Security Hackathon 2026

Security Hackathon 2026

National Cyber Security Challenge

for the BOSS PXE Secure Platform

Register Now

About the Hackathon

The Centre for Development of Advanced Computing (C-DAC), under the Ministry of Electronics & Information Technology (MeitY), Government of India, invites Ethical Hackers, Cyber Security Researchers, Security Professionals, Academic Institutions, Start-ups, Companies and Cyber Security Enthusiasts to participate in the C-DAC Security Hackathon 2026.

The Hackathon aims to independently assess the security and robustness of the redesigned BOSS PXE Secure Platform by identifying previously unknown vulnerabilities that could enable unauthorized access or compromise critical components.

Registration


Opens
06 July 2026 (10:00 AM IST)

Closes
10 July 2026 (11:59 PM IST)

Register Online

Competition Schedule

  • Duration: Continuous 36 Hours
  • Dates: 13–14 July 2026
  • Venue: C-DAC Chennai
  • The Hackathon shall be conducted on the redesigned BOSS PXE Solution (single round).

₹8,00,000 per Winner

Maximum Winners: Four (04)

  • Each winner will receive ₹8,00,000/- for a validated and technically unique security vulnerability.
  • Rewards are subject to validation and approval by C-DAC.
  • TDS shall be applicable as per Government of India rules.

Challenge Objective

The primary objective is identifying and successfully demonstrating vulnerabilities that enable remote access to the student terminal in the examination environment.

Conditions for reward

  • Only the first participant or team to identify and successfully demonstrate a specific vulnerability or exploit methodology shall be eligible for the corresponding reward.
  • Rewards shall be awarded only upon successful exploitation and demonstration resulting in remote access to the target examination terminal. Mere identification or reporting of vulnerabilities without successful exploitation shall not qualify for any reward.
  • Rewards shall be granted only for vulnerabilities that are original, technically unique, and not previously reported. Duplicate submissions, previously disclosed vulnerabilities, minor variations, or substantially similar exploit techniques shall not qualify for additional rewards.
  • All reported vulnerabilities shall be evaluated and validated by a Technical Evaluation Committee constituted by C-DAC. The decision of the Committee regarding originality, uniqueness, technical validity, severity, successful exploitation, and eligibility for reward shall be final and binding
  • Participants are eligible for rewards only for exploits involving software-based hacks. Exploits that are solely hardware-based will not be eligible for rewards.

Eligibility

  • Ethical Hackers
  • Cyber Security Researchers
  • Faculty Members
  • Government Organisations
  • Public Sector Undertakings
  • Private Companies
  • Start-ups
  • Freelancers
  • Security Consultants
  • Registered Teams

Minimum Age: 18 Years

Individual or Team (Maximum 2 Members)

Rules & Methodology

  • Participants may use any legal security assessment tools and techniques.
  • Rewards will be based on validated, technically unique vulnerabilities.
  • Rewards follow First-In-First-Out (FIFO) validation.
  • Duplicate submissions are not eligible.
  • Maximum four winning vulnerabilities.
  • Technical Evaluation Committee decisions shall be final.

Travel, Boarding & Lodging

Travel, boarding and lodging will be provided by C-DAC for a maximum of two participants per qualifying team.

Participation Rules

  • Online registration is mandatory.
  • Reporting instructions and participation credentials will be shared with eligible participants before the event.
  • Participants are required to use only the laptops provided by CDAC for all hackathon-related activities. The use of personal laptops is not permitted. Participants may install any software or tools required for the hackathon on the allotted CDAC laptops during the event.
  • Internet connectivity will be provided through a separate designated machine made available by CDAC.
  • The use of any additional electronic devices or equipment, including external storage devices, mobile computing devices, or any other peripherals, is permitted only with the prior approval of the concerned CDAC authority.
  • All participants must carry their original Aadhaar card for identity verification. A photocopy of the Aadhaar card must also be submitted for verification purposes.
  • Participants must comply with the Hackathon Rules, Code of Conduct and all instructions issued by C-DAC.
  • C-DAC reserves the right to verify the credentials of participants and to accept or reject any nomination or invitation without assigning any reason. The decision of C-DAC shall be final and binding.
  • C-DAC shall reserve the right to verify the identity and eligibility of every participant at any stage of the Hackathon. Submission of false, misleading, or incomplete information shall render the participant liable for rejection of registration, disqualification, or cancellation of any prize awarded. All participants shall execute an appropriate Non-Disclosure Agreement (NDA) prior to participation.
REGISTER FOR SECURITY HACKATHON 2026

For any queries Email: bosslinux@cdac.in

Top