Skip to content


Quick Start

  • Login field/text input a central part of website? Two major possible options:

    * If a databse is involved, likely a SQL injection

    * If the input is used in the website, possible XSS vulnerability


Web challenges in CTF competitions usually involve the use of HTTP (or similar protocols) and technologies involved in information transfer and display over the internet like PHP, CMS's (e.g. Django), SQL, Javascript, and more. There are many tools used to access and interact with the web tasks, and choosing the right one is a major facet of the challenges. Although web browsers are the most common and well known way of interacting with the internet, tools like curl and nc allow for extra options and parameters to be passed and utilized.


Internet Security