Contact us
Request demo →
Contact us
German website

6 Tips for a successful Hâck The Hague experience

by Cybersprint Blog 29 Jul 2021

Previous experiences thought us that you don't have to be an experienced hacker to successfully compete at Hâck The Hague. You definitely don’t have to know everything about all the tools and technologies, a basic knowledge can suffice. What's most important is to play on your strengths. Every person has a unique way of looking at things and can find vulnerabilities that others overlook. Rely on your own skills and creativity and use the tricks you know well.

Participating in hack events like Hâck The Hague is an excellent opportunity to enhance your hacking skills. We have selected 6 tips that will help both students and professionals prepare for this year's Hâck The Hague:

1. Update your laptop

Make sure you come with a laptop that is fully updated with the latest versions of all the tools you might need. Think for example of Kali, the most extensive package or Parrot. And make sure you have everything at your fingertips.

2. Team participation

If you participate with a team, make the most of the individual skills of your team members. We recommend to have a generalist who can keep an overview of the entire playing field, someone who knows all the ins and outs of specific tools, and someone who can dive deeper into certain areas that need further exploring. Task management is key in team collaborations. Every individual has his/her own way of looking at things and will therefore find vulnerabilities that others might overlook. Together you know more than on your own, so make sure to use each other as sparring partner during the event.

3. Role of team captain

The biggest challenge a team captain faces is to make sure that team members focus on the tasks where they add most value. Keep in touch with your team members and their efforts whilst focusing on your own job - so a bit of multitasking skills might come in handy too. Other important aspects for team captains to be aware of is that you are responsible for a timely submission of the proof of concept of your team, that you are required to be (digitally) present at the award ceremony with your camera turned on, and that you are the spokesperson for the entire team before, during and after the event.

4. Preparation

You might prepare for Hâck The Hague last minute (or not at all), but when you participate with a team it’s worthwhile to start earlier. Discuss strategy, who will be responsible for what, and how you plan to keep track of each other’s activities.

5. Refresh your skills

  • Practice by means of Capture the Flag events like the OWASP Juice Shop.
  • Another place where you can find plenty of training material to help you come well prepared is Hack the Box Academy.
  • Check out the OWASP Top Ten, a description of ten common security risks of web applications.
  • Tryhackme also offers challenges to practice your skills.
  • Certified Secure also offers all kinds of challenges, including theoretical knowledge that might come in handy. They also offer companies checklists so they can verify the digital security of their apps and systems.

6. Rules of engagement

Make sure you review the rules of engagement carefully. The rules of engagement outlines the scope of what can be hacked during the competition. Please make sure to prevent data leaks from happening, disrupting systems or websites and ensure you don't break anything. Needless to say brute-forcing and ‘flood based’ attacks are not allowed. Also, excessive generating of traffic with automatic tools such as Dirbuster, Nmap, Skipfish and so on to scan the environment broadly, must therefore be limited (non-intrusive).

Tips for students

As a student you might find these following tips from fellow students helpful:

  • 2019 Student winners Marius and Robin tell you all about their (lack of) preparation in this video and how they came to their winning hacks.
  • Check out 2019 Student winner Michael de Klein’s preparation and experience here.
  • Download the student information leaflet here.

Last but not least, keep an eye out for the Hâck The Hague website where we regularly post tips and tricks and explain how submitted vulnerabilities of past events were being resolved.

Hâck The Hague 2021 in the media

An awesome event like Hâck The Hague is bound to grab attention in the media. How many municipalities and organisations voluntarily allow their systems to be hacked? Not that many, and definitely not by 200 hackers at the same time! From interviews with hackers, to articles about the competition. We have summarised the most remarkable coverage for you in this blog post. 

read more

Hâck The Hague 2021 Press Release

The Hague, 27 September 2021 – Today the digital infrastructure of the municipality of The Hague was scrutinised by 206 ethical national and international hackers. Among the 125 reported vulnerabilities were; unsafe access to accounts, outdated software, the ability to inject malicious code into a website and an account that could be taken over completely.

read more

Hâck The Hague programme: sneak preview

We have planned an exciting programme for Hâck The Hague that will air on 27 September. Expect fun podcasts and videos about cybersecurity in all shapes and sizes. We tested citizens of The Hague on their knowledge of cybersecurity and held exclusive interviews with both professional and student hackers. What will they share? Here's a sneak peak. 

read more

Do you have a question?

Our experts have the answers

Contact us