Rawsec was originally a French security CTF team but is now International because people from all around the world joined us. It was created in January 2016 by noraj. We frequently participate in both online and on site security Capture The Flag competitions, publish write-ups on CTF tasks.

More details about what is a CTF.

Rawsec currently has:

  • Active members:
Pseudo Position Description CTFTime profile Posts on the blog
noraj [Captain] Cyber-security engineer & Pentester link link
OddCoder [Forensic Quarterback] Freelance Software engineer link link
highsenburger69 [ROP-a-dope] High School Student Script Kiddie link
imth [Esoteric Programming Language Punter] Computer Science Student link link
pxmme [Web Offensive guard] CTF enthusiast link
fuzzer [Pwn Offensive tackle] CTF enthusiast link

Feel free to ask for joining the team, we are looking for active members. We are available on Discord. You can also try CTFTime private message or Twitter.


Rawsec is also a blog talking about IT and news but it is more focus on security and linux. The blog is also hosting Rawsec's (CTF team) write-ups. The blog is managed by noraj (Alexandre ZANNI).


In Cyber-Security, Capture the Flag (CTF) is a special kind of information security competitions. There are two main types of CTFs: Jeopardy and Attack-Defence.

CTF contests are usually designed to serve as an educational exercise to give participants experience in securing a machine, conducting and reacting to the sort of attacks found in the real world or improve their pentesting skills.

Jeopardy-style CTFs has a couple of questions (tasks/challenges) in range of categories. For example, Web Exploitation, Forensics, Cryptography, Binary Exploitation or something else. Team can gain some points for every solved task. More points for more complicated tasks usually. In some CTFs, the next task in chain can be opened only after some team solve previous task. Then the game time is over, sum of points shows you a CTF winner.

Attack-defence or Wargame is another interesting kind of competitions. Here every team has own network (or only one host) with vulnarable services. Your team has time for patching your services and developing exploits usually. So, then organizers connects participants of competition and the wargame starts! You should protect own services for defence points and hack opponents for attack points. Historically this is a first type of CTFs, everybody knows about DEF CON CTF - something like a World Cup of all other competitions.

CTF games often touch on many other aspects of information security: cryptography, steganography, binary analysis, reverse engineering, mobile security, programming and others. Good teams generally have strong skills and experience in all these issues.

The tracking of the CTF's is often done in the website ctftime.org and write-ups will be written by the players (and sometimes organizers) and will be hosted on team's blog or git repository.

Sources: CTFTime - Wikipedia 1 and 2