants will be required to explain their approach to solving challenge statement(s) and answer the queries posed by the jury panel.

Domains

Participants trained in the below security domains will have an added advantage while participating in the contest:

• Application Security
• Network security
• Java/J2EE, PHP, Python. GO
• Information security and risk management
• Ethical hacking
• Digital forensics
• Threat hunting
• Malware Analysis/Reverse Engineering
• Any security-specific certification like Security+, CEH, ISO 27001, etc.

The participant represents and warrants that

• the submission made/submitted is an original work or invention created solely by him/her;
• he/she owns all rights in the submission or otherwise has the right to submit the submission;
• the submission does not violate any contractual obligation; and
• the submission does not (i) violate any applicable laws and/or (ii) cause any form of plagiarism/infringement whether in full or in part.

The submission must not contain content

• that is inappropriate, indecent, obscene, violent, hateful, tortuous, defamatory, slanderous
• that promotes racism or hatred against any group or individual
• that promotes discrimination based on race, sex, religion, nationality, disability, sexual orientation or age
• that is unlawful, in violation of or contrary to the laws or regulations in the state province or region where the submission is developed.

Prizes

• The Participant hereby agrees and undertakes that mere announcement/declaration of being announced as a winner shall not entitle him/her to the prize/award/reward.
• Only upon complying with the Rules and fulfilling all conditions mentioned herein, to the satisfaction of TCS, shall the winning be validated.
• The top 10 Participants from Round 2 will be invited to attend the award ceremony and interact with TCS leadership.
• The top performing Participants who clear Round 2 may stand a chance to receive ‘Ninja or Digital’ provisional job offers subject to the interview process and other selection criteria as per TCS’ sole discretion and policies in effect.
• Total prizes worth up to INR 5 Lakhs are given to the top-performing participants.
• Certification of merit will be awarded to all top performing Participants.
• Exceptional performers will be given a chance to work with the TCS Cybersecurity Centre of Excellence.

How to Register?

Interested candidates can directly register through this link.

How to Login?

Click here to log in for TCS HackQuest Season 8

Deadline

23rd January 2024, Tuesday.

Click here to view the official notification of the TCS HackQuest Season 8.

Image Source