CTF Meta

Web challenges are fun because they are the first step towards "hacking" something in the way they make it look like in the movie. Most of the time, the challenge provides a web address and port and the attacker has to figure out how to get a flag hidden somewhere on the server. The nice thing about WebEx challenges is that you can follow the same playbook every time that the professional pentesters do in order to ensure repeatable success in identifying what the flaw is... the hard part is actually exploiting the more complex flaws once you've identified the site is vulnerable to them.

It takes years of looking at websites and different web frameworks to learn what normal looks like and spot misconfigurations, but it is easy to start building your knowledge now.

Last modified: Thursday, 9 April 2020, 1:48 PM