Challenges
31 challenges
Talk Back
A debug echo service echoes back whatever you send. But it's echoing more than it should... Your mission: Make the...
Buffer Runner
A data processing utility from 2005 was recently discovered still running in production. The developers claim it's...
Internal Affairs
A handy URL preview tool for checking links. But what happens when you look inward? Note: This challenge requires...
Other People's Stuff
A document management system where everyone has their own files. But are they really private? Credentials: guest /...
Where's My Page?
A knowledge base with a curious page loading mechanism. Can you read between the lines... or directories? Note: This...
Welcome Admin
SecureBank's new enterprise portal just went live. The developers assured management that the login system is rock...
Cookie Monster
Welcome to Cookie Monster, a deliciously insecure login system! The developers were in a hurry and implemented their...
Verification Required
A company employee reported seeing a strange "security verification" while browsing. Shortly after completing the...
Exfiltration
Our IDS flagged suspicious outbound traffic from a workstation. The security team believes data was being exfiltrated,...