A simulation of a vulnerable Spring Boot server designed for red-team exploitation. The room focuses on abusing Actuator endpoints, exploiting SSRF, and performing HTTP smuggling to gain unauthoriz...

This room simulates a deliberately vulnerable social networking platform designed for client-side exploitation practice. Participants start as unverified users and must identify and exploit stored ...

This challenge guides the player through discovering and exploiting vulnerabilities in web applications to extract sensitive information and achieve remote code execution on the target host. 🔍 S...

The room simulates a vulnerable web application with multiple exposed attack surfaces—authentication flows, password reset mechanisms, JWT misconfigurations, and log exposure. This write-up follows...