What is Native Client?
Native Client is an open-source research technology for running x86 native code in web applications, with the goal of maintaining the browser neutrality, OS portability, and safety that people expect from web apps. We’ve released this project at an early, research stage to get feedback from the security and broader open-source communities. We believe that Native Client technology will someday help web developers to create richer and more dynamic browser-based applications.
About the contest
Do you think it is impossible to safely run untrusted x86 code on the web? Do you want a chance to impress a panel of some of the top security experts in the world? Then submit an exploit to the Native Client Security Contest and you could also win cash prizes, not to mention bragging rights.
What is the contest
This is a contest with the goal to test the security of Native Client.
To participate, you will need to:
- Register yourself (or your team)
- Download our latest build
- Join the NaCl discussion group
- Report the exploits you find to our team
You can register for the contest on Wednesday, February 25th 2009. The contest will end on Tuesday, May 5th 2009 at 11:59:59 Pacific time. Sign up early to start reporting exploits as soon as possible.
What’s in it for you
Participating in the contest means that you will engage with early stage research technology. In addition, your work will be reviewed by a panel of security experts from some of the world’s most renowned universities, chaired by Edward Felten of Princeton University. Finally, by submitting high impact bug(s), you will also have the chance to compete to win one of our five cash prizes, as well as the recognition of your peers.
Eligible participants that are ranked in the top 5 positions of the competition by Judges will receive the following awards in U.S. Dollars based on their rank:
1st prize: $8,192.00
2nd prize: $4,096.00
3rd prize: $2,048.00
4th prize: $1,024.00
5th prize: $1,024.00
Winning Entries will be announced on or about December 7th.
- Dradis v2.9 – Information Sharing For Security Assessments
- MagicTree v1.3 Available For Download – Pentesting Productivity
- Kvasir – Penetration Testing Data Management Tool
- 2007 Hacker Reverse Engineering Challenge
- Mac owned on 2nd day of Pwn2Own hack contest
- Odysseus Proxy for MITM Attacks Testing Security of Web Applications.
Most Read in General Hacking:
- 10 Best Security Live CD Distros (Pen-Test, Forensics & Recovery) - 1,133,888 views
- Hack Tools/Exploits - 577,275 views
- Password Cracking with Rainbowcrack and Rainbow Tables - 411,940 views