New CTF Live! Supply Chain Compromise

Extract IOCs, attribution, write detection rules, submit a report!

Author

Level Effect
May 22, 2026

We built out CTF features. This is NOT a typical CTF.

Same artifacts an IR team would actually see. Same deliverables they'd write.

This is a modern supply chain compromise, like all the npm and dependency issues we're seeing.

PHANTOM - Case File CTF #1 on all facets of CTI:

  • Pull 10 IOCs out of a real artifacts

  • Write up attribution and impact, conclusions backed by evidence

  • Build 3 detection rules, and test them: YARA, Snort, Sigma

  • Prepare a threat hunt with your own KQL or PowerShell query

  • Deliver a complete incident report that is manually reviewed

We’ll be doing a CTF or Challenge like this once a month moving forward.

Join up below!

Phantom

PHANTOM CTF I Welcome to Level Effect's first major CTF on our Guardian Foundry platform. This is not your typical CTF hunting for flags and IOCs. You'll be performing and delivering on real work

foundry.leveleffect.com/ctf/phantom

Leaderboard, points, first blood, hints... and prizes!

  • CDETH voucher

  • DE&TH Challenge pack

  • 1 Month free Adventurer

  • 1 Month free Guardian

  • Walk away with the PHANTOM badge and your rank! 🔥

FREE and open to all.

Runs until Sunday May 24 at 10AM EST.

Kickoff stream earlier walking through it!

Level Effect Team

Reply

or to participate.