Enter Your Flags
🎯 Vulnerability Reference
| # | Vulnerability | OWASP Category | Key Tools |
|---|---|---|---|
| #01 | SQL Injection — Login Bypass | A03:2021 Injection | sqlmap, Burp Suite |
| #02 | SQL Injection — Data Extraction | A03:2021 Injection | sqlmap --dump |
| #03 | Reflected XSS (URL Parameter) | A03:2021 Injection | Burp Suite, manual |
| #04 | Stored XSS (Feedback Form) | A03:2021 Injection | Burp Suite, BeEF |
| #05 | Directory Traversal | A01:2021 Access Control | curl, dotdotpwn |
| #06 | Broken Access Control (Admin) | A01:2021 Access Control | gobuster, manual |
| #07 | IDOR — Statement Download | A01:2021 Access Control | Burp Intruder |
| #08 | Sensitive Data / Source Recon | A02:2021 Cryptographic | DevTools, grep |
| #09 | CSRF — Static Token | A01:2021 Access Control | Burp CSRF PoC |
| #10 | Insecure Password Reset | A07:2021 Auth Failures | Burp Intruder, hydra |
Your Progress
Track captured flags & score
0
/ 100
Points
0 / 10 flags · 0%