Inaugural Annual Edition • April 19-21 · VIT-AP University, Amaravati
RECON 2026
India's premier student-led DEFCON-style cybersecurity conference. Three days of offensive security, competitive hacking, and direct access to 600+ driven security engineers.
600+
Security Enthusiasts
72H
Nonstop Operations
10+
Security Villages
₹4.97L
Event Budget
Why This Exists
NOT ANOTHER TECH FEST
Recon is a national-level, security-focused, DEFCON-style campus event built for high technical credibility, real engagement, and zero compromises on safety.
Mission: Run a 3-day cybersecurity immersion under strict university constraints — sandboxed offensive security, real infrastructure, actual skill assessment — not a glorified seminar with PowerPoints.
Primary Outcomes
✓4 keynote/talk blocks delivered on schedule
✓1 overnight CTF delivered end-to-end
✓1 overnight KOTH delivered end-to-end
✓10+ side events on published schedule
✓Zero legal/policy breaches / safety incidents
Secondary Goals
→15+ sponsors/partners active
→450+ active attendance, 250+ outstation
→Live social + campus screen media footprint
Backed by IIT Madras. Organized by Open Source Community + Null Chapter at VIT-AP. Advisory:Dr. Sibi Chakkaravarty.
Scale & Impact
BY THE NUMBERS
A fully operational security conference with the infrastructure and logistics to back it up.
600
Registered Participants
250+
Outstation Attendees
40
Trained Workforce
3
Days, 72 Hours
10+
Security Villages & Workshops
20-30
CTF Challenges
12
KOTH Target Machines
15+
Sponsor/Partner Slots
Event Schedule
THREE DAYS. ZERO DOWNTIME.
DAY 1
09:30Gates Open
10:00Inauguration
11:00
Talk 1
National Workshop on System Security: From Vulnerabilities To Trustworthy Systems
13:30
Talk 2
National Workshop on System Security: From Vulnerabilities To Trustworthy Systems
15:00All Stalls Open
17:00CTF Briefing & Break
18:00Overnight CTF begins → runs until 06:00
DAY 2
06:00Recovery & Low-Intensity Block
13:30
Talk 3
National Workshop on System Security: From Vulnerabilities To Trustworthy Systems
14:30
Talk 4
National Workshop on System Security: From Vulnerabilities To Trustworthy Systems
15:30All Stalls Open
21:30Dinner + KOTH Briefing
22:00Overnight KOTH begins → runs until 06:00
DAY 3
06:00Recovery & Adjudication
14:00Finals Highlights & Lightning Talks
16:00Awards & Closing Ceremony
17:00Teardown & asset recovery
Sponsor Demo Street runs on Day 1 (16:00) and Day 2 (16:00) — your prime window for booth traffic, challenge engagement, and direct talent conversations.
Flagship Competition #1
CAPTURE THE FLAG
12-hour overnight jeopardy-style CTF. The single largest engagement window of the event.
Format
Day 1 18:00 → Day 2 06:00. Jeopardy style with 20–30 challenges across tiered difficulty levels. Dynamic hints unlock as the night progresses. Teams of 1–4. The Top 3 teams are awarded grand prizes.
Categories
Web exploitation · Binary pwn · Cryptography · Digital forensics · Miscellaneous · OSINT. Sponsors can deploy custom challenges aligned with their tech stack.
Anti-Cheat
Account/device/IP correlation checks. VPN-logged connections tied to participant IDs. Writeup audits for top 10 teams before prize confirmation.
Infrastructure
Self-hosted CTFd on AWS EC2 (t3.xlarge). CloudFront CDN for challenge files. OpenVPN overlay for isolated challenge access. Hourly snapshot backups.
Sponsor Opportunity: Deploy a branded challenge category within the CTF. Your team writes the challenges, we handle infra. Participants associate your brand with the hardest problems they solved all night.
Flagship Competition #2
KING OF THE HILL
8-hour overnight attack/defend war on live vulnerable infrastructure. The ultimate test of offensive and defensive skill.
Format
Day 2 22:00 → Day 3 06:00. 8–12 target boxes running real vulnerable services. Teams gain points for every interval they hold a machine. Red/Blue hybrid optional for finals. Teams of 1–4. The Top 3 teams are awarded grand prizes.
Target Architecture
10× AWS EC2 instances (t3.medium) in isolated VPN subnet. Automated snapshot/restore every 30–60 min to prevent dead boxes. Security groups enforce VPN-only access.
Scoring
Point accrual per hold interval. First blood bonuses. Longest hold awards. Mandatory reset windows keep competition fair and prevent box lockouts. Target rotation maintains momentum.
Prize Logic
Top 3 overall + first blood + longest hold. Side-event passport pool rewards the top 20 point earners across all activities including KOTH.
Security Villages — Part 1
HANDS-ON VILLAGES
Rotating, immersive activity zones that keep 600 participants engaged between flagship competitions.
🔐
RFID Lock Hunt
Campus-wide clue trail leading to RFID lockbox challenges. 3 programmable locks, 8 RFID keycards, key logic rotates every 2 hours. Max 3 unlock attempts per session.
Short-format FIFA/Valorant/CS2 tournaments. 12–20 gaming rigs, 20-min slot model with app-managed queues. Passport points for winners — drives sponsor zone foot traffic.
🌐
Web Exploit Dojo
OWASP Top 10 sandbox with guided 45-min modules. Beginner & advanced lanes. Containerized targets reset every session — credentials rotated per block.
🔍
OSINT Corner
Time-boxed investigations on synthetic personas & public datasets. Social graph mapping, location inference, metadata extraction. New scenario every hour.
Security Villages — Part 2
MORE VILLAGES
From AI red-teaming to career clinics — every skill level and interest has a home at Recon.
🧬
Forensics Sprint
30-min rapid DFIR cases: memory dumps, pcap analysis, log triage, steganography. Rolling case drops every hour. Individual or pairs.
🤖
AI Red-Team Mini-Lab
Prompt injection, jailbreak defenses, model misuse case studies. Attack/defend tabletop + hands-on sandbox. Teams submit exploit chain + mitigation notes.
🐛
Bug Bounty App Quest
Hidden easter egg campaign in the event app. Legally scoped targets on isolated challenge hosts. Discoverable by participants, tracked on secret leaderboard.
💼
Security Career Clinic
CV triage, GitHub profile reviews, roadmap advising, internship prep. High engagement for non-hardcore participants — a soft landing for sponsor recruitment conversations.
🏪
Sponsor Demo Street
Fixed demo blocks with mandatory interactive components. No pure sales pitches >10 min. Resume reviews, secure coding sprints, API bug hunts, RE puzzles with swag.
Audience Profile
YOUR NEXT SECURITY TEAM
Connect with India's most driven cybersecurity talent in an environment built for authentic engagement.
65%
CS & Engineering Students
40%
Final Year (Placement Ready)
250+
Active CTF Competitors
CTF Champions
Top performers from national jeopardy and attack/defend capture-the-flag competitions, looking for real-world challenges.
Placement-Ready Seniors
Final-year students actively seeking security engineering, penetration testing, and SOC analyst roles.
Security Researchers
Students publishing CVEs, discovering vulnerabilities, and contributing to open-source security tooling.
Community Leaders
Active members and leads of Null chapters, OWASP student chapters, and university security clubs.
Partnership Opportunities
SPONSORSHIP TIERS
Three tiers, one goal: measurable talent acquisition and brand visibility.
Title
₹2,00,000
(1 slot available)
Exclusive naming rights ("Powered by [You]")
30-minute keynote + demo slot on main stage
Premium booth in central networking zone
Full logo prominence on all event creatives
Dedicated challenge category in CTF
Direct access to participant resume database
5 all-access passes for recruiting team
Gold
₹75,000
(Up to 4 slots available)
15-minute presentation block
Standard booth with branded backdrop
Secondary stage/logo placement across venue
Sponsored challenge in CTF or workshop
Access to opt-in participant resume book
3 event passes for recruiting team
Community
₹25,000
(Unlimited slots)
Logo placement on website & sponsor wall
Shared booth or kiosk window in sponsor zone
Swag/reward partner recognition
Social media recognition pre/post event
1 event pass for company representative
Engagement Formats
ACTIVATIONS THAT CONVERT
No pure sales pitches. Recon sponsor activations must be hands-on technical experiences or direct career opportunities.
Secure Coding Sprint
45-min timed challenge. Participants fix intentionally vulnerable code in your provided tech stack. Winners get prizes, you identify top dev-sec talent.
API Bug Hunt (Sandbox)
Deploy an intentionally vulnerable API instance on our sandboxed network. Participants race to find bugs using your tools. Live leaderboard drives competition.
Cloud Security Quest
30-45 min misconfigured cloud environment challenge. Teams exploit (then secure) IAM, S3, or logging setups. Perfect for cloud talent.
Reverse Eng Micro-Challenge
30-min static/dynamic binary analysis puzzle. Sponsor provides the binary, participants retrieve the flag and explain the reasoning.
Career Booth & Speed Interviews
Continuous activation throughout Day 2. Perform on-site resume triage, portfolio checks, and give out "fast-track" mock interview tokens.
Measurable Outcomes
QUANTIFIED ROI
Trackable, predictable metrics to prove your sponsorship delivered real hiring and branding outcomes.
CVs
Qualified Candidate Pipeline (Opt-in)
Data
Challenge Performance Analytics
Media
Post-Event Content Assets
Reach
Tracked Footfall & Impressions
Talent Discovery
Receive resumes (with attendee consent) explicitly linked to challenge completion. Stop guessing skills during technical rounds — hire the student who solved your custom pwn challenge at 3 AM.
Documentation & Brand Engagement
Preliminary sponsor report delivered within 72 hours. Final detailed report (footfall estimates by slot, challenge solves, stage mentions) delivered within 7 days. All sponsors receive high-resolution photographic documentation of their branding, booths, and winning teams for internal verification and marketing.
Behind the Scenes
ENTERPRISE-GRADE INFRASTRUCTURE
We built a resilient, cloud-first architecture so operations never fail when the campus network inevitably chokes.
OpenVPN Overlay Network
Campus IT restrictions bypassed safely. All participants connect to AWS OpenVPN via custom .ovpn profiles (600+ unique configs tied to IDs). 10.8.x.x subnet access only.
AWS EC2VPNAnti-Cheat
Cloud-Hosted Flagships
CTF platform running on scalable self-hosted instances. KOTH comprises 10 isolated targets running in a locked-down VPC with automated snapshot restores.
CTFdAWS S3CloudFront CDN
Strict Compliance & Safety
All targets are strictly sandboxed. Zero-trust regarding university infrastructure. Full logging for challenge environments. Clear vulnerability disclosure policies and immediate disqualification protocol for out-of-scope attacks. Incident response playbook active 24/7.
Key Dates
PARTNERSHIP TIMELINE
Structured milestones to ensure flawless execution and mutual preparedness.
T-30
Mar 20: Sponsor commitment period opens. Select tier, outline activation format.
T-21
Mar 29: Commercial intent locked. SOW signatures and package confirmation.
T-14
Apr 5: Assets freeze. Branding assets, final copy, and initial logistics brief submitted.
Apr 28: Deliverables. Final sponsor analytics report and candidate database handover.
Let's Build This Together
SECURE YOUR HIRING FUNNEL NOW
Sponsor slots are capped to maintain event quality and ensure high ROI for all partners. Reach out to discuss how Recon 2026 fits your technical recruitment strategy.
