Recent Challenges



Domains:
   

   

  • We Switched To Github Cloud | Variant 1
    Mission: Discover Secret Key from a subdomain disclosed via a Github code repository.
    Category: DATA IS GOLDEN
    Domain: The Web War


  • We Decommission This Server With Blank Index Page
    Mission: Discover Secret Key from a historical page disclosed via WayBack Machine (archive.org)  
    Category: DATA IS GOLDEN
    Domain: The Web War


  • Nobody Can Find Out Our Dev Server | Variant 1
    Mission: Discover API Key from developer server through sub-domain bruteforce
    Category: DATA IS GOLDEN
    Domain: The Web War


  • Blacklist Filter Bypass - No Private Ip Address Allowed | Variant 1
    Mission: Submit one of valid Private IP address to bypass filter.
    Category: BYPASSES IN INPUT RESTRICTION
    Domain: The Web War


  • Blacklist Filter Bypass ("ip Address") - Negative Check | Variant 1
    Mission: Submit a valid IP address to bypass filter.
    Category: BYPASSES IN INPUT RESTRICTION
    Domain: The Web War


  • Look For Suspicious File Or Process Names
    Mission: Defeat this well-established blue-team advice
    Category: Purple Team (Red-Blue) Tabletop
    Domain: Cybersecurity Drills


  • Perfect Spam Filter | Level 4
    Mission: Craft a payload that redirects to bl0g.yehg.net which is being blocked.
    Category: BYPASSES IN INPUT RESTRICTION
    Domain: The Web War


  • Perfect Spam Filter | Level 3
    Mission: Craft a payload that redirects to bl0g.yehg.net which is being blocked.
    Category: BYPASSES IN INPUT RESTRICTION
    Domain: The Web War


  • Perfect Spam Filter | Level 2
    Mission: Craft a payload that redirects to bl0g.yehg.net which is being blocked.
    Category: BYPASSES IN INPUT RESTRICTION
    Domain: The Web War


  • No Big Deal With Hardcoding
    Mission: Identify if there's anything wrong with this code.
    Category: Resilient Code
    Domain: Cybersecurity Drills