News
 Challenges
  Solutions
 Forum
 Papers

Recently

24 January 2020

New set of challenges: Microsoft Windows kernel

A new series of challenges in Windows Kernel is now available! The first challenge is open to everyone, while the others are temporarily exclusive to premium members and will be open to the public on the following dates:

A big thank you to Synacktiv, __syscall for their challenges!
Another big thank you to und3ath & Ech0 for their work on the architecture of these exercises.


23 January 2020

Root-Me Pro : a version fully dedicated to professionals

With more than 10 years of existence, Root-Me has become the online platform offering the largest number and variety of practical content dedicated to cybersecurity (ethical hacking, devsec, forensic, etc.). Thanks to a community of nearly 300,000 members, the contributions allow Root-Me to offer realistic, documented and adapted content to the technical issues faced by cybersecurity experts. Recently, new categories of exercises have also been introduced: Blockchain Ethereum series, Windows PE series, Windows Kernel series.

Thanks to this expertise, the Root-Me platform is now used by players from all over the world, including many professionals who wish to train their teams, organize cybersecurity events (CTF, Hackaton, etc.) or detect new talents. Faced with these needs and to answer to many requests from schools and companies, we have taken the time to prepare a complete offer that you can now find on the Root Me Pro platform.

For more information, do not hesitate to contact the Root Me Pro teams!


23 January 2020

Synacktiv is sponsoring Root-Me !

Synacktiv is a company specialized in offensive security, founded in 2012 by several experts in the field. We recruit skilled people for our different teams: red teaming, reverse-engineering and development of offensive tooling. Synacktiv has a team of more than 55 security experts and 4 offices in France (Paris, Toulouse, Rennes and Lyon).

Synacktiv has received the CESTI accreditation by ANSSI (French National Agency for Computer Security) and is about to receive the PASSI accreditation.


6 December 2019

New set of challenges: AppSys/Windows

A new set of challenges on Windows binary exploitation has been published!

The first challenge is public and the remaining 3 are temporarily exclusive to premium members. These will in turn become public at the following dates:

- PE32 - Local stack buffer overflow basic: public
- PE32 - Advanced stack buffer overflow: january 3
- PE32+ Egg Hunter: february 3
- PE32+ Basic ROP: march 3


28 November 2019

API : api.www.root-me.org

An API allowing you to interact with Root-Me’s data is now available at api.www.root-me.org. The following enpoints are available:

You must be authenticated (by sending your session cookie ’spip_session’) to access it.
No rate limiting is currently set, it may evolve quickly in case of abuse

This is still a work in progress, please be mindful.


25 November 2019

New set of challenges: Programming/Ethereum

A new set of challenges on the subject of Ethereum smart contracts has been published!

The first challenge is public and the remaining 3 are exclusive to premium members. These will in turn become public at the following dates:


23 November 2019

Portal evolution: Root-Me v10

What has changed?

  • portal index has been updated and summarizes the differences between available account types :)
  • profile, score and statistics pages have evolved
  • your settings page now let you fill in an address and business information. It will help us distribute goodies for foundation members and also offer more formal interships/positions through offers brought by Root-Me Pro
  • skill badges are assigned when validating a challenge, creating a particular content or when contributing
  • a text field makes it possible to filter the list of challenges
  • the overall style evolves:
    • portal icons are now in SVG format
    • lightweight update of CSS styles
    • the new responsive design is now compatible with smaller screens

The backend also got its fair share of updates:

  • a Microsoft Windows challenge machine (!): challenge05.root-me.org
  • 20 new rooms in the CTF all day
  • dozens new virtual environment are available in the CTF All the day

Happy hacking 😉


23 November 2019

Root-Me Pro

Here we go again ^^

To meet the numerous expectations of IT security professionnals, the Root-Me association has decided to innovate once again and launched the Root-Me Pro company to commercialize services.

Stay tuned ! 😉


23 November 2019

Premium access

Faced with the recurring demands from education and industry professionals, our community model had to evolve. The creation of the premium access meets these needs by providing innovative content that will benefit the entire community.

This paying access will provide more funding for challenges that are getting more and more complex and time consuming to create. The compensation model for the challenges is thus altered to tend towards a monetary compensation reflecting the amount of time spent by the members of the foundation when creating challenges.

These challenges will be accessible for a limited period (1 to 6 months) to Premium members only. When this exclusity period ends, the challenges will be made available for everyone.

Why did we do that? Here are some of the main benefits:

  • better rewards for contributors: as a foundation member you have the opportunity to submit new challenges and get paid for it.
  • create challenges incorporating recent attack techniques and requiring environments that are often expensive (in material resources, development, management, etc.).
  • offer more content and new features each month, thanks to the support of Root-Me Pro staff.

18 July 2018

CSAW 2018

The Cyber Security Awareness Week (CSAW) is the largest student-run cyber security event in the United States. Organized by New York University (NYU), this event aims to bolster students’ awareness of cyber security (students from high schools through doctoral programs). CSAW is featuring competitions, workshops, and an industry fair allowing corporate and government organizations to promote and network with students.

The 15th contest will be held simultaneously on several continents : New-York City (NYU) for North America, in Valence (Grenoble-INP Esisar in France) for Europe and also in Israel, India and Tunisia.

The event turn around differents challenges like an entry-level CTF, an Embedded Security Challenge and others …

Inscriptions and info on https://csaw.engineering.nyu.edu/ctf