Born at UC Santa Barbara in 2005 to play DEF CON CTF, Shellphish metamorphosed from a collective of hackademics into an idea. The idea lives in many heads, from the ancient brains that spawned it all the way to new, flexible gray matter of students generations removed. And yet, despite this range of hosts, it remains nimble, recognizable, and coherent. It worms its way underneath the foundations of modern technology, seeking to understand it deeply enough to make art from the cracks we find in the mantle. It pursues fundamental advancements in academic cybersecurity in one mind while another of its hosts shows off a cutting-edge exploit at an 0-day competition and a third keeps an eagle eye on the bingo card for the CTF of the weekend. In fact, if you are a hacker, it might even lurk behind your eyes, quietly dreaming its arcane dreams of cybersecurity.

In simpler times, Shellphish was tempered in the fires of the DARPA Cyber Grand Challenge. This taught us critical lessons in everything from friendship to software engineering, made us filthy rich when we won third place, and birthed the world’s first open-source Cyber Reasoning System, the Mechanical Phish. More importantly, like accidental byproducts of a particle accelerator, Shellphish’s wild ride through the Cyber Grand Challenge led to a plethora of open source contributions (such as the angr binary analysis engine), educational hacking material (including resources like how2heap, the reference for anyone interested in heap exploitation), and a litany of CTF flags.

Naturally, the AIxCC drew the collective interest of the entity. Faced with the next frontier of cyber autonomy, Shellphish has dreamed a new component into being: a Support Syndicate to make the cyber autonomy dream become a business reality. While the biological substrate of the Shellphish Support Syndicate rests in the skulls of students, faculty, and engineers at Arizona State University, UC Santa Barbara, and Purdue, the dream is global. Too long have the companies in the cybersecurity industry been, well, companies. There’s room for a new idea.

Why root for Shellphish? Root for the vision, root for the dream, root for a world of free software and AIs working for us rather than against us.

Success for us is simple—an open-source software system that can automatically find and patch vulnerabilities in software, thus leading to improved security for everyone.

Our approach to AIxCC is simple too—hack harder.