Log Analysis
Recover an attacker's trail by analyzing their console command history.
Exfiltration Analysis
An internal server has been compromised. Analyze the .pcap dump and find the hidden DNS tunnel.
Audit: Logic Bomb
Review this Python code snippet and locate the remote command execution vulnerability.
Shadow Messages
An informant uploaded an image to a public forum before going dark. Extract the hidden message.
The First Step
Locate sensitive information in indexing configuration files.
Tasty Cookies
Inspect session storage to find obfuscated data.
Can you see what is hidden?
Analyze the HTML source code for comments or forgotten paths.
Decode this
Encoding is not encryption. Prove that you can reverse Base64.
Double Cipher
Undo multiple layers of encoding to reveal the hidden message.
Compromised Token
Audit a vulnerable JWT session token and extract the flag from its payload.
Broken Hash
Discover why old algorithms like MD5 are no longer secure.
The Digital Trail
Search public SSL certificate records to find hidden subdomains.
Unauthorized Access
Manipulate Insecure Direct Object References (IDOR) in an API to access other users.
Hidden Data
Analyze the metadata of an image to extract classified information.
XOR Operation
Program a script to reverse the mathematical XOR obfuscation of a byte array.
Shadow Path Operation
Exploit a Directory Traversal vulnerability on an enemy reporting server to extract credentials from a hidden vault.
SOC Simulator: Live Defense
Monitor network traffic in real-time. Detect and block injection attacks before they compromise the system.