A webapp hacking game, where players must locate and exploit vulnerabilities to progress through the story. Think WebGoat but with a plot and a focus on realism&difficulty. Contains XSS, CSRF, SQLi, ReDoS, DOR, command injection, etc
- Client attack simulation using HtmlUnit; no alert('xss') here.
- Smooth difficulty gradient from moderately easy to fiendishly tricky.
- Realistic vulnerabilities modelled from Google, Mozilla, etc (No rot13!)
- Open ended play; progress by any means possible.
There are no 4 star reviews.