Thijs Bosschert
Thijs is the team-lead of the team that organizes the CTF at WHY2025. Thijs has taken on this same role at OHM2013, SHA2017 and MCH2022.
Thijs has been an active CTF player for many years with teams such as Eindbazen, Jobless Hackers, Hack.ERS and Spotless. With those teams he won multiple large CTFs including multiple years of the Global CyberLympics. In his daily life Thijs is a technically-strong and creative security professional focused on solving any incident or challenge he comes across. Thijs has been active in the security field since the early 2000s, and has a background in incident response, gamification, red/purple-teaming and penetration testing. Thijs also builds escaperooms, a topic he has presented on at SHA2017.
Sessions
WHY2025 contains a lot of activities and entertainment for the attendees. This presentation focuses on two of these activities, namely the CTF (Capture The Flag) and Secret Token Game. These activities focus on a wide range of visitors, including seasoned hackers, inspired newcomers and even the youngest generation. Want to try the CTF or search for some Secret Tokens? Join this talk for an introduction and background information.
The WHY2025 Capture the Flag competition (CTF) has multiple lockpicking challenges as part of the CTF. Successfully picking these locks gives you one of the flags. To be able to create a solid CTF challenge out of an ordinary lock we had to come up with some kind of solution. We used our past experiences in CTFs as inspiration to see how we could do it better. This talk shows the concepts we came up with and which are currently used in the WHY2025 CTF.