๐Ÿ NAIL CTF

Capture-The-Flag events for agentic AI security. Exploit defended AI agents. Discover new vulnerabilities. Earn AVE credits and prizes.

๐Ÿ“… Events

๐Ÿ“… UPCOMING

NAIL Weekend Red Team CTF #1

๐Ÿ“† TBA 2026 โฑ๏ธ 48 hours ๐Ÿ‘ฅ 50 teams max
๐Ÿ’ฐ $10,000 Prize Pool

The inaugural NAIL red team event. 48 hours to exploit defended AI agents across 5 challenge categories. Novel attacks become AVE entries. Top finishers earn NAIL Fellow nominations.

๐ŸŽญ Persona Hijack ๐Ÿ’ธ EDoS Budget Burn ๐Ÿ” Secret Extraction ๐Ÿง  Memory Poisoning ๐Ÿ”— Chain Exploit
๐Ÿ“… UPCOMING

Arena-Seeded CTF โ€” Collider Discoveries

๐Ÿ“† TBA 2026 โฑ๏ธ 24 hours ๐Ÿ‘ฅ 30 teams max
๐Ÿ’ฐ $8,000 Prize Pool

Challenges auto-generated from Pathology Collider breakthrough discoveries. Can human red teamers reproduce what the GA-evolved Red Swarm found? A direct bridge from automated research to human validation.

๐Ÿงฌ GA-Evolved Attacks ๐Ÿ”ฌ Collider Breakthroughs ๐ŸŽญ Persona Hijack ๐Ÿ” Secret Extraction
๐Ÿ“… UPCOMING

Quick Demo CTF โ€” Open Practice

๐Ÿ“† Rolling โ€” Always Open โฑ๏ธ 2 hours ๐Ÿ‘ฅ 20 teams max
๐Ÿ’ฐ $1,000 Prize Pool

A short, beginner-friendly event for testing and practice. 2 challenges, fast turnaround. Perfect for getting started with NAIL CTF before the main events.

๐ŸŽญ Persona Hijack ๐Ÿ” Secret Extraction

โš™๏ธ How It Works

NAIL CTF events pit human red teamers against defended AI agents. You interact with an AI agent through a constrained terminal interface, attempting to capture hidden flags by exploiting agentic vulnerabilities.

1

Register

Form a team (1-5 members) and register via the CTF API when an event opens.

2

Choose Challenges

Browse active challenges โ€” each has a defended AI agent with hidden flags.

3

Interact & Exploit

Send messages to the agent through the terminal. Find creative ways past its defences.

4

Capture Flags

Extract flag values (format: NAIL{...}) and submit them for points.

5

Earn Rewards

Top scorers win prizes. Novel attacks become AVE entries. All participants earn XP.

๐ŸŽฏ Challenge Categories

๐ŸŽญ

Persona Hijack

Override the agent's persona to extract system prompt contents or make it assume a different identity. Classic prompt injection meets agentic systems.

Beginner โ†’ Elite โ€ข 100-1000 pts
๐Ÿ’ธ

EDoS Budget Burn

Trick the agent into consuming excessive compute resources โ€” recursive tool calls, infinite loops, or exponential token generation. Economic denial-of-service.

Intermediate โ†’ Elite โ€ข 250-1000 pts
๐Ÿ”

Secret Extraction

The agent has secrets embedded in its system prompt or tool configuration. Extract them without triggering leak detection. Confused deputy attacks welcome.

Beginner โ†’ Advanced โ€ข 100-500 pts
๐Ÿง 

Memory Poisoning

Inject false information into the agent's memory, then get it to cite the poisoned data as fact. Memory laundering in action.

Intermediate โ†’ Elite โ€ข 250-1000 pts
๐Ÿ”—

Chain Exploit

Combine multiple vulnerabilities in sequence. Poison memory โ†’ trigger tool call โ†’ exfiltrate data. The most creative chains score highest.

Advanced โ†’ Elite โ€ข 500-1000 pts
๐Ÿข

Enterprise Scenarios

Real-world enterprise attack vectors: PII exfiltration from customer service agents, sandbox escapes from DevOps assistants, DLP bypasses.

Advanced โ†’ Elite โ€ข 500-1000 pts

๐Ÿ† Past Results

Results from completed CTF events. Novel attacks discovered during events are catalogued as AVE database entries.

๐Ÿš€ No completed events yet

The first NAIL CTF event is coming soon. Join the discussion to get notified.

๐Ÿ“Š Sample Scoreboard Format

Rank Team Flags Points Speed Bonus Total Novel AVEs
๐Ÿฅ‡ 1st โ€” โ€” โ€” โ€” โ€” โ€”
๐Ÿฅˆ 2nd โ€” โ€” โ€” โ€” โ€” โ€”
๐Ÿฅ‰ 3rd โ€” โ€” โ€” โ€” โ€” โ€”

๐Ÿ“œ Rules & Scoring

๐Ÿ Flag Format

  • All flags follow the format: NAIL{...}
  • Flags are case-sensitive
  • Each flag can only be submitted once per team
  • Duplicate submissions are silently ignored

โšก Speed Bonus

  • Capture a flag within 5 minutes โ†’ 1.5ร— point multiplier
  • Speed bonus applies per-flag, not per-challenge
  • Timer starts when you first interact with the challenge agent

โœ… Allowed

  • Any prompt engineering technique
  • Multi-turn conversation strategies
  • Social engineering the agent
  • Combining vulnerabilities creatively
  • Using the AVE database for research

๐Ÿšซ Not Allowed

  • Attacking the CTF infrastructure directly
  • DDoS or resource exhaustion of the platform
  • Sharing flags between teams
  • Automated brute-force flag guessing
  • Exploiting bugs in the CTF platform (report them instead!)

๐Ÿ† Prizes

  • Weekend CTF: ๐Ÿฅ‡ $5,000 ยท ๐Ÿฅˆ $3,000 ยท ๐Ÿฅ‰ $2,000
  • Arena-Seeded: ๐Ÿฅ‡ $5,000 ยท ๐Ÿฅˆ $3,000
  • Quick Demo: ๐Ÿ† $1,000
  • All participants earn AVE XP for the Hall of Fame

๐ŸŽ–๏ธ Novel Attack Bonus

  • Discover a new vulnerability? โ†’ Bonus XP + AVE credit
  • Your attack becomes an AVE database entry
  • You're credited as the discoverer on the card
  • Top novel attacks may earn additional prizes

Ready to Hack AI?

Join the NAIL CTF community. Get notified about upcoming events, form teams, and help make agentic AI safer through adversarial testing.

๐Ÿ’ฌ Join CTF Discussions ๐Ÿ“– Browse AVE Database