This platform was emerged from yehg.net where one of my research was awarded Top #9 in World Top 10 Web Hacking Techniques.
I developed it:
Challenges are crafted, based on bounty write-ups, real-world case studies, and incident news, not based on brain-burning CTFs.
As of today, I have crafted 241 exercises to challenge your skillsets and thought process. Outdated challenges are removed from the platform in line with the current trend.
A lot of lab resources require you to set up which is mostly problematic and you end up troubleshooting to make it work.
Now what you see is the ready-to-practice challenge platform with no time-consuming set-up and coding by yourself.
Make the best of it and level up your skills to next level.
Challenges are aimed for a wider audience -
students or professionals on pentest and other cyber fields.
This platform was created to share selected sets of my hands-on fieldwork experience, for which I am proud and find greater meaning to contribute to the community. The techniques you learn can be put into practice.
Web has been everywhere from mobile app, digital signage to iOT. It has been growing and more and more feature-rich than before including recent HTTP2, WebSocket, WebAssembly.
In this challenge series, all challenges are based on real-world incidents and researches.
Majority of world most infamous incidents are stemmed from the root cause of insecure designs, business limitations, human ignorance, and failure to foresee the risks.
In this challenge domain, you will be bombarded with questions on features broken by hackers up to date.
Majority of challenges do not rely on particular technology stacks.
Challenges are developed in technology neutral way mainly to reflect human mistakes, insecure design, poor implementation practices and common weakness patterns propagated across majority of technologies.
