Web Kids 2.0

Tasks

Бонусные таски

web
1
BC
xxe
1
Combo
web
1
Decoder
web
1
Pinger
web
1
RCE IFS
web
1
LFI POI
web
1
Palevo

17 ноября — Сервер-сайд 2 — SSTI + Race conditions + SSRF + Tools

ssti
1
Ez
ssti
1
Reader
ssti
1
Filter 1
ssti
1
Filter 2
ssti
1
Black is back
ssti
1
Sky
advanced
1
SSTI easy
advanced
1
SSTI hard
race
1
Racing shop
race
1
Racing shop secure
race
1
RUCTFE
race
1
Angry storage
ssrf
1
Looking Glass
ssrf
1
Fast SSRF 1
ssrf
1
Fast SSRF L
ssrf
1
Fast SSRF 2
ssrf
1
Fast SSRF XXX
ssrf
1
Fast SSRF R
ssrf
1
Fast SSRF D
ssrf
1
Curl
ssrf
1
file_get_contents
tools
1
Ssh down
tools
1
Scan me
tools
1
Twenty four
tools
1
Enterprise
tools
1
Random
advanced
1
Mongo 1
advanced
1
Mongo 2

10 ноября — Сервер-сайд — XXE + LFI + Unsafe Upload + CVEs

xxe
1
Widgets Incorporated 1
xxe
1
Widgets Incorporated 2
advanced
1
XXE read
advanced
1
XXE filter
lfi
1
FAVn
lfi
1
Waf
lfi
1
CSS
lfi
1
Docker1
lfi
1
Docker2
lfi
1
Docker3
lfi
1
RCE
lfi
1
local
upload
1
Zip slip
cve
1
CVE-2019-11043
cve
1
Ecler
cve
1
Ecler 2

3 ноября — Клиент-сайд — презентация

csrf
1
Bank
sibearsxss
1
Easy 0
sibearsxss
1
Easy 1
sibearsxss
1
Easy 2
sibearsxss
1
Easy 3
sibearsxss
1
Easy 4
sibearsxss
1
Easy 5
sibearsxss
1
Easy 6
sibearsxss
1
Medium 0
sibearsxss
1
Medium 1
sibearsxss
1
Medium 2
sibearsxss
1
Medium 3
sibearsxss
1
Medium 4
sibearsxss
1
Medium 5
sibearsxss
1
Hard 0
sibearsxss
1
Hard 1
sibearsxss
1
Hard 2
sibearsxss
1
Hard 3

27 октября — Burp Suite — презентация

burp
1
Go
burp
1
Flag Admin v1
burp
1
Fileshare
burp
1
Odmen
burp
1
Encoded
burp
1
Motivation
burp
1
Basic
burp
1
OFD
burp
1
Diff
burp
1
Lost

20 октября — SQL-инъекции — презентация

kids
1
Kurome
kids
1
Yuno
kids
1
Lina
kids
1
Gabriel
kids
1
Madoka
kids
1
02
kids
1
Gondex Dev
bypass
1
Dead or alive 1
bypass
1
Dead or alive 2
bypass
1
Bypass
bypass
1
Dead or alive 4
bypass
1
Dead or alive 5
bypass
1
Dead or alive 6
bypass
1
Dead or alive 7
bypass
1
Dead or alive 8
time
1
Gondex
time
1
NSA
yesno
1
Login
error
1
Gondex Beta 1
error
1
Gondex Beta 2
advanced
1
Notes 1
advanced
1
Notes 2
advanced
1
Notes 3
advanced
1
Calc
advanced
1
Blackbox
sqlmap
1
level24
sqlmap
1
level25
sqlmap
1
level26
sqlmap
1
level27
sqlmap
1
Login (easy)

13 октября — Инъекции — презентация

kids
1
So easy
kids
1
Header? What the W3 is this?
kids
1
Are you my admin?
kids
1
Cookie2
kids
1
alotofbrowsers
sh
1
Ping me
sh
1
ls
sh
1
P.S.
sh
1
Echo
sh
1
Echo v2
sh
1
grep it all
sql
1
level28
sql
1
level29
sql
1
level30
sql
1
level31
sql
1
level32
advanced
1
Fragment XML
advanced
1
Fragment JSON
advanced
1
Fragment YAML

25 сентября — Базовые приёмы веба — youtu.be/BAzqg4Oocd4

easy
1
level1
easy
1
level2
easy
1
level3
easy
1
level4
easy
1
level5
easy
1
level6
easy
1
level7
easy
1
level8
easy
1
level9
easy
1
level10
easy
1
level11
easy
1
level12
easy
1
level13
easy
1
level14
manual
1
level15
manual
1
level16
manual
1
level17
manual
1
level18
manual
1
level19
manual
1
level20
manual
1
level21
manual
1
level22
manual
1
level23
©oded by vos in 2009 and 2012. lol