All Challenges



Domains:
   

       

  • Client-side Remote File Inclusion (crfi) | Variant 1
    Mission: Change the content of the target page and achieve script injection
    Category: Think Beyond
    Domain: The Web War


  • Slashes Xss | Variant 1
    Mission: Slash the Slashes with Polyglot XSS
    Category: Bypasses In Cross Site Scripting (xss)
    Domain: The Web War


  • Client-side Xss Prevention Bypass | Variant 2
    Mission: Achieve arbitrary script execution.
    Category: Bypasses In Cross Site Scripting (xss)
    Domain: The Web War


  • Unpurifying Purifier | Dompurify 2.0.0
    Mission: Achieve arbitrary script execution
    Category: Exploitation Lab
    Domain: The Web War


  • Working Around Content-security-policy Header | Variant 1
    Mission: Inject malicious HTML tag of your imagination
    Category: Exploitation Lab
    Domain: The Web War


  • Working Around Content-security-policy Header | Variant 2
    Mission: Inject malicious HTML tag of your imagination
    Category: Exploitation Lab
    Domain: The Web War


  • Working Around Content-security-policy Header | Variant 3
    Mission: Inject malicious HTML tag of your imagination
    Category: Exploitation Lab
    Domain: The Web War


  • Http Response Redirection Via Http Equiv Refresh
    Mission: Play with emerging open redirect payloads
    Category: Exploitation Lab
    Domain: The Web War


  • Http Response Redirection Via Header
    Mission: Play with emerging open redirect payloads
    Category: Exploitation Lab
    Domain: The Web War


  • Hidden Directory Contains A Gem
    Mission: Get an API key from a hidden directory
    Category: Osint/recon
    Domain: The Web War