A story-driven CTF built for BSidesDayton 2027's theme: Monitoring DC to Daylight. Five linked nodes follow one monitoring arc from strained DC telemetry through blackout, recovery, and full daylight visibility.
Each node is a chapter in the same incident: what instrumentation still shows under strain, how operations change when visibility collapses, how truth moves without the wire, what cold storage preserves, and how trust is rebuilt when daylight returns.
Challenge narratives align with the homepage grid. Work the sequence in order, or jump to a node when the platform opens individual chapters.
Shift change on the ops floor. Alerts are noisy but not yet fatal, with latency spikes, auth oddities, and dependency drift in the monitoring stack. Trace what instrumentation still reports while dashboards disagree and nobody has declared an incident. This chapter is recon under strain: what the DC plane still sees before the brownout.
The monitoring plane dims. Collectors miss windows, aggregations lie by omission, and the gap between slow and down collapses. Work from cached state, local probes, and whatever survived the brownout, while external validation is thinning fast.
Telemetry goes dark. Assumptions about live links, cloud dashboards, and real-time checks fail together. Reason from artifacts on disk, air-gapped notes, sneakernet, and side channels. The environment becomes part of the protocol.
Backups, snapshots, and retained logs surface in pieces. Recovery is reconstruction: retention windows, tooling choices, and timestamps decide what you can still prove and what stays ambiguous forever.
The stack breathes again. Re-establish identity and verification deliberately, using signatures, boundaries, and evidence chains, so the next baseline is not built on blind faith. Daylight means defensible trust.