Stay at 127.0.0.1. Wear a 255.255.255.0.
Write-up: Lockdown
Write-up: Injectics
Can you utilize your web pen-testing skills to safeguard the event from any injection attack?
Write-up: Whats Your Name?
Never click on links received from unknown sources. Can you capture the flags and get admin access to the web app?
This challenge will test client-side exploitation skills, from inspecting JavaScript to manipulating cookies to launching CSRF/XSS attacks.
Write-up: Biblioteca
Shhh. Be very very quiet, no shouting inside the biblioteca.
Write-up: Extract
The librarian rushed some final changes to the web application before heading off on holiday. In the process, they accidentally left sensitive information behind! Your challenge is to find and exploit the vulnerabilities in the application to extract these secrets.