Challenges are crafted, based on fantastic bounty write-ups, real-world case studies, and incident news, not based on antique applications or brain-burning CTFs.

Redefine your learning experience through mission-driven approach not through reading thick books just to forget later.

Challenges are aimed for a wider audience - The Web War For penetration testers, Cybersecurity drills for cyber, app security, business cyber professionals.

When you move up to corporate ladder, we aim to make it still useful for you.

How many times have you been frustrated? When you try challenges and capture-the-flags out there, you are then only to learn that there are no solutions available.

Clear short-to-the-point solution write-ups are provided for every challenge with local mirrors of reference links.

The challenges do not rely on particular operating systems, or programming languages though we keep the current trend in mind.

We try our best to craft challenges in technology neutral ways. We present new technology if such weakness patterns propagate among majority of technologies.

Our challenges are carefully selected and designed with the focus on interesting patterns of insecure design and implementation practices.

Thus, the techniques you learnt can be put into practice after you get back to work. They would remain valid for years.

Extraordinary techniques are regularly shared at conferences, blogs, twitters, ebooks..etc. Yet, we do not have the platform to practise for internalizing those techniques.

Now what you see is the ready-to-practice challenge platform with no time-consuming set-up and coding by yourself.

Web has been everywhere from mobile app, digital signage to iOT. It has been growing and more and more feature-rich than before including recent HTTP2, WebSocket, WebAssembly. In this challenge series, all challenges are based on real-world incidents and researches.

Majority of world most infamous incidents are stemmed from the root cause of insecure designs and failure to foresee the risks. This challenge domain, you will be bombarded with questions on features broken by hackers up to date. This is designed to make you think through secure principles to avoid the weakness.

When it comes to organizations, our security performance is all traced back to organization processes, people, management, leadership as well. Soft skills are vital and built on top of technical skills. Without either one, we cannot save our organisations from holistic point of views.