breves News
challenges Challenges
solutions  Solutions
news Forum
offre Offers


1 month ago #

leHACK is back in 2022

leHACK returns on June 24 and 25, 2022 at the Cité des Sciences et de l’Industrie in the heart of Paris.
The event will take place this year over 2 days of conferences and workshops, as well as the wargame which will be held as always on Saturday evening.
The Call for Paper is still open at the following address
Tickets for leHACK are on sale here


2 months ago #

MidnightFlag - INFEKTION CTF

Want to learn more about the dark side of the Cold War?
Want to participate in a beginner/intermediate level CTF?
Whether you are a student or a professional, the second edition of MidnightFlag is for you!
Choose your most reliable allies and join us in this mysterious conflict...

Whoami? ESNA students
Date? The night of April 23rd to 24th, from 8pm to 6:30am (CEST)
Location ? Online

To register, go to:
You can find the trailer here:

More information on the Twitter and Discord server of the event !

Twitter :
Discord :

2 months ago #

New cryptanalysis challenges

A new series of cryptanalysis challenges is available:

 PHP - mt_rand
 FEAL - Differential Cryptanalysis
 Side Channel - AES : first round
 Side Channel - AES : CPA

Thanks to Tosh, cb34, walafc0, NonStandardModel for their contributions!

3 months ago #


We are pleased to welcome a new Expert sponsor to support our community: OTERIA CYBER SCHOOL.

The school will open its doors in September 2022 to train the new generation of cybertalents.

Most of the first students are Root-Me regulars. Like them, come and convert your cyber fiber into practical realities, apply your talent to the challenges of today’s world.

The school is open to candidates with a minimum education of two years after graduation or two years of professional experience in IT.


  • An educational program designed by the leaders of the sector (startups and industrial groups)
  • A specialized teaching staff from the best institutions: Director of the Cyber Master’s program at Centrale Paris, Incident Responder at Airbus Cybersecurity, Gendarmerie Reservist Commander, Specialist in the fight against cybercrime, Doctoral student in cybersecurity
  • A Technical Expert in Cybersecurity training which takes place in 2 or 3 years, entirely on a work-study program, with a level 7 RNCP certified title (ie Master) recognized by the state
  • A final year of specialization:
    • Architect & DevSecOps option
    • Pentest & SOC option
    • Governance, Risk and Compliance option
  • An innovative campus, pleasant to live in, including a room dedicated to CTFs, located 15 minutes by metro from the Gare Saint Lazare
  • A privileged link with partner companies and support in finding your work-study program. Next recruitment forum dedicated to Oteria students on March 18th with Thales, Airbus Cybersecurity, Renault, KPMG, Almond, SNCF, Sopra Steria, etc.
  • Innovative and operational training tools including Root-Me PRO game environments

Make an impact and be part of the elite of cyber defenders anchored in the world around us by joining OTERIA.

To apply, visit
If you have any questions, send an email to

3 months ago #

New series of Docker challenges

Here is a series of docker oriented app-script challenges. You will learn how to use docker vulnerabilities in order to escape the containers and access the host system.

Thanks to Nishacid for these challenges !

December 2021 #

New forensic challenges

Here is a new series of mobile oriented forensic challenges.

You will be able to investigate many artifacts present in Android and iOS systems. Three challenges are available: an introduction to the investigation of an iPhone, the exploration of the RAM of an Android, as well as a complete investigation of these two types of phones.

Thanks to Worty and Itarow for these new challenges !

October 2021 #

New Web challenges : client & server

Here is a new series of client and server web challenges.
In this series, you will learn about sometimes little-known vulnerabilites, namely an introduction to Web Socket security, a first challenge about Prototype Pollution in NodeJS and an advanced PHP object deserialization.

Thank you Worty for those new challenges!

August 2021 #

New set of challenges in Web Client

Here is a new series of client web challenges on XSS DOM Based vulnerabilities.

Thanks to Ruulian for these challenges!

July 2021 #

New set of challenges in Cryptanalysis

Here is a series of challenges to discover new types of hashes that you will generally encounter during pentests on Windows infrastructure. You will learn to recognize them in the outputs of the tools from the Impacket suite.

Thanks to Shutdown, Tidusrose and Podalirius for these challenges!

May 2021 #

New App-System challenges

New mitigations make memory corruption exploitation increasingly harder. Therefore, Hackers must prove again their ingenuity against them in order to bypass these protections, and obtain a shell.
Sharpen your app-system skills with this new series of challenges!

Big thanks to kikko, voydstack and nobodyisnobody for the development of these new challenges!