All Challenges



Domains:
   

       

  • Your Profile Information | Variant 4
    Mission: Find out how your profile data can be stolen from a malicious third-party web site.
    Category: Data Is Golden
    Domain: The Web War


  • Your Profile Information | Variant 5
    Mission: Find out how your profile data can be stolen from a malicious third-party web site.
    Category: Data Is Golden
    Domain: The Web War


  • Abusing Php Query String Parser | Variant 1
    Mission: Bypass WAF through automatic PHP variable renaming mechanism
    Category: Bypassing Web Application Firewall
    Domain: The Web War


  • Identifying Direct Ip Of The Target | Variant 5
    Mission: Provide the target server IP discovered through email raw body
    Category: Bypassing Web Application Firewall
    Domain: The Web War


  • Anti-csrf Bypass | Variant 3
    Mission: Prepare CSRF-POC.html and run it from your controlled web server.
    Category: Bypassing Anti-csrf Protection
    Domain: The Web War


  • Normalization To Rescue | Variant 1
    Mission: Bypass the most paranoid WAF blocking < with another form of <
    Category: Bypassing Web Application Firewall
    Domain: The Web War


  • Anti-csrf Bypass | Variant 4
    Mission: Bypass Anti-CSRF defense
    Category: Bypassing Anti-csrf Protection
    Domain: The Web War


  • Anti-csrf Bypass | Variant 5
    Mission: Bypass Anti-CSRF defense
    Category: Bypassing Anti-csrf Protection
    Domain: The Web War


  • Anti-csrf Bypass | Variant 6
    Mission: Bypass Anti-CSRF defense
    Category: Bypassing Anti-csrf Protection
    Domain: The Web War


  • Anti-csrf Bypass | Variant 7
    Mission: Bypass Anti-CSRF defense
    Category: Bypassing Anti-csrf Protection
    Domain: The Web War