Sharpen your web exploitation skills with 2 new CTF packs

Two new CTF packs are now live, designed to build practical expertise in exploiting WordPress environments and mastering the OWASP Top 10 through realistic, hands-on scenarios.

This pack takes you from basic enumeration of versions, plugins, and themes to uncovering exposed backups and directory listings, brute-forcing weak credentials, and exploiting critical flaws like authentication bypass, SQL injection, and Server-Side Template Injection. Using tools such as WPScan, SQLMap, and Metasploit, participants will develop a strong foundation in WordPress exploitation and gain practical knowledge of common attack surfaces.

Dive into 10 story-driven challenges showcasing the most critical web application vulnerabilities seen in the wild. Practice everything from bypassing business logic checks and leaking environment files to chaining SQL injection and IDOR, abusing SSRF to compromise internal databases, and weaponizing file uploads for remote code execution. This pack is a must for anyone looking to strengthen their offensive web security skills against today’s most prevalent threats.