Recent Challenges



Domains:
   

       

  • Parameter Mining | Variant 4 (json Deserialisation)
    Mission: Discover a hidden parameter and retrieve admin's API Key.
    Category: Osint/recon
    Domain: The Web War


  • Force Json Error | Variant 1
    Mission: Force the application to trigger JSON errors.
    Category: Osint/recon
    Domain: The Web War


  • Parameter Mining | Variant 3
    Mission: Discover a hidden parameter and retrieve DB_PASSWORD.
    Category: Osint/recon
    Domain: The Web War


  • Clickjacking: Iframe Button Hijacking
    Mission: Make unintended purchase without user knowing
    Category: Exploitation Lab
    Domain: The Web War


  • Clickjacking: Iframe Data Stealing
    Mission: Steal data using phishing trick
    Category: Exploitation Lab
    Domain: The Web War


  • Working Around Subresource Integrity (sri) Hash Integrity Checker | Variant 1
    Mission: Execute additional script of your choice despite having SRI
    Category: Exploitation Lab
    Domain: The Web War


  • Parameter Mining | Variant 2
    Mission: Discover a hidden parameter and login as admin.
    Category: Osint/recon
    Domain: The Web War


  • Parameter Mining | Variant 1
    Mission: Discover hidden parameter, and grab a secret key of a cloud's service
    Category: Osint/recon
    Domain: The Web War


  • Never Let An Error Page Go Blindly
    Mission: Discover a cloud service's secret key 
    Category: Osint/recon
    Domain: The Web War


  • Hidden Directory Contains A Gem
    Mission: Get an API key from a hidden directory
    Category: Osint/recon
    Domain: The Web War