Skip to content

Welcome to Santa's Castle


On December 2020, SANS hosted its popular Holiday Hack Challenge (HHC)! As Usual this year's challenge objectives did not disappoint, taking us from open S3 Buckets Discovery, making a stop by HID and CAN Bus tech, while also sledding down a hill of script analysis in JS and Python, and ultimately landing us, (that's right! you guessed it) at the blockchain.

Do not get discouraged by all the fancy words. SANS made each objective approachable and also accompanied some topics with very entertaining/short talks. Some talks include important clues to solve some of the challenges and you will find links to those talks as you read on!

This year's Holiday Hack Challenge takes place in Santa's renovated castle, where you will be taken through a fun/head-scratching thread hunting adventure. As elves start to grow with concern due to Santa's behavior and a flurry of system malfunctions across the castle, we are invited to help solve the mystery and find the source of the naughtiness.

Marie Get Started!


To get started, simply head over the HHC access page and setup an account. It is also a great idea to start by watching Ed Skoudis introduce the HHC before you start!. Ed does an amazing job at explaining the layout of the game and introducing you to in-game interactions. If you landed on this write-up just looking for an intro, start there and start hacking the castle!!

Although Ed also provides a variety of key tips in the intro video, I've put some of my own from the perspective of a player below.

Jean-Cloude Tips and Recommendations

The Holiday Hack Challenge presents us with a variety of tasks in the form of Objectives and Terminal Challenges. To complete these challenges we will need to interact with Elves located in different places of the Castle and collect a few items as we walk around it. The main goal of the challenge is to complete the main 12 objectives, but in order to do this, you will need to complete the terminal challenges to build knowledge and get additional hints to help you solve the main objectives.

Based on the layout of the HHC this year, the best way to start is to solve Objective 1, and then navigate the rest of the castle as you start discovering its different spaces. As you navigate the castle, it is a great idea to speak to every Elf you find and check out every terminal.



To change the settings below, just click the gear at the right corner of the screen:


  1. No one enjoys the tunes from HCC more than I do, but as you try to concentrate the music might get a bit loud. When you reach that point, I recommend turning it off.

  2. If you are starting to play the game during the Holiday season you might find a lot of other players in the game. By default all the avatars of other players are visible, but I found it easier to navigate the castle if I hid other players.


As you walk around the castle you will find very helpful Elves everywhere! In some cases they will ask for your help to solve terminal challenges but not without giving you some hints. Not only that, as a token of gratitude for your help, they will happily share some additional hints for you to complete the Challenge Objectives. These hints are key to solve the challenge objectives, always keep them in mind as you work to solve them!


If you are using this guide as a preparation to participate in next year's challenge, I encourage you to join the discord server provided by SANS for the event. You will not only find helpful tips as you work through the challenges, but you will also get the opportunity to work with a ton of Security and Non-Security people eager to learn and help others. It might not seem as important, but for me joining the Discord conversation is a key part of completing the full experience!