All Challenges



Domains:
   

   

  • Xss Nowhere - 2
    Mission: Achieve script execution.
    Category: XSS/HTMLi: Univeral Browser Edition
    Domain: The Web War


  • Xss Under The Radar - 2
    Mission: Achieve script execution when submitting form.
    Category: XSS/HTMLi: Univeral Browser Edition
    Domain: The Web War


  • Blacklist Filter Bypass ("domain Name") - Negative Check | Variant 1
    Mission: Submit equivalence of yehg.net characters bypass filter.
    Category: BYPASSES IN INPUT RESTRICTION
    Domain: The Web War


  • Whitelist Filter Bypass ("url")
    Mission: Submit a product URL whose domain is not "yehg.net". In this challenge, you are allowe...
    Category: BYPASSES IN INPUT RESTRICTION
    Domain: The Web War


  • Your Profile Information | Variant 2
    Mission: Find out how your profile data can be stolen from a malicious third-party web site.
    Category: DATA IS GOLDEN
    Domain: The Web War


  • Dig Online
    Mission: Discover a vulnerability that can be attacked from a remote malicious host. Hint: Not SSRF. Not DOS.
    Category: THINK BEYOND
    Domain: The Web War


  • Tweets Display
    Mission: Discover a vulnerability that can be attacked from a remote host.
    Category: THINK BEYOND
    Domain: The Web War


  • Submit Url
    Mission: Discover a vulnerability that can be attacked from a remote malicious host.
    Category: THINK BEYOND
    Domain: The Web War


  • Bill Payment | Level 1
    Mission: Craft a CSRF exploit html page with modified payee account reference number 133-71337-1...
    Category: Exploitation Lab
    Domain: The Web War


  • Bill Payment | Level 2
    Mission: Craft a CSRF exploit html page with modified payee account reference number 133-71337-1...
    Category: Exploitation Lab
    Domain: The Web War