JUNE 25-27, 2026, İstinye University, Istanbul
2026 International Conference on Cybersecurity, Digital Forensics, and AI Applications (ICCSDFAI)
Hackathon
25-27 June, 2026
Project Proposal: AI-Generated Code Integrity Hackathon
1. Executive Summary
Project Title: Securing the Future: AI-Generated Code Vulnerability Challenge
Format: 100% Online / Remote
Target Audience: Computer Science Students, Researchers, and Cybersecurity Enthusiasts (Morocco & Uzbekistan).
2. The Challenge
With the rise of Large Language Models (LLMs), developers are increasingly using AI to generate code. However, AI often "hallucinates" or suggests outdated, insecure patterns.
This hackathon challenges participants to act as Security Auditors. They will be provided with educational materials and source code generated by AI that contain hidden security flaws (Common Weakness Enumeration - CWE).
3. Objectives
Identify: Detect security vulnerabilities in AI-generated modules.
Exploit (PoC): Demonstrate how these flaws can be exploited.
Remediate: Provide secure code versions and, more importantly, optimized prompts to force the AI to generate secure output.
4. Technical Domains & Scenarios
The competition will focus on three main pillars:
Web Security: SQL Injections and XSS in AI-generated Python (Flask/Django) or Node.js snippets.
System Integrity: Buffer overflows or memory leaks in C/C++ code generated for IoT/Embedded systems.
Logic Flaws: Insecure authentication flows or broken access control in business logic.
5. Remote Organization (The "How-To")
To bridge the distance between Casablanca and Uzbekistan, we will use a dedicated stack:
Communication: Discord server for real-time mentorship and "War Room" discussions.
Infrastructure: A GitHub Organization where each team has a private repository to push their findings.
Scoring: A CTFd (Capture The Flag) instance to track points in real-time.
Schedule Management: All activities will be synchronized using UTC to accommodate the 4-hour time difference.
6. Proposed Timeline (48h Format)
Day 1 (Morning): Kick-off Webinar – Presentation of the "Vulnerable AI Course" dataset.
Day 1 (Afternoon): Auditing Phase – Teams identify as many bugs as possible.
Day 2 (Morning): Exploitation & Prompt Engineering – Developing the "Safe Prompt" methodology.
Day 2 (Evening): Final Pitch & Closing Ceremony – Demonstration of the most creative fixes.
7. Expected Outcomes
A collaborative report on common security patterns in AI-generated code.
A "Secure Prompting Guide" for students.
Strengthening the academic and scientific partnership between our institutions.
1. Executive Summary
Project Title: Securing the Future: AI-Generated Code Vulnerability Challenge
Format: 100% Online / Remote
Target Audience: Computer Science Students, Researchers, and Cybersecurity Enthusiasts (Morocco & Uzbekistan).
2. The Challenge
With the rise of Large Language Models (LLMs), developers are increasingly using AI to generate code. However, AI often "hallucinates" or suggests outdated, insecure patterns.
This hackathon challenges participants to act as Security Auditors. They will be provided with educational materials and source code generated by AI that contain hidden security flaws (Common Weakness Enumeration - CWE).
3. Objectives
Identify: Detect security vulnerabilities in AI-generated modules.
Exploit (PoC): Demonstrate how these flaws can be exploited.
Remediate: Provide secure code versions and, more importantly, optimized prompts to force the AI to generate secure output.
4. Technical Domains & Scenarios
The competition will focus on three main pillars:
Web Security: SQL Injections and XSS in AI-generated Python (Flask/Django) or Node.js snippets.
System Integrity: Buffer overflows or memory leaks in C/C++ code generated for IoT/Embedded systems.
Logic Flaws: Insecure authentication flows or broken access control in business logic.
5. Remote Organization (The "How-To")
To bridge the distance between Casablanca and Uzbekistan, we will use a dedicated stack:
Communication: Discord server for real-time mentorship and "War Room" discussions.
Infrastructure: A GitHub Organization where each team has a private repository to push their findings.
Scoring: A CTFd (Capture The Flag) instance to track points in real-time.
Schedule Management: All activities will be synchronized using UTC to accommodate the 4-hour time difference.
6. Proposed Timeline (48h Format)
Day 1 (Morning): Kick-off Webinar – Presentation of the "Vulnerable AI Course" dataset.
Day 1 (Afternoon): Auditing Phase – Teams identify as many bugs as possible.
Day 2 (Morning): Exploitation & Prompt Engineering – Developing the "Safe Prompt" methodology.
Day 2 (Evening): Final Pitch & Closing Ceremony – Demonstration of the most creative fixes.
7. Expected Outcomes
A collaborative report on common security patterns in AI-generated code.
A "Secure Prompting Guide" for students.
Strengthening the academic and scientific partnership between our institutions.
