Challenges & Games

BOTNET game caveat · primary project source · documented

The project page describes unauthenticated remote command execution within the badge's Bluetooth mesh as an event game mechanic and explicitly ties it to the badge ecosystem.

The catalogue records the game behavior without implying broader real-world botnet capability beyond the AND!XOR badge network described by the project owners.

AND!XOR DC27 project page.

CTF and sponsor boundary · official source wording · documented

The official CTF page says there were no physical challenges in 2025, and the sponsors page proves the BitSight Badge Sponsor slot but not the badge design, sponsor-logo placement details, or production vendor.

The record avoids turning the electronic badge into a proven badge-CTF platform or adding unsupported physical-design claims.

BSidesLisbon 2025 CTF and sponsors pages.

CTF boundary · official source separation · documented

The official page also announces public CTF challenge source, but does not connect those CTF files to badge hardware or badge firmware.

The catalogue avoids merging the online CTF archive into the badge record without source-backed badge integration evidence.

CarolinaCon Online 2021 official page.

CTF firmware release caveat · official badge page · source still pending

The official badge page still says the CTF challenge firmware source code will be released after the event, but the public sources checked in this pass did not expose that release.

The catalogue keeps the CTF flashing-station workflow as source-backed event behavior while avoiding a false claim that the CTF firmware source has already been published.

Disobey 2026 badge page and public repository refresh.

CTF/backend archive boundary · public firmware and write-up sources · partial archive

The public firmware and write-up repositories document major badge CTF surfaces, but this pass does not prove that every private backend, provisioning script, factory image, key, leaderboard implementation, or organizer service has been published.

Software claims stay limited to the recovered TechMaker post, public firmware tree, public CTF writeups, and talk material.

NoNameBadge public firmware project and Coders in UA CTF write-up repository.

CTF/backend archive boundary · public article, firmware tree, and write-up sources · partial archive

The public firmware archive omits the private CTF portion by TechMaker's own framing, and the CTF write-up repository reconstructs public challenge paths rather than proving that every backend, provisioning, leaderboard, key, or organizer service was released.

Software claims stay limited to the recovered TechMaker article, public firmware tree, schematic, and CTF write-up repository.

NoNameBadge 2020 public firmware project and Coders in UA CTF write-up repository.

EEPROM corruption recovery · primary docs · documented recovery path

The troubleshooting section documented an unresponsive three-red-light state as EEPROM corruption and directed attendees to Badge.Team members for quick reprogramming.

The record captures both a failure mode and the on-site support workflow that kept the challenge playable.

HackerHotel 2020 troubleshooting docs.

Uber Badge caveat · official registry · documented; no 2026 awardee claimed

The current Uber Badge page documents the lifetime-admission award model and public registry, but the public registry does not list a 2026 badge-challenge winner as of the current recheck.

The catalogue treats Uber Badges as an award lineage attached to the challenge and avoids naming unverified 2026 winners.

BSides Tampa Uber Badge registry page, rechecked 2026-05-21.

analog scope · source-backed · documented

DEF CON 23's official badge is documented as a fully analog playable record rather than an electronic board.

The compendium avoids MCU, firmware, LED, battery, and circuit claims and records the audio, physical, lanyard, and printed clue surfaces instead.

Hackaday, The Register, and DEF CON 23 challenge writeups.

archive split · current source trail · documented

Badge facts are split across the NearForm repository, hardware directory, NodeBadge app page, Espruino event note, and Hackaday report.

The dossier separates hardware, software, event, and challenge claims by source instead of treating one page as a complete archive.

NearForm GitHub repository, nodebadge.org, Espruino, and Hackaday.

archive-depth caveat · source-backed but incomplete · needs deeper artifact inventory

The public repository preserves firmware, Gerbers, SPI tools, troubleshooting, and a flash image, while this pass does not audit every firmware commit, CTF flag, Slack hint, scoreboard state, patch, land-mine flag, or physical drop artifact.

The record captures the verified hardware/software surfaces without claiming complete CTF reconstruction or complete production logistics.

AND!XOR DC28 RTFM, CTF walkthrough logs, and GitHub repository.

artifact classification · official wiki sources · modeled conservatively

The public sources prove a Shadybucks wristband, Shady Tag identity workflow, and badge CTF entry path, but not a recovered universal electronic PCB badge archive.

The record is classified as an identity/payment and CTF artifact instead of inventing electronics, components, firmware, or distribution details beyond the official wiki.

Shadybucks and Euphoria CTF wiki pages.

artifact classification · primary official media attachments · documented narrowly

The recovered sources prove official 2021 badge-art variants, but not a physical badge, lanyard credential, electronic badge, PCB, firmware, badge challenge, or production/distribution quantity.

The entry is modeled as official role and competition badge artwork instead of being upgraded into an unsupported hardware badge.

Ekoparty attachment titles for attendee, speaker, workshop, ACFT, ICFT player, and Lado B variants.

artifact classification · primary writeup · documented

The source proves a custom Game Boy game artifact for H2HC, but not a conference PCB badge, firmware repository, or electronic badge board.

The entry is classified as a playable event artifact rather than upgraded into unsupported electronic-badge claims.

Security-Bits H2HC 2023 Game Boy writeup.

artifact detail boundary · official sponsorship source but narrow · classified as badge-sponsor inventory

The recovered public source trail proves a Badge Sponsor slot for the 2025 event, but does not prove an electronic badge, final printed credential design, lanyard artwork, sponsor imprint, attendee distribution count, schematic, PCB, firmware, challenge behavior, or production files.

The dossier preserves the real public badge-sponsor evidence while avoiding unsupported hardware or final-artifact claims.

BSides Cape Town 2025 sponsor page and Quicket event page.

artifact-depth caveat · source-limited · needs official badge archive recovery

The recovered notes prove a paid badge option, but they do not say whether the badge was printed, electronic, PCB-based, lanyard-only, challenge-enabled, or produced in a specific quantity.

The catalogue keeps the 2018 record as a paid-badge entitlement and avoids unsupported physical or electronic details.

Arizona LoCo Team September 2018 notes.

artifact-depth caveat · source-backed but incomplete · needs deeper archive recovery

This pass relies on contemporary Hackaday technical coverage and DEF CON host-event context but does not recover an official Queercon 16 badge repository, firmware archive, full ARG ruleset, or production photo set.

The catalogue records verified hardware and social-game behavior while leaving firmware, challenge, and complete variant archaeology for a later pass.

Hackaday Queercon 16 article and DEF CON 27 host archive.

attendee reverse-engineering shortcut · attendee writeup · documented

Cryptax documents extracting and decrypting the flag database through the MicroPython filesystem rather than solving every challenge through the intended path.

The record keeps this as a CTF-solving and archive detail rather than treating it as a badge defect or official intended workflow.

Cryptax BSides Kristiansand Badge CTF 2025 write-up.

audio-artifact caveat · source-backed but incomplete · needs deeper artifact inventory

Public sources document the cassette, liner, lanyard, and media-server availability, but this pass does not mirror or audit every audio file, transcript, tape variant, or final puzzle solution branch.

The catalogue records the verified analog badge surfaces and leaves complete audio forensics for a later artifact-level pass.

DEF CON forum challenge post, Hackaday hands-on article, and CIRCUITS TO KERNEL writeup.

boot timing caveat · public badge guide · historical

The guide says the badge sends its interesting serial output during boot and users may see nothing if they connect too late; it estimates about 90 seconds before the OS and CTF app finish booting.

This captures a practical beginner trap: the badge worked, but the serial workflow depended on reconnect timing and terminal setup.

Jump ESP, jump! badge guide and migrated mirror.

budget scope · current project page · documented caveat

Badge.Team explicitly calls out fitting the LoRa, keyboard, big-screen, ESP32-P4 ambition into budget as the next challenge.

The final badge may differ from the early public ambition, so hardware claims should be revisited when production docs are published.

Badge.Team homepage HackerHotel 2027 section.

builder-completion caveat · primary project and Hackaday article · documented

Public sources describe the badge as a PCB canvas with space for builders to add their own electronics, including a MicroMod variant, rather than a complete stock electronics-and-firmware package.

The record avoids inventing a fixed MCU, app set, puzzle, or firmware behavior for the base Remoticon.2 template.

Hackaday article, Hackaday.io project description, file list, and project logs.

challenge-archive caveat · organizer walkthrough · partial public reconstruction

The walkthrough documents the solved path, but this pass does not preserve all original challenge pages, audio, images, or server state.

The catalogue summarizes the puzzle structure while avoiding claims that the live challenge infrastructure remains complete.

2021 Kākācon badge challenge walkthrough.

challenge-archive caveat · organizer walkthrough · partial public reconstruction

The walkthrough documents the solved path, but this pass does not preserve all original challenge pages, images, or server state.

The catalogue summarizes the puzzle structure while avoiding claims that the live challenge infrastructure remains complete.

2022 Kākācon badge challenge walkthrough.

challenge-artifact caveat · source-backed but incomplete · needs deeper artifact inventory

Public sources document hardware, firmware updates, SAO/IR hints, serial/Morse material, and solving paths, but this pass does not mirror or audit every firmware image, forum attachment, add-on, or final badge state.

The catalogue records the verified hardware and challenge surfaces while leaving full artifact preservation for a later pass.

DEF CON forum badge-hacking thread, Hackaday hands-on article, and Science Viking Labs writeup.

challenge-artifact classification · official C517 source plus first-hand finalist writeup · documented

The ESP32 trinket is documented as a TISC finals challenge device handed to finalists, not as an all-attendee DEF CON Singapore badge or universal conference credential.

The catalogue includes it as a source-backed C517 Village challenge artifact while avoiding an official admission-badge claim.

CSIT C517 Village page, U-Zyn Chua finalist writeup, and DEF CON Singapore event page.

challenge-author caveat · first-hand writeup · documented

The challenge author states that he did not have a badge before the conference and used Yardstick One hardware to mimic the badge RF environment during development.

The dossier distinguishes the badge hardware from the off-badge development and challenge-server test setup.

SensePost BSidesCPT17 RFCat challenge writeup.

challenge-completion caveat · primary retrospective · documented

The retrospective says more than four dozen people actively worked on the B.E.N.D.E.R. challenges, but that no individual player beat the full game during the event because progress was spread across different challenge areas and social collaboration did not converge in time.

The software record describes the intended and observed challenge surface without implying a completed public solve path for every attendee.

AND!XOR DC26 retrospective.

challenge-detail caveat · official source but intentionally narrow · needs post-event walkthrough

The badge-challenge page deliberately withholds hints and says it is possible there may not be a winner this year; this pass did not recover an official puzzle solution, final badge artwork, clue inventory, or challenge source archive.

The entry keeps the challenge description narrow until an official or first-hand walkthrough appears.

BSides Tampa 2026 badge-challenge page.

challenge-spoiler source caveat · source-backed · documented caveat

The strongest surviving public technical sources are post-event challenge writeups that contain flag-recovery detail rather than neutral hardware documentation.

The catalogue uses them to prove badge behavior and firmware surfaces while avoiding full solution reproduction in the main badge summary.

Darkglade Ruxcon 2017 HHV Badge Flag Part 1 and Part 2 writeups.

challenge-spoiler source caveat · source-backed · documented caveat

One source is a post-event challenge walkthrough that contains puzzle solutions and hidden-challenge details, not just neutral hardware documentation.

The catalogue uses it to prove badge behavior and puzzle surfaces while avoiding full challenge-solution reproduction in the main badge summary.

semaja2 BSides Adelaide 2025 Hardware Badge Writeup.

challenge-spoiler source caveat · attendee writeup · documented

The strongest technical source is a post-event writeup containing all six flag strings and solution details.

The catalogue uses the writeup to prove challenge behavior while avoiding full challenge-solution reproduction in the badge summary.

elmo Off-By-One 2024 Hardware Badge writeup.

community-port input caveat · community repository · documented

The nofrendo port documented working display, buzzer audio, SPIFFS ROM loading, and a START-button workaround, but also noted that more button configuration was still TODO because the badge did not have buttons.

The page separates an impressive post-event software port from a complete game-console experience.

arduino-nofrendo Fri3D Camp Badge repository.

component-source gap · source-limited · unrecovered

The public trail proves electronic hardware badges and badge software/challenge behavior, but no complete 2018 schematic, BOM, PCB source, final firmware tree, or manufacturing archive was recovered in this pass.

The record avoids unverified controller, pinout, schematic, or production-detail claims.

2018 HackRVA recap, HackRVA wiki, official layout, CTF archive, and InfoconDB.

component-source mix · primary repo plus secondary article · documented

Exact module and LCD identifiers come from the hardware archive, while user-facing behavior such as CR2032, NFC, challenge, and unlock details are drawn from Hackaday's technical report.

The page avoids extrapolating a complete BOM, shipped firmware history, or production quantity beyond the recovered sources.

NearForm hardware README and Hackaday article.

controller-mode caveat · repository README · source published

The README says at least one of the two control paths must be soldered: shield-only operation gives OLED mini-game behavior, while the recommended fuller experience uses the ESP32 Wemos D1 module and related support parts.

The record separates the minimal shield/display experience from the ESP32 and RF-detector build path instead of treating every configuration as identical.

ElectronicCats/badge-44con-2025 README.

destructive reflash caveat · repository README · documented

The README warns that reprogramming erases badge memory, including challenge progress and custom messages.

Surviving-badge owners should preserve state before using the documented post-event firmware path or DFU flashing workflow.

Saintcon 2019 Enigma Badge README.

disappeared project-page caveat · live page audit · needs archive recovery

The repository README links the historical `secyc23badge` page, but that URL currently returns a WordPress 404.

Future work should recover an archived copy before adding additional lore, instructions, or imagery from the original project page.

FluxDecoder README and live 404 at https://www.se.community/secyc23badge/.

distribution scope caveat · official event page · documented source limitation

The official page proves hackable badges at CyberThreat 2024 and describes in-person delegate hands-on opportunities, but does not publish exact badge quantity, ticket-tier eligibility, or whether every on-site attendee received one.

The catalogue records the badge as a CyberThreat 2024 challenge artifact without inventing a universal distribution count.

CyberThreat official event page.

distribution scope caveat · badge-maker writeup · documented

Badge Pirates says only 250 preregistration attendees received electronic badges, organizer/speaker/volunteer/Jr Hacker batches totaled 128 hand-assembled boards, and non-electronic participant PCBs carried crypto-challenge clues.

The catalogue avoids implying every BSidesKC attendee had a fully electronic badge while still recording the verified electronic badge ecosystem.

Badge Pirates BSidesKC 2019 badge writeup.

distribution scope caveat · official source wording · documented

The source describes CTF participants grouped into teams of eight and does not say that every conference attendee received this badge.

The badge is classified as a CTF team hardware artifact rather than a confirmed all-attendee admission badge.

NorthSec past-editions page.

documentation/lore · primary wiki · historical

The clue list and badge behavior are preserved, but the wiki notes some details were only filled in after EMWave had passed and still left some answers to be added.

The hidden-beacon mechanic is source-backed, while exact participant gameplay reconstruction remains partial.

EMF Badge Wiki SiNE page.

e-paper app constraints · app writeup · historical

The Gameboy emulator writeup highlights the challenge of adapting fast interactive graphics to an e-paper badge display.

This is useful lore for app-store records: the badge could run surprising software, but display technology shaped what was practical.

SpritesMods e-ink Gameboy writeup.

electronic badge not proven · official guide but intentionally narrow · classified as identity artifact

The official guide proves a paid-attendee Survival Kit with conference badge, lanyard, and sticker set, but does not prove an electronic badge, PCB, firmware, components, production run, shipped count, or challenge behavior.

The dossier preserves the pandemic-era badge/lanyard artifact without upgrading it into unsupported electronics.

RC14 Quick Guide.

electronic badge not proven · source-backed but incomplete · classified as physical identity artifact

The recovered public sources prove a Human/Human+ badge-and-lanyard inclusion and lanyard artwork, but do not prove an electronic badge, firmware, PCB, component stack, challenge behavior, or badge variant taxonomy.

The dossier preserves ROOTCON 17 as an attendee identity artifact and avoids upgrading the record into unsupported electronics.

RC17 Conference Overview, RC17 Pocket Guide, and ROOTCON 17 Art directory.

electronic badge not proven · source-backed but intentionally narrow · classified as entry/admission artifact

The recovered public sources prove limited Entry badge availability and closed-conference registration context, but do not prove an electronic badge, PCB, firmware, component stack, challenge behavior, physical badge design, or lanyard artwork.

The dossier preserves Zer0Con 2024 as an admission-badge availability record without inventing electronics or a physical credential design.

Zer0Con 2024 archive and POC Security official update trail.

electronic badge not proven · source-backed but intentionally narrow · classified as entry/admission artifact

The recovered public sources prove limited Entry badge availability and closed-conference context, but do not prove an electronic badge, PCB, firmware, component stack, challenge behavior, physical badge design, or lanyard artwork.

The dossier preserves Zer0Con 2025 as an admission-badge availability record without inventing electronics or a physical credential design.

Zer0Con 2025 archive and POC Security official update trail.

electronic badge not proven · source-backed but intentionally narrow · classified as entry/admission artifact

The recovered public sources prove limited registration availability and closed-conference context, but do not prove an electronic badge, PCB, firmware, component stack, challenge behavior, physical badge design, or lanyard artwork.

The dossier preserves Zer0Con 2026 as an admission-badge availability record without inventing electronics or a physical credential design.

Zer0Con 2026 official page and POC Security official update trail.

electronic-badge evidence gap · source-backed limitation · documented; monitor future updates

The recovered official sources prove badges as sponsorship/logo-placement artifacts, but they do not describe a PCB, firmware, soldering project, hardware challenge, QR workflow, lanyard design, production quantity, or exact physical badge design.

The catalogue classifies this as a conservative conference identity artifact instead of an electronic badge or badgelife project.

BSides Reykjavik sponsorship packages and 2026 event pages.

event scope caveat · official summit page plus badge repository · documented

The official page frames GreyCTF Summit 2025 as a cybersecurity summit with talks, workshops, booths, and GreyCTF context, while the repository frames the artifact as the GreyCTF 2025 badge. This record treats it as a source-backed Singapore hacker-culture/security badge without overclaiming universal public distribution.

The event and badge are included, but distribution and admission-credential claims remain conservative.

GreyCTF Summit 2025 page and NUSGreyhats/greybadge25 README/release trail.

event-software caveat · project-owner writeup · documented

HackRVA noted time pressure around the scoreboard and base-station/game content, so the record treats some game/networking elements as planned or constrained rather than fully proven completed behavior.

The entry separates source-backed plans, public interpreter code, and final-event uncertainty.

HackRVA RVAsec 8 layout post.

field-accessory availability · primary docs · historical

The getting-started notes say USB-serial adapters and headphones were available only as needed, not in every badge bag.

The badge game depended on accessories that some attendees needed to borrow from the badge hacking area.

HackerHotel 2020 getting-started docs.

field-kit dependency · primary docs · documented

Badge hacking depended on attendee-supplied USB and battery power.

The official page recommended a micro USB data cable plus replacement AA batteries or a power bank, so a prepared kit mattered for camp hacking.

RomHack badge page and RHC22 README.

field-report scope caveat · official docs plus secondary field report · needs schematic-level review

The Hackaday report is useful for attendee-facing behavior and lore, but detailed component claims should still be checked against the official Badge.Team hardware repositories and schematics.

The dossier can use the report for mesh gameplay and relay-interface lore while keeping low-level hardware claims anchored to primary sources.

Hackaday field report and Badge.Team HackerHotel 2024 docs.

field-writeup scope caveat · first-hand writeup · documented

The 2025 Conference badge and Soldering village writeups document practical reverse engineering and challenge solving from an attendee perspective, but they are not a complete official challenge archive or manufacturing release.

The catalogue uses them to enrich firmware and challenge behavior while keeping authoritative hardware-source claims tied to the official NorthSec repository.

NorthSec competition write-up index and Jean Privat's 2025 badge writeups.

final-hardware archive gap · source-backed but incomplete · needs post-event technical source

Ticketing proves a cool badge and the prospectus proves electronic badge design/build was available as a supporter item, but this pass did not recover final schematics, board files, firmware, BOM, or component-level documentation.

The record does not claim processor, display, radio, CTF, battery, or shipped electronic features beyond the public sources.

BSides Brisbane 2025 Humanitix page and 2025 sponsorship prospectus.

finicky Arduino-clone caveat · badge text quoted in field writeup · historical

The quoted badge text says the board is loaded with an Arduino Leonardo bootloader and can be treated as an Arduino clone, but warns that getting everything to work and fit can be finicky.

The compendium records this as a practical attendee caveat rather than an unresolved defect: the badge was intentionally open and modifiable, but not frictionless.

Zeta-Two field writeup quoting the challenge badge text.

firmware absence caveat · source-backed but intentionally narrow · documented

The recovered sources describe a soldered RGB blinky badge, transparent PCB design, and coin-cell power, but do not document a programmable MCU, firmware, serial shell, repository, or CTF behavior for the AVTOKYO 2019 badge.

The dossier keeps the artifact as a beginner soldering-village blinky badge instead of inventing software behavior.

Hackster.io blinky-badge writeup and AVTOKYO 2019 event page.

firmware absence caveat · source-backed but intentionally narrow · documented

The recovered sources describe a soldered blinky badge, LED mounting choices, and coin-cell power, but do not document a programmable MCU, firmware, serial shell, repository, or CTF behavior for the CODE BLUE 2019 badge.

The dossier keeps the artifact as a beginner soldering-village blinky badge instead of inventing software behavior.

Hackster.io blinky-badge writeup.

firmware and artifact archive gap · source-backed but incomplete · needs post-event archive

The public source trail currently documents SAO electrical and mechanical constraints but not badge firmware, bootloader behavior, challenge source, final PCB files, BOM, shipped role variants, or production notes.

Hardware and software fields stay limited to the official SAO spec until DEF CON publishes final badge files or credible post-event technical documentation.

DC34 SAO spec PDF and DEF CON media-server badge directory path.

firmware and schematic gap · official badge guide with limited hardware depth · needs deeper archive recovery

The official badge page documents CTF behavior, CP2102 serial access, BAT CON battery handling, 9600-baud workflow, unlock codes, and safety instructions, but this pass did not recover firmware source, schematic files, BOM, Gerbers, challenge binaries, or a complete hardware archive.

The catalogue keeps the strong official badge-guide evidence while avoiding unsupported claims about the unrecovered design files or shipped firmware internals.

AvengerCon IX Electronic Badge guide and linked hints page.

firmware-and-controversy caveat · source-backed but incomplete · needs deeper artifact inventory

Public sources document the save issue, firmware archives, GB Studio game source, and DEF CON's response to contractor-credit and firmware claims, but this pass does not adjudicate every dispute, audit every firmware build, or mirror every hardware/game asset.

The catalogue records the verified public badge surfaces and flags that the production and firmware story needs a deeper artifact-level chronology.

DEF CON news and response post, media-server badge archive, badge-game repository, Raspberry Pi RP2350 sources, and community ROM writeup.

firmware-and-final-state caveat · source-backed but incomplete · needs deeper artifact inventory

Public sources document firmware dumping/modification, key combos, badge variants, and challenge flow, but this pass does not mirror every firmware image, media artifact, phone recording, badge variant, or post-win state.

The catalogue records verified hardware and challenge structure while leaving full artifact preservation and firmware archaeology for a later pass.

DEF CON forum thread, FaultPoint firmware extraction, Red Balloon Security OFRAK writeup, and Kybr challenge writeup.

firmware-detail caveat · source-backed but incomplete · needs deeper artifact inventory

Public writeups expose serial strings and interaction behavior but this pass does not unpack the full badge firmware or media-server archive.

The compendium records observed behavior and published challenge paths while avoiding unsupported claims about the badge's internal firmware architecture.

Degenerate Metric writeup, Inverse report, and DEF CON 24 media links.

firmware-scope caveat · source-backed but intentionally narrow · documented

Recovered sources prove an analog 555-timer badge kit and optional Arduino-compatible expansion path, but no CarolinaCon 12 badge firmware repository, microcontroller stock firmware, CTF code, or final attendee modifications were recovered.

The entry records the verified soldering badge and hacking surface without inventing software behavior.

CarolinaCon 12 badge section and instruction manual.

firmware-source caveat · source-backed but incomplete · needs deeper archive recovery

Hackaday.io links stock firmware source and an Arduino RGB demo, but this pass records the public project evidence rather than auditing, mirroring, or validating every firmware artifact and challenge branch.

The catalogue records verified hardware, game behavior, and recovery workflow while leaving full firmware preservation and challenge reconstruction for a later pass.

Hackaday.io THOTCON 0x8 project links and project logs.

firmware-source caveat · source-backed but incomplete · documented; monitor newly surfaced 2022 badge archives

The recovered public tree proves hardware, BOM, production, challenge-media, and SAO assets, and the official competition write-up index preserves 2022 CTF writeups, but this pass did not recover a dedicated 2022 badge firmware README, final event guide, badge-specific writeup, or complete challenge source.

The record documents verified hardware and archive surfaces while avoiding unsupported badge-game or firmware-behavior claims.

NorthSec 2022 badge hardware tree, challenge directory, and competition write-ups index.

firmware-source caveat · repository tree and decoded sketches · needs deeper firmware inventory

The firmware tree preserves Blink_Bug, AudioWAV, Chona.wav, and an EdgeImpulse note, but this pass did not audit every sketch dependency, runtime command implementation, challenge binary, audio asset provenance, or final shipped firmware image.

Software claims stay tied to the README instructions, visible firmware tree, and decoded example sketches rather than treating the repository as a complete final production firmware archive.

ElectronicCats/Badge-BugCON-2022 firmware tree, Blink_Bug sketch, AudioWAV sketch, and Edge_impulse.txt.

firmware-source gap · project logs but incomplete source recovery · needs artifact-level archive

The project logs describe firmware tracks, CAN tooling, HID/CDC behavior, and emulator experiments, but this pass did not recover a complete public final firmware repository, board-production release, or challenge/utility software archive.

Software and protocol claims are kept to the public project statements rather than treating development notes as a complete release package.

Hackaday.io LayerOne 2017 details and logs.

firmware-source gap · source-backed but incomplete · needs archive recovery

The public record proves staff firmware flashing after attendee assembly, but this pass did not recover a public firmware repository, binary release, pin map, bootloader workflow, or badge-challenge source archive.

The software section records the verified staff-flashing workflow without inventing firmware behavior or challenge internals.

Hackaday WOPR Summit field report and Russell Handorf WOPR 0x00 build guide.

firmware-version caveat · source-backed but incomplete · needs deeper artifact inventory

Public sources document firmware update paths and version checks, but this pass does not mirror or audit every media-server artifact, hex file, writeup, or internal game branch.

The catalogue records the verified hardware and update workflow while leaving complete firmware archaeology for a later artifact-level pass.

DEF CON 26 archive firmware notice, Hackaday.io solving project, and DEF CON forum curated content.

firmware/backend boundary · public firmware archive · documented

The public firmware repository preserves participant-side badge code and CTF apps, but this pass did not recover every private organizer backend, provisioning script, or final competition infrastructure artifact.

The software section describes the recovered badge firmware without overclaiming complete event infrastructure publication.

irq5.io firmware writeup and geekman/badger repository.

hardware and firmware archive gap · source-backed but incomplete · needs artifact-level archive

No public schematic, PCB, BOM, firmware repository, flashing workflow, challenge binary, radio/display/power details, or badge-team writeup was recovered in this pass.

Component and software claims remain intentionally withheld until artifact-level sources appear.

BSides Porto official site, about page, and ticketing page.

hardware and firmware archive gap · first-hand finalist source but incomplete technical archive · needs public challenge archive

The public source trail identifies ESP32 hardware and BLE mesh behavior but does not publish schematic, PCB files, BOM, firmware, binaries, protocol documentation, exact module variant, or production files.

Hardware and software claims stay limited to the finalist writeup's challenge description.

U-Zyn Chua TISC@DEFCON Singapore 2026 Finals writeup.

hardware and firmware source gap · source-backed but incomplete · needs artifact-level archive

The recovered public sources prove an electronic badge and Badge Sponsor category, but do not describe a PCB, firmware, soldering project, badge app, QR workflow, lanyard design, production quantity, challenge integration, or exact physical badge design.

The catalogue records the electronic-badge programme while withholding unsupported component, software, distribution, and interaction claims.

BSidesLisbon 2025 about page, sponsors page, CTF page, and Eventbrite listing.

hardware and firmware source gap · source-backed but incomplete · needs public technical archive

The public sources document high-level Pico/OLED/button/SAO/EEPROM/game behavior, but this pass did not recover schematics, PCB files, BOM, firmware source, protocol documentation, production files, or a public repository.

Component and firmware claims remain limited to the public product and announcement text, with no invented electronics or implementation details.

DEF CON forum announcement, RENXCHANGE product page, and DC33 schedule mirror.

hardware archive gap · official walkthroughs · needs deeper archive recovery

The walkthroughs document ATmega1284P, FTDI serial, Optiboot, flash dumping and flashing, but do not publish schematic, PCB files, BOM, component placement, enclosure files, source firmware, or manufacturing records.

Hardware and software fields stay limited to the official challenge walkthrough evidence.

CyberThreat Echo Service and A Nice Edit walkthrough PDFs.

hardware archive gap · post-event report and attendee observation · needs badge-team archive

The recovered public trail proves the electronic duck badge, CTF LEDs, and observed RP2040/MicroPython behavior, but does not expose schematics, PCB files, BOM, official firmware source, case files, or production files.

The catalogue records observed hardware and software behavior while avoiding unrecovered component, board-source, and manufacturing claims.

Noroff post-event report, BSides Kristiansand recordings page, and Cryptax technical write-up.

hardware archive gap · source-backed but incomplete · needs schematic or BOM recovery

The recovered sources document the wearable badge, OLED, controls, headers, pinouts, AVR/ISP flashing, firmware behavior, and CTF mode, but this pass did not recover a schematic, BOM, board files, exact MCU package, or production quantity.

The record stays at source-backed hardware surfaces and avoids unsupported component-level claims.

Hackster Packet Hack Badge project and GitHub firmware repository.

hardware archive gap · source-backed but incomplete · needs schematic or PCB archive

The recovered source trail proves an assembled Ruxcon 2017 HHV badge, UART adapter requirement, ESP8266/NodeMCU firmware, and challenge behavior, but this pass did not recover schematic, PCB files, BOM, manufacturing count, or exact board revision.

The record keeps component claims to ESP8266/NodeMCU evidence and avoids unsupported board-layout or production-run detail.

Ruxcon 2017 HHV page, Darkglade writeups, source-release post, and ruxconhhv2017 repository.

hardware archive gap · source-backed but incomplete · needs primary badge archive

The recovered sources document a home-made Arduino badge and running-order display, but not a schematic, BOM, firmware, exact Arduino board, display part, artwork, or production archive.

The catalogue records the verified electronic-badge behavior while avoiding unsupported claims about circuit design, parts, firmware, or challenge features.

BSides Canberra 2016 event page and The Register event report.

hardware archive gap · source-backed but incomplete · needs public badge-team archive

The public source trail documents components, visible board behavior, and challenge surfaces, but this pass did not recover a public schematic, KiCad tree, BOM, firmware repository, Gerbers, production quantity, or official badge-team release.

Hardware and software fields stay limited to the attendee writeup, licensed photos, and public event context.

elmo writeup, AiSP event listing, and current Off-By-One site.

hardware detail caveat · official source with limited technical detail · documented

The official past-editions page proves a hardware badge but does not publish component names, board files, firmware, schematics, or a repository for the 2015 artifact.

The catalogue records the badge's existence and challenge context without inventing electronics.

NorthSec past-editions page.

hardware detail caveat · official article but narrow technical detail · needs public technical archive

HTX's launch article proves a Public Safety Village badge artifact and visible illuminated emergency-vehicle icons, but no reviewed public source publishes a MCU, schematic, firmware, BOM, battery, distribution count, or challenge protocol for this badge.

The record documents the verified village badge artifact without inventing electronics, firmware, production, or distribution details.

HTX launch article, HTX Public Safety Village page, and HTX preview article.

hardware license caveat · GitHub API and repository tree recheck · no visible hardware license

The public hardware repository preserves Eagle design files and badge imagery but GitHub reported no detected license, and no top-level reusable hardware or image license was recovered in this pass.

Hardware files are cited as evidence, but repository images are not copied locally and reuse claims stay limited.

jellyjellyrobot/neander GitHub API and repository tree recheck.

hardware power caveat · source-backed · documented

The production story records that the badge's power path could not reliably support flash writes at full 80 MHz operation, requiring firmware and clocking attention.

Surviving-badge hacking and firmware flashing should respect the documented power and flash-write constraints.

Hackaday production article.

hardware privilege boundary · public badge guide · historical

Moving jumpers from UART1 to UART0 exposed a 115200 baud root-shell path after reconnecting the Omega shield.

For a learning badge this is useful lore rather than a production vulnerability: it shows how physical access and debug interfaces were deliberately part of the challenge surface.

Jump ESP, jump! badge guide.

hardware-detail caveat · source-backed but incomplete · needs schematic or firmware recovery

The official page proves four buttons, four LEDs, challenge flags, and hardware-hacking acknowledgement, but it does not publish component identifiers, schematic, firmware, PCB files, battery details, or production notes.

The catalogue records only the verified badge behavior and avoids inventing electronics beyond the public BBV Badge 2025 source.

Bug Bounty Village BBV Badge 2025 page.

hardware-detail caveat · source-backed but intentionally narrow · needs schematic or BOM recovery

The public project record proves a simple discrete marquee attendee kit, but this pass did not recover public schematics, BOM, assembly guide, firmware, battery, controller, LED count, or event-game documentation.

The catalogue keeps the record as a source-backed kit badge and avoids inventing electronics beyond the published discrete marquee description.

Hackaday.io BSides Orlando 2018 Badge project.

hardware-detail caveat · official registration source · needs hardware archive recovery

The recovered official sources prove that CactusCon 8 offered an electronic badge option and issued printed or electronic badges by ticket type, but they do not describe electronics, manufacturer, firmware, challenge behavior, production count, final appearance, or distribution beyond ticket entitlement.

The catalogue records the badge as a real registration-tier artifact without upgrading it into a specific PCB platform or game badge.

CactusCon registration update and Friday/Saturday registration pages.

hardware-detail caveat · source-backed but intentionally narrow · needs public technical archive

The recovered official sources document the electronic badge, MediaTek chipset, Wi-Fi, Bluetooth LE, joystick/game-controller input, infrared, LED display, Hackermon, Snake, and premium-ticket distribution, but do not recover a schematic, BOM, firmware repository, production count, or exact part numbers.

The dossier records the verified platform and challenge claims while avoiding unsupported component-level or firmware claims.

HITCON CMT 2017 events and ticketing pages.

hardware-detail caveat · source-backed but intentionally narrow · needs public technical archive

The recovered sources document badge mini-game behavior, card readers, NFC-reader inspection, and welcome-kit inclusion, but do not identify an exact chip, NFC tag type, memory layout, schematic, or firmware repository.

The dossier records the verified interaction model while avoiding unsupported component-level or security-primitive claims.

HITCON CMT 2023 event, location, and ticketing pages.

hardware-detail caveat · source-backed but incomplete · needs artifact documentation

The public source shows a green PCB-form speaker credential but does not disclose whether it had powered circuitry, firmware, components, schematic, NFC, RF, display, or challenge behavior.

The catalogue records only the proved speaker-badge artifact and visible PCB-form context until direct technical documentation appears.

MOS & BOO OzSecCon 2018 conference wrap-up.

hardware-detail caveat · primary source-backed but incomplete · needs badge-team release or post-event writeup

The public ticketing source proves electronic badge inclusion, but this pass did not recover a 2026 schematic, BOM, PCB file, firmware repository, final component list, production note, or shipped-badge teardown.

The catalogue does not infer microcontrollers, displays, batteries, radios, add-on connectors, games, or firmware behavior until those details are published.

BSides Canberra 2026 Humanitix ticketing page and official CFP.

hardware-detail caveat · source-backed but pre-event incomplete · needs post-event technical archive

The recovered sources document electronic badge design/build scope for 500 delegates but not the actual PCB, processor, display, battery, radio, firmware, CTF behavior, schematic, BOM, or repository.

The entry keeps component-level fields empty until official post-event or repository evidence supports them.

BSides Brisbane 2026 prospectus and ticketing pages.

hardware-detail caveat · official source but no technical badge archive · needs primary badge archive

The recovered official source does not identify the badge material, electronics, firmware, serial behavior, puzzle files, or whether the badge challenge used the attendee tag itself.

The catalogue keeps the record to identity-badge and challenge evidence until a direct technical source appears.

CHCon 2018 event page.

hardware-detail caveat · official source but no technical badge archive · needs primary badge archive

The recovered official sources do not document badge electronics, firmware, microcontroller, serial interface, display, radio, NFC, QR behavior, or a badge-specific challenge repository.

The catalogue keeps component-level fields empty until direct badge documentation is recovered.

CHCon 2019 about and sponsorship pages.

hardware-detail caveat · source-backed but incomplete · needs public schematic or participant notes

The official source documents supplied electrical components, tools, soldering, IC programming, and Arduino IDE use, but not the exact PCB, chip, battery, display, schematic, or firmware.

The record avoids inventing component-level details until a workshop handout, schematic, or first-hand writeup is recovered.

Kiwicon 2038 Intro to Badge Hacking page.

hardware-detail caveat · source-backed but incomplete · needs original badge-team archive

The current public source describes visible badge components and challenge behavior, but does not recover schematics, board files, bill of materials, firmware for the ESP badge, or a full original badge-team build writeup.

The record preserves the source-backed two-part badge without inventing component-level details that are not public in the recovered sources.

SensePost writeup and released RFCat challenge gist.

hardware-detail gap · source-backed but intentionally narrow · needs public schematic or firmware archive

The official source proves an electronic Infinity Glove badge and hardware CTF framing, but this pass did not recover component lists, schematics, board files, firmware, or challenge-source archives.

The record preserves badge existence, distribution, and CTF framing while avoiding unsupported component-level claims.

BSidesTLV 2025 electronic badge page.

hardware-detail gap · source-backed but intentionally narrow · needs public schematic or firmware archive

The official source proves a planned electronic badge and hardware CTF framing, but this pass did not recover component lists, schematics, board files, firmware, production notes, or challenge-source archives.

The record preserves badge existence and planned CTF framing while avoiding unsupported component-level claims.

BSidesTLV 2026 Hardware Village page.

hardware-source boundary · official challenge page plus attendee teardown · needs deeper archive recovery

The official WWHF page proves an electronic badge and badge CTF but does not publish a component list, schematic, BOM, firmware release, PCB files, or challenge-source archive; component-level details currently come from a post-event attendee teardown.

The catalogue records ESP32-S3, OLED, charger, LED, BLE, serial, and firmware-analysis details as teardown-backed rather than official board documentation.

WWHF e-badge page and AlrikRr NetRunSecurity badge-hacking writeup.

hardware-source caveat · source-backed but incomplete · needs badge-team archive

Public sources prove BSides Tampa 2018 event context, electronic badge assembly activity, and a visible badge/lanyard artifact, but this pass did not recover schematic, BOM, firmware, assembly instructions, controller part, battery details, or challenge-source material.

The record captures the source-backed artifact without inventing electronics or software behavior beyond the public evidence.

St. Petersburg College attendee report, Wikimedia Commons photo metadata, and badge.gallery inclusion policy.

hardware-source caveat · official source but incomplete · needs schematic, firmware, and repository recovery

The current public source describes the LilyGO T-Deck S3 base and visible feature set, but this pass did not recover a BSidesSLC badge firmware repository, schematic, BOM, Meshtastic configuration, app archive, or challenge source.

The catalogue records the verified official badge description while avoiding unsupported local firmware, challenge, or hardware-modification claims.

BSidesSLC official site and current public-source search.

hardware-source caveat · source-backed but incomplete · needs post-event source recovery

Official sources prove an electronic social badge, QR-code badge pickup, and badge-enhancement activity, but post-event public repository checks still found no 2026 branch, 2026 tag, schematic, BOM, firmware tree, component list, final badge guide, or `badge-conf-2026` repository.

The catalogue avoids inventing microcontroller, radio, LED, display, firmware, or game details until primary hardware/software sources appear.

NorthSec 2026 registration page, villages page, villages schedule, nsec/nsec-badge branch/tag checks on 2026-05-20 and 2026-05-21, attempted nsec/badge-conf-2026 lookup on 2026-05-21, and GitHub commit metadata.

hardware-source caveat · official source but technically shallow · needs primary badge archive

The official sources prove an electronic badge was introduced for the 2019 CTF, but this pass did not recover a schematic, BOM, PCB repository, firmware, controller details, display, radio, battery, badge-team writeup, or production count.

The record preserves the electronic-badge milestone while avoiding invented component or firmware claims.

Hackfest history, Hackfest 2019 schedule, and Hackfest CTF 2019 page.

hardware-source depth caveat · firmware/readme source but no CAD archive · needs hardware archive recovery

The recovered 2026 trail documents controller, display, radio, LEDs, buzzer, buttons, firmware, games, RF behavior, and ticket inclusion, but this pass did not recover schematic, PCB files, BOM, enclosure files, exact shipped quantity, or hardware errata.

The record keeps hardware claims to the official site and firmware repository without inventing a final circuit, board revision, manufacturing run, or image provenance.

HackConRD 2026 site, eBadge page, and Badge_HackConRD_2026 README.

hardware-source scope caveat · source-backed but incomplete · needs deeper post-event artifact inventory

The public repository preserves README, KiCad, BOM, schematic, and firmware material, but this pass does not mirror every CTF challenge artifact, post-event solve, manufactured-board photograph, or field report.

The catalogue records verified hardware and firmware surfaces while leaving deeper NorthSec 2025 artifact archaeology for later work.

NorthSec 2025 badge repository, README, hardware tree, and schematic PDF.

identity-artifact boundary · official source · documented

The terms prove visible badge access control for the conference floor, but do not document electronics, hardware specifications, firmware, challenges, or badge design details.

The catalogue records x33fcon 2026 as an identity-artifact badge and avoids any electronic-badge claim.

x33fcon Terms & Conditions Conference Badges section.

identity-artifact boundary · official source but limited · documented

The official source proves badge distribution at check-in but does not prove an electronic badge, hardware challenge, badge firmware, schematic, PCB, lanyard design, or badge variants.

The catalogue records the real identity artifact while avoiding unsupported electronic-badge claims.

BSides Reunion volunteer missions and official event page.

identity-artifact classification · official source · documented

The official WAHCKon ticket page proves a ticket-included badge but does not document an electronic or programmable badge.

The record is modeled as an identity artifact and avoids unsupported PCB, firmware, RF, display, NFC, or challenge claims.

WAHCKon 2013 ticket page.

identity-artifact classification · official source · documented

The recovered BSides Melbourne 2020 sources prove conference registration and lanyards, but do not prove an electronic badge or a separate printed badge artifact.

The entry is intentionally modeled as a lanyard and registration identity artifact so the Melbourne lineage expands without inventing PCB, firmware, RF, display, CTF, or programmable behavior.

BSides Melbourne 2020 schedule and sponsor page.

identity-artifact classification · official source · documented

The recovered BSides Melbourne source trail proves a badge and lanyard credential with consent and interaction-protocol signalling, but does not prove an electronic badge.

The entry is intentionally modeled as a conference identity artifact so the Melbourne lineage expands without inventing PCB, firmware, RF, display, CTF, or programmable behavior.

BSides Melbourne 2023 attendee communications and official archive.

identity-artifact classification · official source · documented

The recovered 2024 prospectus proves a badge/lanyard identity artifact with pronoun, photo-permission, and interaction-preference signalling, but does not prove an electronic badge.

The entry is intentionally modeled as a social-signal identity artifact so the Melbourne lineage expands without inventing PCB, firmware, RF, display, CTF, or programmable behavior.

BSides Melbourne 2024 sponsorship prospectus and sponsors page.

identity-artifact classification · official source · documented

The recovered CrikeyCon 2017 sources prove attendee badge pickup and special speaker badges but do not prove an electronic conference badge.

The entry is intentionally modeled as a conference identity and speaker credential so the CrikeyCon lineage expands without inventing PCB, firmware, RF, CTF, display, or programmable behavior.

CrikeyCon 2017 archive and CFP pages.

identity-artifact classification · official source · documented

The recovered CrikeyCon V source proves attendee badge pickup and special speaker badges but does not prove an electronic conference badge.

The entry is intentionally modeled as a conference identity and speaker credential so the CrikeyCon lineage expands without inventing PCB, firmware, RF, CTF, display, or programmable behavior.

CrikeyCon V official archive page.

identity-artifact classification · official source · documented

The recovered CrikeyCon VI source proves attendee badge pickup, staff badges, Friendly Bear name badges, and special speaker badges but does not prove an electronic conference badge.

The entry is intentionally modeled as conference identity, support, and speaker credentials so the CrikeyCon lineage expands without inventing PCB, firmware, RF, CTF, display, or programmable behavior.

CrikeyCon VI official archive page.

identity-artifact classification · official source · documented

The recovered CrikeyCon VII sources prove badge pickup and a CrikeyCon Connect badge marker but do not prove an electronic conference badge.

The entry is intentionally modeled as a conference identity and support-signal artifact so the CrikeyCon lineage expands without inventing PCB, firmware, RF, CTF, display, or programmable behavior.

CrikeyCon VII archive, schedule, and events pages.

identity-artifact classification · official source · documented

The recovered CrikeyCon IX sources prove badge pickup and custom accessibility badge/pin artifacts but do not prove an electronic conference badge.

The entry is intentionally modeled as a conference identity and accessibility artifact so the CrikeyCon lineage expands without inventing PCB, firmware, RF, CTF, display, or programmable behavior.

CrikeyCon IX schedule, archive page, and Humanitix ticketing.

identity-artifact classification · official source · documented

The recovered CrikeyCon X sources prove a badge pickup workflow and conference credential but do not prove an electronic badge.

The entry is intentionally modeled as a conference identity artifact so the CrikeyCon lineage expands without inventing PCB, firmware, RF, CTF, or display claims.

CrikeyCon X schedule, archive page, and Humanitix ticketing.

identity-artifact classification · official source · documented

The official CHCon 2018 source proves identification tags/badges and badge challenges but does not prove that the attendee credential was an electronic PCB badge.

The record is modeled as an identity and challenge artifact so the CHCon lineage expands without unsupported microcontroller, firmware, display, radio, NFC, or CTF-on-badge claims.

CHCon 2018 event and sponsorship page.

identity-artifact classification · official source · documented

The CHCon 2019 sources prove identification tags/badges and nearby electronic CTF challenges, but not an electronic attendee badge.

The entry separates identity-badge materials from CTF electronics so the record does not invent a PCB credential.

CHCon 2019 about and sponsorship pages.

identity-artifact classification · official source · documented

The official Kiwicon 7 source proves event badge assembly and pickup context, but not an electronic attendee badge.

The entry is modeled as a Kiwicon identity artifact so New Zealand coverage expands without inventing PCB, firmware, display, radio, NFC, or CTF behavior.

Kiwicon 7 home/news and about pages.

identity-artifact classification · official source · documented

The official Kiwicon 9 source proves a visible venue badge credential, but not an electronic attendee badge.

The entry is modeled as a Kiwicon identity artifact so New Zealand coverage expands without inventing PCB, firmware, display, radio, NFC, or CTF behavior.

Kiwicon 9 home/news and HQ pages.

identity-artifact classification · official source · documented

The official Kiwicon 2038 source trail proves a badge and lanyard credential but not a public electronic attendee badge.

The entry is intentionally modeled as a conference identity artifact so New Zealand coverage expands without inventing hardware, firmware, RF, CTF, or PCB claims.

Kiwicon 2038AD home/news page and FAQ.

identity-artifact classification · official source · documented

The official Kawaiicon badge page proves a physical conference badge made from seed paper but does not support electronic hardware, firmware, display, RF, or CTF claims for the credential.

The record keeps the Kawaiicon badge as a material identity artifact rather than upgrading it into a PCB badge without evidence.

Kawaiicon badges page, FAQ, and about page.

identity-artifact classification · official source · documented

The official Purplecon diary proves a lanyard badge, but not an electronic attendee badge.

The entry is modeled as a glow-in-the-dark identity artifact and avoids unsupported PCB, firmware, display, radio, NFC, or CTF claims.

Purplecon 2018 diary and home page.

identity-artifact classification · official source but no technical archive · documented

The recovered public trail proves a conference badge and lanyard sponsor context plus visible volunteer-badge requirement, but it does not prove an electronic badge, PCB, firmware, badge challenge, component list, schematic, production count, or final artwork.

The catalogue models the 2018 item as a conference identity/admission artifact and avoids upgrading sponsor and volunteer evidence into unsupported electronics claims.

Nullcon Goa 2018 sponsors page, volunteer page, schedule, venue page, and archive.

identity-artifact classification · source-backed but narrow · documented

The CFP proves a speaker VIP badge benefit, but it does not prove a public attendee badge, electronic badge, PCB, firmware, challenge behavior, badge design, or production quantity.

The catalogue models the item as a narrow speaker identity artifact and avoids unsupported hardware claims.

NotPinkCon PaperCall CFP.

identity-artifact classification · primary writeups · documented

The sources prove a custom CR80 Hacker ID Card / reusable name-tag artifact and on-site card-printing workflow, but not a PCB, firmware project, badge challenge, or electronic conference badge.

The entry is modeled as an identity-card badge artifact and avoids unsupported electronics claims.

Security-Bits Hacker ID Card page, H2HC custom-card production post, and Need a New ID? follow-up.

identity-artifact classification · source-backed but incomplete · documented

The recovered sources prove a VIP special badge but do not prove electronic hardware, components, firmware, badge challenges, or attendee-wide issue.

The badge is classified conservatively as a VIP identity/swag artifact, not as an electronic conference badge.

8.8 Reloaded announcement coverage.

image-rights boundary · local project policy · needs licensed original replacement

No local Hackfest 2019 badge image is published because this pass did not pair any specific badge photo or official raster with reusable image rights, attribution, source URL, and processing notes.

The entry remains image-free rather than copying event media, Flickr photos, screenshots, social images, or generated placeholder art.

badge.gallery image policy, Hackfest history photo links, Hackfest 2019 schedule, and Hackfest CTF source trail.

large archive scope caveat · source-backed but compact · documented

The public 2019 repository includes a broad hardware, firmware, games, challenge, and utility tree; this catalogue entry summarizes the main surfaces rather than indexing every file.

The record is accurate at the badge level and leaves per-game or per-challenge archaeology for later expansion.

NorthSec 2019 badge repository tag.

limited availability · archived official challenge page · historical

The official challenge described a limited collector badge given out after solving an easy challenge, then used as the entry point to the harder Black Badge challenge.

This was not necessarily a universal attendee badge; the page models it as a collector/challenge object rather than a default registration badge.

Archived NDH 2014 badge challenge page.

lineage-behavior caveat · retrospective source only · documented as lineage context

Later sponsor-pack material says past BSides Perth electronic badges displayed sponsor messages, schedules, and CTF challenges, but the recovered source does not identify which exact year carried each feature.

The 2018 entry cites this only as broader Perth lineage context and does not treat it as direct 2018 behavior proof.

BSides Perth 2021 sponsor-pack transcript.

main-badge evidence boundary · source-limited audit · not promoted

The main official DEF CON 12 badge remains source-limited in this pass; reviewed official event and media-archive sources support event context but do not yet provide enough artifact-level evidence for a separate official-badge record.

The catalogue avoids inventing material, role, visual, puzzle, or electronic claims for the official DEF CON 12 badge until stronger public sources are recovered.

DEF CON 12 official event page, media archive, InfoconDB event metadata, and forum-badge thread.

missing rights-cleared image · local project policy · needs licensed original replacement

No BSidesLisbon 2025 badge image is published because the recovered official pages, sponsor logos, ticketing graphics, and event media do not provide a specific badge photo or official raster with reusable license or explicit permission, attribution, source URL, and processing provenance.

The Portugal record remains source-backed and image-free rather than copying sponsor logos, event-page media, ticketing screenshots, or generated badge art.

badge.gallery image policy, BSidesLisbon 2025 about page, sponsors page, CTF page, and Eventbrite listing.

missing rights-cleared image · local project policy · needs licensed original replacement

No h-c0n 2026 CTF BADge image is published because the official blog media, Hackplayers recap media, and repository photos have not been paired with complete reusable image rights, attribution, source URL, and processing provenance for catalogue publication.

The Spanish h-c0n record remains source-backed and image-free rather than copying blog images, repository photos, prize photos, screenshots, logos, or generated badge art.

badge.gallery image policy, h-c0n CTF BADge post, Hackplayers post-event write-up, and therealdreg/hcon2026hwctf repository.

missing rights-cleared image · local project policy · needs licensed original replacement

The hardware repository and writeups include real badge imagery, but no image is promoted because this pass did not recover a complete reusable image license, attribution basis, and processing provenance for catalogue publication.

The Singapore record remains source-backed and image-free rather than copying repository photos, sponsor artwork, or blog images without complete image rights.

badge.gallery image policy, irq5.io writeups, and jellyjellyrobot/neander repository.

missing rights-cleared image · local project policy plus repository license check · needs licensed original replacement

No GreyBadge image is published because the repository artwork, README/media, and schematic-embedded images have not been paired with an explicit reusable image license, attribution basis, and processing provenance for badge.gallery publication.

The Singapore record remains source-backed and image-free rather than copying repository artwork, social media, slides, screenshots, or generated badge art.

badge.gallery image policy, NUSGreyhats/greybadge25 repository, and 2026-05-21 GitHub API license recheck.

missing rights-cleared image · local project policy · needs licensed original replacement

No local DEF CON 28 cassette-badge photo has been added because article and writeup images have not been paired with a complete reuse basis, attribution string, and processing record for this catalogue.

The entry remains image-free rather than copying Hackaday or personal writeup photography without provenance.

badge.gallery image policy, Hackaday article images, and independent challenge-writeup images.

missing rights-cleared image · local project policy · needs licensed original replacement

No local DEF CON 30 musical-badge photo has been added because article, forum, GitHub, and writeup images have not been paired with a complete reuse basis, attribution string, and processing record for this catalogue.

The entry remains image-free rather than copying attendee, press, forum, or GitHub-hosted challenge photography without provenance.

badge.gallery image policy, DEF CON forum images, FaultPoint images, Red Balloon Security images, and challenge-writeup assets.

missing rights-cleared image · local project policy · needs licensed original replacement

No BSides Tampa 2026 badge, lanyard, or Uber Badge image is published because official site images and event media have not been paired with explicit reusable image rights, attribution, source URL, and processing provenance.

The entry remains image-free rather than using event-page graphics, screenshots, social-media photos, generated imagery, or placeholders.

badge.gallery image policy and reviewed BSides Tampa 2026 official pages.

missing rights-cleared image · local project policy · needs licensed original replacement

No BSidesSF 2024 Hardware Challenge Village badge image is published because no source paired the badge media with reusable image rights, attribution, and processing provenance.

The record remains source-backed and image-free rather than copying event-page graphics, sponsor avatars, social photos, or screenshots.

badge.gallery image policy and BSidesSF 2024 Sched archive.

missing rights-cleared image · local project policy · needs licensed original replacement

No BSidesSF 2025 Hardware Challenge Village badge image is published because no public source recovered in this pass provided complete reusable image rights, attribution, source URL, and processing notes.

The record remains image-free rather than publishing uncleared or synthetic visuals.

badge.gallery image policy and BSidesSF 2025 Sched archive.

missing rights-cleared image · local project policy · open

No Flux Decoder image is published because the repository has no top-level license and the live SEC site is all-rights-reserved; board-cache images and page artwork are not copied without complete reuse provenance.

The record remains source-backed and image-free rather than publishing generated, placeholder, screenshot, repository-cache, or uncleared page imagery.

badge.gallery image policy, Social Engineering Community site footer, and FluxDecoder repository license probe.

missing rights-cleared image · local project policy · needs licensed original replacement

No local HITBSecConf2024 Bangkok SaikoCTF badge image has been added because the official sources have not been paired with reusable image rights, attribution, and processing notes for publication.

The entry remains source-backed and image-free rather than copying PDF imagery, event imagery, screenshots, social-media photos, or generated placeholder art.

badge.gallery image policy, HITB Bangkok SaikoCTF page, and HITB recruitment statement.

missing rights-cleared image · local project policy · needs licensed original replacement

No local BSides Adelaide 2025 badge image is published because public project photos and attendee-writeup images have not been cleared with exact reuse rights, attribution, and processing notes.

The entry remains text-and-source only until a licensed original photo or upstream raster render is selected and documented.

badge.gallery image policy, Hackerware Wombat-2 page, Hackster writeup, and semaja2 attendee writeup.

missing rights-cleared image · local project policy · needs licensed original replacement

No CHCon 2018 badge or challenge image is published because no reusable original photo with source URL, license, attribution, and processing notes has been recovered.

The record remains source-backed and image-free rather than copying event imagery, sponsor logos, social photos, or generated badge art.

badge.gallery image policy and CHCon 2018 source trail.

missing rights-cleared image · local project policy · needs licensed original replacement

No Kiwicon 2038 training badge image is published because no reusable original photo with complete source URL, license, attribution, and processing notes has been recovered.

The training-badge record remains source-backed and image-free rather than copying event imagery or using generated art.

badge.gallery image policy and Kiwicon training page.

missing rights-cleared image · local project policy · needs licensed original replacement

No Kākācon 2021 sticker image is published because the recovered page images have not been paired with explicit reuse rights, attribution, and processing notes.

The record remains source-backed and image-free rather than copying blog or art-page images without complete provenance.

badge.gallery image policy, Kākācon art page, and 2021 walkthrough.

missing rights-cleared image · local project policy · needs licensed original replacement

No Kākācon 2022 sticker image is published because the recovered page images have not been paired with explicit reuse rights, attribution, and processing notes.

The record remains source-backed and image-free rather than copying blog or art-page images without complete provenance.

badge.gallery image policy, Kākācon art page, and 2022 walkthrough.

missing rights-cleared image · local project policy · needs licensed original replacement

No local SINCON 2023 badge photo has been added because the recovered Hackster article images have not been paired with explicit image reuse rights, attribution, and processing notes for catalogue publication.

The Singapore entry remains source-backed and image-free rather than copying project photos without a complete image provenance record.

badge.gallery image policy and Hackster.io badge writeup.

missing rights-cleared image · local project policy · needs licensed original replacement

No local H2HC 2023 Game Boy badge image has been added because the public writeup images are not paired with explicit reusable image rights, attribution, and processing provenance.

The record stays source-backed and image-free rather than copying blog photos or using generated cartridge art.

badge.gallery image policy and Security-Bits H2HC 2023 Game Boy source page.

missing rights-cleared image · local project policy · needs licensed original replacement

No local BSides Cape Town 2017 badge image has been added because the public writeup photos have not been paired with an explicit reuse license, attribution, and processing notes for catalogue publication.

The record stays image-free rather than copying SensePost or blog imagery without complete provenance.

badge.gallery image policy and BSidesCPT17 RFCat challenge writeup.

missing rights-cleared image · local project policy · needs licensed original replacement

No Security Fest 2018 Challenge Badge image is published because the current public source trail has not been paired with a reusable original badge or artifact photo or official upstream raster render with source URL, license or permission basis, attribution, and processing notes.

The Sweden record remains source-backed and image-free rather than copying source-page media, documentation screenshots, event photos, social media, placeholders, or generated approximations.

badge.gallery image policy and Security Fest 2018 badge source trail.

missing rights-cleared image · local project policy · needs licensed original replacement

No NoNameCon 2019 NoNameBadge image is published because the current public source trail has not been paired with a reusable original badge or artifact photo or official upstream raster render with source URL, license or permission basis, attribution, and processing notes.

The Ukraine record remains source-backed and image-free rather than copying source-page media, documentation screenshots, event photos, social media, placeholders, or generated approximations.

badge.gallery image policy and NoNameCon 2019 ticketing, TechMaker making-of, firmware, and CTF source trail.

missing rights-cleared image · local project policy · needs licensed original replacement

No NoNameCon 2020 Air Quality Badge image is published because the current public source trail has not been paired with a reusable original badge or artifact photo or official upstream raster render with source URL, license or permission basis, attribution, and processing notes.

The Ukraine record remains source-backed and image-free rather than copying source-page media, documentation screenshots, event photos, social media, placeholders, or generated approximations.

badge.gallery image policy and NoNameCon 2020 DOU event listing, TechMaker badge writeup, firmware, and CTF source trail.

missing rights-cleared image · local project policy · needs licensed original replacement

No Car Hacking Village DC32 Main Badge image is published because the current public source trail has not been paired with a reusable original badge or artifact photo or official upstream raster render with source URL, license or permission basis, attribution, and processing notes.

The United States record remains source-backed and image-free rather than copying source-page media, documentation screenshots, event photos, social media, placeholders, or generated approximations.

badge.gallery image policy and Car Hacking Village DEF CON 32 official page, public CHV repositories, CTF challenge archive, SAO specification, and IOActive key-fob badge build series.

missing rights-cleared image · local project policy · needs licensed original replacement

No Wild West Hackin' Fest Deadwood 2025 E-Badge image is published because the current public source trail has not been paired with a reusable original badge or artifact photo or official upstream raster render with source URL, license or permission basis, attribution, and processing notes.

The United States record remains source-backed and image-free rather than copying source-page media, documentation screenshots, event photos, social media, placeholders, or generated approximations.

badge.gallery image policy and Wild West Hackin' Fest Deadwood 2025 official event page, official e-badge page, Meta CTF badge challenge link, and AlrikRr post-event badge-hacking writeup.

missing rights-cleared image · local project policy · needs licensed original replacement

No Hackfest 2019 Electronic Badge image is published because the current public source trail has not been paired with a reusable original badge or artifact photo or official upstream raster render with source URL, license or permission basis, attribution, and processing notes.

The Canada record remains source-backed and image-free rather than copying source-page media, documentation screenshots, event photos, social media, placeholders, or generated approximations.

badge.gallery image policy and Hackfest official history, Hackfest 2019 schedule, and Hackfest CTF 2019 page.

missing rights-cleared image · local project policy · needs licensed original replacement

No ToorCamp 2024 Shadybucks Wristband image is published because the current public source trail has not been paired with a reusable original badge or artifact photo or official upstream raster render with source URL, license or permission basis, attribution, and processing notes.

The United States record remains source-backed and image-free rather than copying source-page media, documentation screenshots, event photos, social media, placeholders, or generated approximations.

badge.gallery image policy and ToorCamp 2024 Shadybucks, Shady Tag, and Euphoria CTF wiki source trail.

mixed-source classification · primary plus first-hand secondary · documented

Hardware-source context comes from the official nsec-badge repository, firmware/build details come from the official badge-conf-2023 repository, controller-screen challenge behavior comes from the official nsec-badge-controller-screen repository, and detailed EEPROM/badge-chain protocol behavior comes from a first-hand attendee technical writeup.

Claims are kept specific to what each source proves, and the record does not overstate official documentation beyond the public repositories and first-hand writeup.

NorthSec 2023 README, badge-conf-2023 README, nsec-badge-controller-screen README, and idk.bz conference-badge writeup.

no-firmware classification · official badge page · documented

The official about page says the badge kept things old school with no microcontrollers, using a 555 timer and 4017 counter instead.

The catalogue models the badge as analog electronic hardware and does not infer firmware or software challenges.

Kernelcon 2024 badge about page.

non-electronic scope · source-backed classification · documented

DEF CON 13 is modeled as a non-electronic human identity badge because the public source trail proves a physical badge but places DEF CON's first electronic badge at DEF CON 14 in 2006.

The compendium preserves the pre-electronic artifact without inventing LEDs, firmware, microcontrollers, or a badge challenge for 2005.

Wikimedia Commons DC13 Badge photo, DEF CON 13 forum announcement, VICE/Motherboard badgelife history, and Grand Idea Studio DEF CON 14 materials.

non-electronic scope · primary program and forum sources · documented

DEF CON 19's standard badge is modeled as a non-electronic titanium identity and puzzle artifact because official sources explicitly say the year moved away from electronic badges.

The catalogue avoids MCU, firmware, LED, battery, and circuit claims for 2011 while still preserving the badge's physical fabrication and puzzle significance.

DEF CON 19 program and LosT's DEF CON forum repost.

non-electronic scope · source-backed · documented

DEF CON 21's standard badges were intentionally described as non-electronic-electronic rather than powered electronic gadgets.

The compendium models the badge as a PCB identity and puzzle artifact and avoids firmware, MCU, LED, or battery claims for the standard badge.

Hackaday DEF CON 21 report and WIRED badge reveal.

non-electronic scope · official registration sources · documented

The public source trail proves a badge-required admission model and badge pickup workflow, but does not prove an electronic PCB badge, firmware, schematic, challenge circuit, or hardware badge repository.

The catalogue preserves the major BSides Las Vegas badge lineage as an identity/access artifact without inventing electronics.

BSides Las Vegas 2019 Join Us and Registration FAQ pages.

non-electronic scope · source-backed but incomplete · documented

The recovered official sources prove an attendee badge/lanyard and a badge challenge, but do not prove electronics, firmware, batteries, PCB traces, displays, radios, NFC, or a public hardware repository.

The catalogue records the badge challenge and physical identity artifact without inventing hardware.

BSides Tampa attendee FAQ and badge-challenge page.

official-source caveat · builder-log backed · needs deeper archive recovery

The badge record relies on a public builder log that frames the work as an official-badge request, but this pass did not recover an official ToorCon badge guide, repository, schematic set, or firmware archive.

The catalogue keeps the official-badge wording tied to the cited log and avoids claiming complete production ownership, final challenge rules, or released design files.

Hackaday.io Official Toorcon Badge? log and InfoconDB event metadata.

online-edition distribution caveat · event listing and badge-team source · documented with limits

The event listing presents NoNameCon 2020 as online and the TechMaker article says some CTF tasks were reworked because of COVID social distancing and the absence of the offline part of the conference.

The record documents a real badge platform but avoids claiming ordinary on-site pickup, universal in-person attendee distribution, or full offline village behavior.

DOU NoNameCon 2020 listing and TechMaker NoNameBadge 2020 article.

partial-competition archive · repository README and source · partial archive

The badge competition is documented as a partial RubberDucky 2.0 interpreter in the code, not as a complete public challenge archive with rules, released solve, or prize outcome.

The record preserves the competition hook without overstating the completeness of the recovered challenge material.

LayerOne2023 README badge competition note and `keyboard.c` partial parser.

parts/reward expectation friction · closing talk reaction and field report · historical

The closing talk includes attendee reaction about buying a ticket yet not receiving parts, while Rabbit Radio describes challenge progress unlocking more parts for the badge.

The RCA build-up mechanic was part of the fun, but also created expectations around badge parts and prize/reward availability.

Rabbit Chaos Adventure closing talk and Rabbit Radio report.

party-pager classification · repository description and firmware evidence · documented

The public source trail describes SMART Response XE-based pagers for the 503 Party 2019, not an official DEF CON admission badge or a BSidesPDX conference credential.

The catalogue models 5ohBEE as a DC503 party pager and game artifact while keeping official conference badge lineages separate.

pdxbadgers/5ohBEE-2019 repository metadata, README, and firmware sketches.

physical-artifact caveat · source-backed but incomplete · needs deeper artifact inventory

Public sources document the non-electronic lens/layer concept, clue trail, badge-making talk, and black-badge collaborator note, but this pass does not inventory every physical lens, badge type, printed layer, clue, or final challenge solution.

The catalogue records verified badge lineage and interaction surfaces while leaving full artifact photography and challenge reconstruction for a later pass.

Mar Williams Art announcement, DEF CON creator-talk page, and DEF CON media-server badge directory.

planned badge caveat · official pre-event sources · pre-event

The DEF CON 34 record is seeded before the event from official preregistration and SAO specification sources.

The catalogue can document the planned Human badge and public electronic interface constraints now, but it must not claim final shipped artwork, firmware, badge-game rules, manufacturing quantities, or all attendee-role variants until post-event sources appear.

DEF CON homepage, DEF CON 34 official shop page, and DC34 SAO spec PDF.

planned identity artifact · primary pre-event source · pre-event

The source proves a planned official lanyard plus badge, but not a shipped artifact, electronic badge, firmware, or badge challenge.

The compendium can list the public pre-event identity artifact while avoiding unsupported hardware claims.

UnknownCon 2026 event page and sponsor deck.

planned pre-event badge · official source · planned not shipped

The record is based on public pre-event prospectus and ticketing sources and should not be read as proof that the badge has shipped or that its final hardware design is fixed.

The catalogue can track the announced electronic badge line while avoiding shipped-hardware, firmware, challenge, or production claims until post-event evidence appears.

BSides Brisbane 2026 prospectus, official pages, and Humanitix ticketing.

planned/pre-event identity-artifact classification · primary source · awaiting post-event evidence

The 2026 Adelaide record is based on pre-event CFP and sponsor-brief evidence for printing, lanyards, and badges, not a completed or distributed badge.

The catalogue can track the planned attendee badge/lanyard surface without claiming finished artwork, production, electronics, challenge behavior, or shipped distribution.

BSides Adelaide 2026 CFP and sponsor brief.

planned/pre-event identity-artifact classification · primary source · awaiting post-event evidence

The 2026 Perth record is based on official pre-event participant-ticket copy proving a planned conference-swag badge, not a delivered or technically documented badge.

The catalogue can track the upcoming Perth badge without claiming final manufacturing, distribution, electronics, or challenge behavior.

BSides Perth 2026 event page.

post-assembly challenge soldering · badge guide · historical

The CTF LED path required desoldering capacitors C1 and C2, replacing them with 22 pF capacitors, and soldering SMD LEDs and resistors at specific locations.

The badge intentionally blurs software play with hands-on hardware rework; the compendium tracks that as a lifecycle/challenge caveat.

Hackerware Security Fest Piano CTF Badge guide.

post-event source gap · official and post-event source wording · documented; monitor deeper archive

The official post intentionally withheld rear-side component details before attendees received the badge, and the later public trail improves the creator, firmware, tooling, and winner-write-up record without exposing board files, schematics, BOM, production files, final quantity, or full component identity.

The catalogue records only the official development-board, Hackplayers recap, and repository-backed RP2350/RISC-V challenge claims while withholding exact board-design and manufacturing claims.

h-c0n CTF BADge announcement, Hackplayers post-event write-up, and hcon2026hwctf repository.

pre-event badge caveat · official ticket source · needs post-event confirmation

The current public evidence is pre-event ticket text, so this record does not claim final shipped hardware, final firmware, attendee delivery, or post-event challenge behavior.

The catalogue can preserve the limited PCB badge announcement while keeping final distribution and field behavior open for a post-event source pass.

SECCON official ticket page and event pages, checked 2026-05-21.

pre-event badge caveat · official page but future event · planned

The BSidesTLV 2026 record is seeded before the June 25, 2026 event because the official Hardware Village page already documents an electronic-badge-centered hardware CTF and badge sessions.

The record should not claim shipped hardware, final challenge behavior, attendee distribution scope, or post-event outcomes until the event happens and artifact-level sources appear.

BSidesTLV 2026 Hardware Village page.

pre-event coverage · current public event page · incomplete current record

Final hardware, firmware, photos, author credits, delivery status, and CTF/badge integration details are not public in the current source set.

The compendium can track the announced badge and challenge without inventing components, delivery outcomes, controversy, or authorship before the event ships.

RomHack 2026 event page and RomHack Camp CTF page.

pre-event status · official badge and event pages · planned

The record is seeded before the May 25-26, 2026 event from official badge and event pages, so shipped quantities, final firmware, attendee distribution, and challenge behavior remain pending.

The catalogue treats the badge as planned/pre-event and should be refreshed after the conference.

ConfiBadge 2026 page, hardware page, CONFidence FAQ, PROIDEA event page, and official rules PDF.

primary technical archive gap · credible secondary source but incomplete primary archive · needs official schematic or firmware recovery

The recovered source trail documents a NodeMCU ESP8266 handmade badge and badge-hack contest, but this pass did not recover an official 2018 schematic, PCB, BOM, firmware repository, or direct organizer badge writeup.

The record keeps component claims to the published NodeMCU ESP8266 detail and avoids assigning unverified display, battery, schedule, or CTF features.

Australian Cyber Security Magazine 2018 report and BSides Perth 2021 sponsor-pack retrospective.

privacy and sensor caveat · official research statement · documented

The study context involved VR goggles, physiological sensors, questionnaires, challenge activity, and researcher check-ins, with the recruitment statement explaining data collection and participant procedures.

The badge dossier preserves the research-study context while avoiding unrelated claims about public badge behavior, firmware, or attendee monitoring outside SaikoCTF participation.

HITB Recruitment statement.

public-demo firmware boundary · source-backed but scoped · documented

The public repository is a cleaned-up demo firmware collection with examples and removed event-specific/proprietary material, while the Hackaday.io project describes a richer original badge firmware with menus, audio games, visual effects, timers, hidden screens, and challenge hooks.

The software description separates the recovered demo archive from the full shipped event firmware so the record does not overstate public source completeness.

Hackaday.io THOTCON 0xD project and `thotcon-examples` README.

public-source scope caveat · source-backed but compact · documented

The repository documents hardware and firmware targets, but this pass does not enumerate every CTF firmware behavior, add-on program, or produced attendee-board variant.

The catalogue records verified badge surfaces and leaves deeper event-specific artifact inventory for future work.

NorthSec 2024 badge README and repository tree.

remaining hardware caveat · source-backed but intentionally narrow · BOM and production notes recovered; still needs shipped-count and image provenance

Recovered official sources now include the PCB Badge guide, public technical repository, production BOM, production notes, firmware, PCB files, base-station/backend/game/web/software trees, hardware revision notes, timer/DMA details, menu-flow notes, and BadUSB protocol notes, but this pass still does not assert a shipped count or rights-cleared badge image.

The dossier records the verified interaction, production, and technical-archive surface while avoiding unsupported production-scale and image-provenance claims.

HITCON 2025 PCB Badge guide, HITCON agenda page, john0312/hitcon-pcb-badge repository, JLCPCB BOM, and production notes.

remote-edition context · official source · documented

NorthSec's official past-editions page describes 2021 as a lockdown/remote edition, so the catalogue avoids claiming ordinary in-person badge distribution logistics.

The record focuses on the public electronic badge, game flags, and development-board behavior rather than unsupported hallway-distribution details.

NorthSec past editions and 2021 badge page.

replay hardware boundary · repository documentation · documented

The repository says people replaying the CTF at home can flash a Raspberry Pi Pico 2, but boards different from the CTF PCB need an LED on GPIO 25 and one challenge may require a debug probe and cable.

The record distinguishes the conference CTF BADge from compatible at-home replay boards and preserves the hardware-debugging requirement without overstating universal compatibility.

therealdreg/hcon2026hwctf README.

repository archive gap · current source trail · needs post-event recovery

No final public firmware repository, schematic, PCB files, BOM, or manufacturing archive has been recovered in this pass, and the official contact page still lists GitHub as TBA.

Hardware claims stay limited to the official component list and pre-event pinout table, and software claims stay limited to the stated firmware and challenge goals.

ConfiBadge 2026 home, hardware, pinout, and contact pages.

repository license caveat · GitHub API recheck · no detected license

GitHub reported `license: null` for NUSGreyhats/greybadge25 during this pass, and no visible top-level LICENSE file was used as a reuse basis.

Repository files are cited as public evidence, but local reuse is limited: no repository images, artwork, hardware files, firmware, or slides are copied into the catalogue as licensed assets.

NUSGreyhats/greybadge25 GitHub API metadata and repository tree recheck.

repository license caveat · repository README · needs component-level review

The repository README says the project uses submodules with various licenses and instructs readers to check individual component licenses.

Firmware and hardware facts can be sourced from the repository, but code-reuse and asset-reuse claims should not be collapsed into one blanket license statement.

disobey-badge-2025-game-firmware README.

repository recovery gap · official source but unrecovered archive · needs deeper archive recovery

HITB stated that the badge hardware, software, and firmware were fully open sourced, but this pass did not recover a stable repository or downloadable source archive URL.

The dossier records the public hardware-spec and challenge surface while avoiding unsupported firmware, schematic, or implementation claims beyond the official page.

HITBSecConf2018 Amsterdam CommSec Village page.

repository recovery gap · official source but unrecovered archive · needs deeper archive recovery

HITB stated that the badge hardware, software, and firmware would be fully open sourced, but this pass did not recover a stable repository or downloadable source archive URL.

The dossier records the public hardware notes and challenge surface while avoiding unsupported firmware, schematic, exact-chip, or implementation claims beyond the official page.

JD-HITBSecConf2018 Beijing CommSec Village page.

repository scope caveat · primary repository plus official event sources · public hardware and firmware repository recovered

The Electronic Cats repository now proves badge components, firmware, commands, KiCad files, and the challenge flow, but this pass still does not verify final shipped-unit variations, attendee-specific provisioning, or rights-cleared documentary photos.

The dossier can use component-level and firmware claims from the repository while still keeping image and distribution details conservative.

ElectronicCats badge-dragonJar-2025 repository, DragonJARCON 2025 event page, and DragonJAR badge raffle page.

repository-license caveat · repository audit · documented

The public repository documents hardware and challenge behavior, but this pass did not recover a top-level license suitable for local image or code reuse assumptions.

The catalogue cites the repository as evidence while leaving images empty and avoiding license claims beyond the source text.

ZonkSec kernelcon-2019-badge repository.

repository-license caveat · repository audit · documented

The GitHub API reports no repository license for `secommunity/FluxDecoder` in this pass.

The catalogue cites the repository as evidence but does not assume reusable image, code, schematic, or PCB rendering rights beyond ordinary source citation.

GitHub repository metadata for secommunity/FluxDecoder.

repository-license caveat · GitHub metadata · documented for source only

GitHub reported no detected license for the DC32 main badge board, main badge firmware, CTF challenge, and CHV SAO specification repositories in this pass, while the separate Speedometer SAO firmware repository reports MIT.

The catalogue cites those repositories as source evidence but does not treat repository images, board renders, firmware, CTF material, or documentation as broadly reusable publication assets without explicit license coverage.

GitHub repository metadata for car-hacking-village/DC32_CHV_Badge_Board, DC32_CHV_Badge_Firmware, DC32_CTF_CHALLENGES, CHV_SAO_Specification, and DC32_CHV_Speedometer_Firmware.

research participant scope · official source but intentionally narrow · documented source limitation

The source trail proves an electronic SaikoCTF badge for research-study participants, not a universal HITBSecConf2024 admission credential or public attendee badge.

The record is modeled as a SaikoCTF participation badge so the catalogue does not overstate its distribution scope.

HITB SaikoCTF page and HITB Recruitment statement.

retrospective hardware caveat · official badge-team interview · documented

The 2014 preview discusses the 2013 badge retrospectively and notes that some 2013 badges lacked accelerometer hardware, so this record keeps input and game claims conservative.

The badge is modeled as a proven electronic badge while exact final per-attendee hardware capability remains caveated.

RVAs3c badge preview retrospective comments.

software-source caveat · badge-maker writeup · needs software archive recovery

The badge-maker writeup says the CactusCon crew planned a software-side writeup and hints at event wireless infrastructure, but this pass did not recover a public firmware repository, complete challenge source, or software architecture note.

The catalogue records verified hardware and firmware-access surfaces while avoiding unsupported claims about the badge's full event game or OTA backend.

Badge Pirates CactusCon 11 Badge writeup.

software-source caveat · repository tree inspection · needs final firmware recovery

The repository includes BasicCodeForQA, but this pass did not recover final event firmware, badge-game source, OTA service code, or challenge material.

The record keeps software claims limited to QA-code context and hardware-programming surfaces.

BadgePiratesLLC/CactusCon-12 CODE tree.

software-source caveat · repository tree inspection · needs firmware archive recovery

The CactusCon13 repository exposes CAD, outer-board, documentation, reference, and 3D-print material, but this pass did not recover standalone final firmware, event-game source, OTA service code, or challenge archive.

The catalogue records verified hardware/manufacturing evidence while avoiding unsupported claims about badge software behavior.

BadgePiratesLLC/CactusCon13 repository tree.

software-source caveat · repository tree inspection · needs firmware archive recovery

The GitHub repository description mentions firmware, but the visible public tree inspected in this pass primarily exposes hardware design, manufacturing, enclosure, BOM, schematic, and art outputs rather than standalone event firmware or challenge source.

The catalogue records the verified hardware archive while avoiding unsupported claims about badge applications, games, OTA behavior, or event infrastructure.

BadgePiratesLLC/CactusCon14 README and repository tree.

source depth · source-backed but compact · documented caveat

The public sources are strong for kit intent, BOM, assembly, Arduino workflow, Gerbers, KiCad files, and photos, but they do not provide a full event field report or attendee writeup for how the badge was used during the day.

The record keeps its claims to documented kit distribution, assembly, and sample-code behavior rather than inventing on-site gameplay or contest lore.

BSides PR 2019 badge docs, repository README, and Security BSides wiki page.

source-code and production gap · official event archive plus public badge docs · needs badge-team archive

The public documentation proves the kit contents, assembly path, flashing workflow, and Hackers Challenge registration behavior, but this pass did not recover a public schematic archive, PCB source, production count, complete Lua source tree, final firmware image mirror, or badge-team repository.

The record preserves verified public hardware and workflow facts without inventing unrecovered firmware internals, board-source details, or manufacturing data.

SAINTCON 2016 archive, venue map, badge assembly, upload-code, and registration documentation.

source-code archive gap · source-backed but incomplete · needs public firmware or schematic recovery

The recovered sources document hardware components, soldering, USB CTF interaction, and LED progress behavior, but this pass did not recover a public firmware, schematic, PCB, BOM, or gerber archive.

The dossier records the verified badge behavior while avoiding unsupported pinout, firmware, protocol, or source-release claims.

Hackster Wombat badge writeup, Hackerware badge page, and soldering tutorial PDF.

source-code archive gap · source-backed but incomplete · needs public firmware or schematic recovery

The recovered sources document components, onboard controls, CTF prompts, LED behavior, and a PCB-blueprint challenge, but this pass did not recover public firmware source, schematic, BOM, or final gerber archive suitable for component-level verification.

The record keeps the hardware and software claims to creator and attendee documentation instead of inferring a full implementation.

Hackerware Wombat-2 pages, Hackster project-owner writeup, and semaja2 attendee challenge writeup.

source-code archive gap · source-backed but incomplete · needs main-badge firmware or schematic recovery

The official event page documents the Underground badge's ESP32, screen, controls, badge-to-badge communication, SAO support, and CTF framing, and a maker writeup documents a WS2812B SAO board, but this pass did not recover public firmware, schematic, PCB, BOM, radio protocol, or production files for the main badge.

The record captures the public badge and add-on evidence while avoiding unsupported chip pinout, firmware, radio, protocol, or shipped-behavior claims.

BSides Ballarat 2026 event page, Ballarat Hackerspace reference, Eurekative reference, and dmoges SAO maker writeup.

source-code archive gap · source-backed but incomplete · needs public repository or schematic recovery

The designer writeup documents source-file names, firmware architecture, and implementation details, but the current source trail did not recover a reliable public firmware repository, schematic, board-file archive, or license statement.

The dossier can now describe the implemented firmware architecture from a primary source while still avoiding unsupported repository, schematic, image, or reuse-rights claims.

Sinclair Studios CHCon 2025 badge challenge writeup and Jeremy Stott technical writeup.

source-code archive gap · source-backed but incomplete · needs public firmware or schematic recovery

The recovered project-owner writeup documents hardware components and CTF behavior, but this pass did not recover a public firmware, schematic, PCB, or BOM archive for the SINCON badge.

The dossier records the observable hardware and serial CTF flow while avoiding unsupported repository or source-code claims.

Hackster.io Khong Guan Building CTF badge writeup.

source-code gap · official docs but incomplete source recovery · needs image/repository recovery

Official pages and the public manual document badge assembly, flashing, registration, and post-event conversion, but this pass did not recover a public source repository for the badge image, custom PCB design files, challenge daemons, or final production files.

The catalogue records the verified deployed badge and public manual without inventing unrecovered firmware internals or PCB-source details.

SAINTCON 2017 badge page and GitLab Pages badge manual.

source-depth caveat · repository, talk, wiki, field report, and participant reports · repository reviewed; firmware still not asserted

The repository review confirms schematics, Gerbers, LCSC parts exports, media, 3D-print files, NE556-related challenge material, and multi-board RCA structure, but this pass still does not claim a complete firmware architecture or full electrical BOM extraction.

The dossier is now specific about the public artifact package while still avoiding unsupported firmware and chip-level claims beyond what the repository and reports expose.

x70b1/eh21badge repository, Rabbit Chaos Adventure closing talk, Rabbit Radio, Easterhegg wiki, and participant reports.

source-depth caveat · detailed guide, mirror, and event archive · needs repository or team-page recovery

The badge guide and migrated mirror are strong for hacking workflow and credits, but no public design-file repository has been seeded yet for a full bill of materials or firmware-history record.

The dossier intentionally avoids unsupported MCU/module claims beyond the public USB UART, Omega shield, jumpers, CTF, and RF wiring notes.

Jump ESP, jump! badge guide, migrated mirror, and Hacktivity event archive.

source-depth caveat · source-backed but limited · needs deeper archive review

The current public sources prove DEF CON 1 name-tag and paper role-badge artifacts but do not identify the badge designer, production process, complete role taxonomy, or any official puzzle layer.

The record limits claims to visible physical-credential evidence and official registration context.

DEF CON 1 official announcement, official archive page, official picture index, media-server badge image, and scanned program archive.

source-depth caveat · source-backed but limited · needs deeper archive review

The current public sources prove visible DEF CON 2 rectangular printed chest credentials but do not identify the badge designer, production process, material, full role taxonomy, or any official puzzle layer.

The record limits claims to visible physical-credential evidence and event context.

DEF CON 2 official media-server event photos, official DEF CON archive page, official picture index, announcement, and scanned program archive.

source-depth caveat · source-backed but limited · needs deeper archive review

The current public sources prove visible DEF CON 3 colored rectangular waist credentials but do not identify the badge designer, production process, material, full role taxonomy, or any official puzzle layer.

The record limits claims to visible physical-credential evidence and event context.

DEF CON 3 official media-server event photos, official DEF CON archive page, official picture index, and scanned program archive.

source-depth caveat · source-backed but limited · needs deeper archive review

The current public sources prove visible DEF CON 4 rectangular chest credentials but do not identify the badge designer, production process, material, full role taxonomy, or any official puzzle layer.

The record limits claims to visible physical-credential evidence and event context.

DEF CON 4 official media-server event photos, official DEF CON archive page, and scanned program archive.

source-depth caveat · source-backed but limited · needs deeper archive review

The current public sources prove a visible DEF CON 5 hanging credential but do not identify the badge designer, production process, material, full role taxonomy, or any official puzzle layer.

The record limits claims to visible physical-credential evidence and event context.

DEF CON 5 official media-server event photo, official DEF CON archive page, and scanned program archive.

source-depth caveat · source-backed but limited · needs deeper archive review

The current public sources prove visible DEF CON 6 credentials but do not identify the badge designer, production process, material, full role taxonomy, or any official puzzle layer.

The record limits claims to visible physical-credential evidence and event context.

DEF CON 6 official media-server event photos, official DEF CON event page, and scanned program archive.

source-depth caveat · source-backed but limited · needs deeper archive review

The current public sources prove attendees wore DEF CON 8 lanyard credentials but do not identify the badge designer, production process, material, full role taxonomy, or any official puzzle layer.

The record limits claims to visible physical-credential evidence and event context.

DEF CON 8 official media-server event photos, official DEF CON event page, and scanned program archive.

source-depth caveat · source-backed but limited · needs deeper archive review

The current public sources prove attendees wore DEF CON 9 lanyard badges but do not identify the badge designer, production process, material, full role taxonomy, or any official puzzle layer.

The record limits claims to visible physical-badge evidence and event context.

DEF CON 9 official media-server event photos and scanned program archive.

source-depth caveat · source-backed but limited · needs deeper archive review

The current public sources prove the physical badge artifact and corner-hole lore but do not identify the badge designer, production process, material, full role taxonomy, or any official puzzle layer.

The record limits claims to visible physical-badge evidence and official program context.

DEF CON 10 official program and media-server image listing.

source-depth caveat · source-backed but limited · needs deeper archive review

The current public sources prove the badge artifact and event context but do not identify the badge designer, production process, material, full role taxonomy, or any official puzzle layer.

The record limits claims to visible physical-badge evidence and official event context.

DEF CON 11 official program and media-server image listing.

source-depth caveat · primary source only · monitor for later releases

This pass found official BBV page evidence for the badge and CTF leg but no public repository, bill of materials, final challenge writeup, or rights-cleared documentary badge photo.

The record is intentionally compact and should be revisited if Bug Bounty Village publishes post-event technical material.

Bug Bounty Village BBV Badge 2025 and CTF 2025 pages.

source-depth caveat · source-backed but incomplete · needs deeper artifact inventory

The public sources prove the ESP32 audio badge, repository trail, and add-on connector, but this pass did not recover a complete final schematic, BOM, production package, firmware release tag, or attendee challenge archive.

The record keeps hardware and software statements tied to public evidence while avoiding unsupported production-scale and final-firmware claims.

LayerOne HHV archive, Hackaday event report, CharlieX repository, and mmca add-on log.

source-depth caveat · source-backed but incomplete · needs deeper artifact inventory

The public sources prove the ATtiny2313 main badge, repository source trail, and ESP32CAM/servo add-on context, but this pass did not recover a complete final schematic, BOM, production package, firmware release tag, or challenge solve archive.

The record keeps hardware, software, and add-on statements tied to public evidence while avoiding unsupported production-scale and final-firmware claims.

LayerOne HHV archive, Hackaday event report, and CharlieX layerOne2019 repository.

source-depth caveat · source-backed but incomplete · needs deeper artifact inventory

The repository preserves firmware, board and schematic files, host tooling, enclosure assets, and an interactive BOM, but this pass does not claim a complete production package, final assembly guide, attendee count, or challenge solve archive.

The record keeps hardware, USB, LED, and firmware statements tied to the recovered public repository while avoiding unsupported production-scale claims.

charlie-x/LayerOne2023 README, firmware sources, PCB files, OKBB host tool, and repository tree.

source-depth caveat · first-hand write-up plus secondary coverage · needs badge-team archive

The recovered public trail proves an Arduino-compatible badge, FTDI programming path, HHV assembly context, hidden challenge behavior, and blinky expansion board, but this pass did not recover an official 2014 archive page, schematic, BOM, PCB source, MCU identification, final firmware repository, production count, or complete build manual.

The record preserves verified badge behavior and named-source context without inventing unrecovered electronics, firmware internals, component values, or manufacturing details.

Josh Datko write-up, SparkFun repost, Hackaday coverage, and Cisco retrospective context.

source-depth caveat · official event metadata plus first-hand badge package write-up · needs badge-team archive

The official archive and metadata sources prove the virtual event context, and the first-hand DC540 write-up proves a shipped badge package, included MiniBadge, custom-MiniBadge coupon, and HC CTF badge context; this pass did not recover an official 2020 schematic, BOM, firmware archive, production count, or complete badge-team build notes.

The record treats SAINTCON 2020 as a conservative package-level badge entry instead of inventing unrecovered electronics, firmware behavior, or challenge mechanics.

SAINTCON 2020 archive, InfoconDB event entry, DC540 first-hand write-up, and MiniBadge standard README.

source-depth caveat · public repository and official talk source · needs final production archive

The official talk page and repository document the badge design, gameplay, hardware archive, and CircuitPython workflows, but this pass did not recover a final production count, shipped firmware release tag, manufacturing order, or rights-cleared field photo.

The record preserves the real BSidesPDX badge without overstating production logistics or publishing unclear media.

BSidesPDX speaker page, hardware README, Attribution Game badge guide, Trick-or-Treat README, and repository metadata.

source-depth caveat · first-hand attendee writeup · needs official badge archive recovery

The recovered source proves a paid badge package and observed Wi-Fi/Bluetooth scanner behavior, but this pass did not recover official badge-team documentation, schematics, BOM, firmware, production count, challenge material, or a source repository.

The catalogue records the real scanner badge while keeping technical claims limited to the public attendee writeup.

Ratil.life Hacking and Skydiving writeup.

source-depth caveat · source-backed but incomplete · needs deeper archive recovery

Rob Rehrig's first-hand writeup documents the 0xC badge theme, laser-tag behavior, enclosure, optics, and production decisions, but this pass did not recover a public schematic, Gerber set, BOM, firmware repository, binary archive, or full badge manual.

The catalogue records verified event, game, mechanical, and optical facts without claiming that the complete design archive is public.

Rob Rehrig THOTCON 0xC writeup, official THOTCON 0xC schedule, Fourfold work page, and InfoconDB event metadata.

source-depth caveat · official interview · documented

The public source documents behavior and production context through an interview rather than a full hardware repository or final attendee manual.

The record avoids claiming a recovered schematic, BOM, final firmware tree, or complete CTF source.

Hack.RVA: 2016 Badges interview.

source-depth caveat · source-backed but incomplete · needs source recovery

The Hackster project provides first-hand build notes, materials, and a firmware binary link, but this pass did not recover a dedicated public source repository with complete C source, schematic, Gerbers, PCB production outputs, or a formal hardware license.

The record keeps controller, LED, fabrication, and firmware claims tied to the first-hand project page and avoids unsupported protocol, challenge, and source-release claims.

Hackster DerbyCon Legacy Black Badge project and linked files.

source-depth caveat · single official agenda source · needs badge-team archive

The public source trail proves an AfricaHackOn 2018 electronic conference badge and making-of session, but does not expose the badge's component list, firmware, repository, schematics, board files, distribution model, or challenge behavior.

The record is intentionally narrow and should be expanded only if a badge-team writeup, slide deck, code release, or surviving-board documentation is recovered.

OPCDE Kenya agenda.

source-photo limitation · public writeup and image policy · needs licensed original replacement

The current build has not cleared a reusable original badge photo from the field writeup or repository.

The record remains source-backed for facts, while the catalogue withholds imagery until a licensed original photo is curated.

Project image provenance and Zeta-Two challenge-badge photo reference.

source-release gap · project logs but incomplete source recovery · needs artifact-level archive

The all-at-once log says Eagle files and software would be uploaded to GitHub, but this pass did not recover a complete public final repository, release package, board-production archive, or challenge/software bundle for the 2016 badge.

Hardware and software claims remain tied to the public HHV page and Hackaday.io logs instead of treating planned source publication as recovered source.

LayerOne 2016 All at once log and current source search.

sticker-badge classification · organizer walkthrough · documented

The Kākācon 2021 source trail proves a sticker-backed badge challenge, not an electronic badge.

The entry preserves the printed challenge artifact without inventing PCB hardware, firmware, RF, display, or battery behavior.

Kākācon art page and 2021 badge challenge walkthrough.

sticker-badge classification · organizer walkthrough · documented

The Kākācon 2022 source trail proves a sticker-backed badge challenge, not an electronic badge.

The entry preserves the printed challenge artifact without inventing PCB hardware, firmware, RF, display, or battery behavior.

Kākācon art page and 2022 badge challenge walkthrough.

student-competition scope caveat · official event page · documented

X-CTF was a student cybersecurity competition rather than a general public hacker conference, but the official event page and badge-maker sources document a real event-specific electronic badge and firmware challenge surface.

The record is included as a Singapore hacker-culture competition badge while keeping the event type explicit.

NUS Greyhats X-CTF page and irq5.io badge writeups.

summit/finals firmware boundary · public release trail and filesystem README · documented

The public repository has both finals and summit firmware assets. The badge record describes the shared GreyMecha/Army badge archive and challenge surfaces without claiming every final attendee image, provisioning step, or private competition backend was public.

Software claims stay limited to the recovered repository, filesystem README, and release assets.

greybadge25 README, RP2350 filesystem README, and GitHub releases page.

technical-source caveat · public repository archive · needs deeper production archive

The repository exposes Eagle CAD, firmware sketches, and 3D-print files, but this pass did not recover a final BOM, ordered assembly record, firmware release tag, complete user manual, or post-event challenge writeup.

Hardware and software claims remain limited to the public repository files and official talk description.

pdxbadgers/2018-banglet repository tree, sketches README, firmware, and 3D-print README.

technical-source caveat · official source but incomplete · needs artifact archive

The recovered official page proves an all-parts badge kit in the merch bundle, but no component list, schematic, PCB artwork, firmware, battery details, assembly guide, or challenge writeup was recovered.

The record stays narrow and does not invent electronics beyond the official badge-kit language.

CarolinaCon Online 2021 official page and schedule.

technical-source caveat · official source but incomplete · needs artifact archive

The recovered official pages prove a Conference PCB Badge and electronic-badge merch bundle, but do not publish component, firmware, schematic, BOM, battery, image-rights, or challenge-source detail.

The record preserves the artifact while avoiding unsupported claims about hardware design or firmware behavior.

CarolinaCon Online 2 home, about, and schedule pages.

technical-source caveat · official source plus attendee report but incomplete archive · needs badge-team archive

The official schedule proves a specially designed HCV badge and badge CTF contest, and a Veritas attendee report documents the screen, joystick, USB-C/battery power, and clue-exchange behavior, but no source recovered here publishes component identifiers, schematics, firmware, PCB files, production notes, or challenge source.

The catalogue can describe observed user-facing badge behavior while leaving schematic, firmware, and manufacturing details for a later badge-team archive.

BSidesSF 2024 Hardware Challenge Village schedule description and Veritas attendee report.

technical-source caveat · official source but incomplete · needs badge-team archive

The official schedule proves a badge designed specifically for the Hardware Challenge Village CTF, but does not publish component identifiers, schematics, firmware, PCB files, production notes, challenge source, or scoreboard archive.

The catalogue records the verified village badge and leaves hardware/software archaeology for a later source recovery pass.

BSidesSF 2025 Hardware Challenge Village schedule description.

technical-source caveat · public source archive · needs final production archive

The public PCB and firmware archives document the design files and ESP8266 badge behavior, but this pass did not recover BOM notes, assembly instructions, final flashed release tag, manufacturing order, workshop handout count, or post-event challenge results.

Hardware and firmware claims remain limited to the public repository files and official schedule wording.

pdxbadgers/pcb-2015, pdxbadgers/fw-2015 README, badger.ino, and BSidesPDX 2015 schedule.

technical-source caveat · public hardware and firmware archive · needs final production archive

The public repository exposes Eagle board, schematic, BOM, and an Arduino sketch, but this pass did not recover final Gerbers, assembly instructions, production photos, challenge docs, release tags, or a post-event firmware history.

Hardware and firmware claims remain limited to the public repository files plus event-context wording.

pdxbadgers/pcb-2016 BoM.csv, badge.sch, badge.brd, and badge.ino.

technical-source caveat · public hardware archive · needs firmware and production archive

The public repository exposes Eagle board, schematic, BOM, and library files, but this pass did not recover final firmware, challenge docs, production photos, Gerber release, or a talk transcript explaining intended badge behavior.

Hardware and software claims remain limited to the public repository files and official schedule/speaker wording.

pdxbadgers/pcb-2017, BSidesPDX 2017 schedule, and BSidesPDX 2017 speakers page.

technical-source caveat · public source archive · needs final production archive

The public repository exposes KiCad, BOM, LED mapping, and test firmware files, but this pass did not recover final firmware release notes, challenge docs, production photos, or a full talk transcript explaining intended gameplay.

Hardware and firmware claims remain limited to the public repository files and official schedule/speaker wording.

pdxbadgers/badge-2018, BSidesPDX 2018 schedule, and BSidesPDX 2018 speakers page.

technical-source caveat · public source archive · needs final production archive

The public repository exposes KiCad, BOM, and simple firmware files, but this pass did not recover assembly instructions, final firmware release notes, challenge docs, production photos, or talk notes explaining intended gameplay.

Hardware and firmware claims remain limited to the public repository files and official schedule wording.

pdxbadgers/badge-2019 and BSidesPDX 2019 schedule.

technical-source gap · source-backed but incomplete · needs artifact-level archive

The public trail recovered so far does not expose the badge schematic, PCB files, BOM, firmware, chip list, challenge binary, flashing workflow, or production quantity.

The catalogue limits the record to the electronic circuit badge, soldering light-up path, breadboard reuse, and hidden-secrets claims explicitly supported by recovered sources.

BSides Athens 2024 official site and recovered wrap-up PDF.

technical-source gap · source-backed but incomplete · needs artifact-level archive

The public source trail does not expose the badge schematic, PCB files, BOM, component list, firmware, power design, challenge code, or final assembly guide.

The catalogue describes only the participant badge, DIY soldering project, custom configuration, and named design credit supported by official sources.

BSides Tallinn 2022 official page and current BSides Tallinn archive.

technical-source gap · source-backed but incomplete · needs artifact-level archive

The recovered public trail proves an electronic PCB badge, multiple processors, two integrated systems, chip-based challenges, and nickname display, but does not expose schematics, PCB files, BOM, component identities, firmware, challenge binaries, protocol docs, or production files.

The catalogue keeps the record useful without inventing part numbers, exact processors, firmware behavior, or board-source availability.

BSides Prague official Sched page and Hung Ngo organizer retrospective.

technical-source gap · official source but incomplete · needs badge-team archive

The official badge page proves Patches, soldering tradition, customization, and Voodoo Heart continuity, but this pass did not recover a schematic, BOM, controller, firmware repository, badge guide, battery details, LED count, production count, or complete challenge archive.

The catalogue records the verified 2025 badge artifact and avoids inventing unsupported electronics or firmware behavior.

NolaCon badge page, talks archive, sponsor pack, and badge.gallery inclusion policy.

technical-source gap · official badge guide with limited hardware depth · needs deeper archive recovery

The official badge guide proves an ESP32-powered Cyberpunk Bunny portable CTF with accelerometer, crypto challenges, BLE co-op behavior, and hidden flag path, but no schematic, BOM, PCB files, firmware source, exact module revision, battery details, or production count were recovered.

The catalogue records verified badge behavior without inventing component-level electronics, source-release status, or shipped-hardware internals.

BSides San Diego Badge Challenge page.

technical-source gap · badge-maker production source with limited archive depth · needs schematic, BOM, firmware, and repository recovery

The public sources prove an ESP32 touchscreen badge batch with Wi-Fi, SD card slots, PCBWay assembly, and customs/tariff logistics, but this pass did not recover the schematic, BOM, Gerbers, firmware, challenge files, battery details, or full component placement record.

The catalogue records the verified badge platform and production run while avoiding unsupported firmware, challenge, and component claims.

Badge Pirates tariff and shipping updates.

technical-source gap · official source but incomplete · needs badge-team archive

The official source documents ATTINY85, SAO ports, programming connector parts, reprogrammability, and contest framing, but this pass did not recover a schematic, BOM, Gerbers, firmware repository, flashing guide, badge challenge source, or final production file archive.

Hardware and software claims remain limited to the official badge-page text and avoid unsupported electronics or firmware behavior.

BSidesROC 2019 badge page and public website-source repository.

technical-source gap · official source but incomplete · needs schematic, firmware, and repository recovery