This platform was emerged from yehg.net .

I developed it:

• To build a practice platform that emulates remarkably simple, yet mind-blowing timeless bug bounty findings ("Combats > Web War");
• To build a drill-based learning platform that educates risks stemmed from real-world incident media news ("Combats > CyberSec Drills")
• To build a simple interface to keep me posted of latest news and attacks ("RADAR").

Enjoy learning.
Myo Soe (aka Aung Khant)
Author of the platform

In case your internet facing systems are attacked from cybersecurity.wtf, x0x.cc and bugbounty.art, please email to report-abuse at yehg.net. We will investigate it.

Challenges are crafted, based on bounty write-ups, real-world case studies, and incident news, not based on brain-burning CTFs.

As of today, I have crafted 241 exercises to challenge your skillsets and thought process. Outdated challenges are removed from the platform in line with the current trend.

A lot of lab resources require you to set up which is mostly problematic and you end up troubleshooting to make it work.

Now what you see is the ready-to-practice challenge platform with no time-consuming set-up and coding by yourself.

Make the best of it and level up your skills to next level.

Challenges are aimed for a wider audience -
students or professionals on pentest and other cyber fields.

This platform was created to share selected sets of my hands-on fieldwork experience, for which I am proud and find greater meaning to contribute to the community. The techniques you learn can be put into practice.

Web has been everywhere from mobile app, digital signage to iOT. It has been growing and more and more feature-rich than before including recent HTTP2, WebSocket, WebAssembly.

In this challenge series, all challenges are based on real-world incidents and researches.

Majority of world most infamous incidents are stemmed from the root cause of insecure designs, business limitations, human ignorance, and failure to foresee the risks.

In this challenge domain, you will be bombarded with questions on features broken by hackers up to date.

Majority of challenges do not rely on particular technology stacks.

Challenges are developed in technology neutral way mainly to reflect human mistakes, insecure design, poor implementation practices and common weakness patterns propagated across majority of technologies.