Solve puzzles and hacking challenges to find the keys and escape the simulated universe and listen to some cool music at the same time!


The Mammoth mini-CTF is a music themed mini-CTF that is mostly self-contained in an .mp3 file which will be posted in the github repository when the contest starts. To listen to the song check it out on soundcloud.

This mini-CTF is jeopardy style with 10 challenges. The challenges are puzzle based and generally involve music related themes. They involve a wide variety of things like steganography and hiding/encoding data in various music/audio formats, a basic encryption challenge, a couple networking related challenges and even a challenge involving chatting with an AI over the phone to convince it to give you the key! No software or binary exploitation skills are required, but some challenges are significantly easier to solve with coding/scripting.

The contest will start at 2023-08-05 00:00 UTC (2023-08-04 17:00 PT) run for just over a week until 2023-08-14 00:00 UTC (2023-08-13 17:00 PT).

To register a user click here!!


Help us escape this simulated universe!! We’ve just discovered that our Project Mammoth counterparts from an adjacent universe have found a way to break out of their universe and they’ve provided us with some clues to help us escape ours as well! You can help by solving these challenges to find the keys to escape.

Key Formats and submitting results

Prizes and Such


If you’re stuck on a challenge and would like a hint, there are hints listed with each challenge on the scoreboard site. If you're still really stuck, tag us or DM @prjctmammoth on Twitter, or alternatively email us at prjctmammoth [at] -- We want everyone with an interest at all skill levels to have fun, so we're happy to help! Responses are best effort since we’ll also be attending Defcon :).

About the song

This year's theme for the song is "The sound of an exploit". It is our take on the sound of a software exploit with sounds generated by tracing vulnerable software as it is exploited by a buffer overflow.

The official contest version of the song file can be found in the github repository after the contest starts. You can also listen to the song on soundcloud, but note that only the official .mp3 has the CTF contest data encoded in it.

Note: The contest mp3 file is benign and does not contain any exploits or malicious payloads. Other than having some extra metadata embedded in it, it's a normal mp3 file and safe to open. We'll update here with a VirusTotal Scan link for reference when the contest starts.



File Hashes

SHA1 hashes: