Atropos 
297018
Position
5
Points
1
Challenges
0
Compromissions
0%
App - Script
0 Points0 / 33
0%
App - System
0 Points0 / 93
0%
Cracking
0 Points0 / 70
0%
Cryptanalysis
0 Points0 / 75
2%
Forensic
5 Points1 / 44
0%
Programming
0 Points0 / 29
0%
Realist
0 Points0 / 60
0%
Network
0 Points0 / 34
0%
Steganography
0 Points0 / 23
0%
Web - Client
0 Points0 / 42
0%
Web - Server
0 Points0 / 96
- x HTML - Source code
- x HTTP - IP restriction bypass
- x HTTP - Open redirect
- x HTTP - User-agent
- x Weak password
- x PHP - Command injection
- x API - Broken Access
- x Backup file
- x HTTP - Directory indexing
- x HTTP - Headers
- x HTTP - POST
- x HTTP - Improper redirect
- x HTTP - Verb tampering
- x Install files
- x Nginx - Alias Misconfiguration
- x Nginx - Root Location Misconfiguration
- x API - Mass Assignment
- x CRLF
- x File upload - Double extensions
- x File upload - MIME type
- x Flask - Unsecure session
- x GraphQL - Introspection
- x HTTP - Cookies
- x Insecure Code Management
- x JWT - Introduction
- x XSS - Server Side
- x Directory traversal
- x File upload - Null byte
- x JWT - Revoked token
- x JWT - Weak secret
- x JWT - Unsecure File Signature
- x PHP - assert()
- x PHP - Apache configuration
- x PHP - Filters
- x PHP - register globals
- x PHP - Remote Xdebug
- x Python - Server-side Template Injection Introduction
- x File upload - ZIP
- x Flask - Development server
- x GraphQL - Injection
- x Command injection - Filter bypass
- x Java - Server-side Template Injection
- x JWT - Public key
- x JWT - Header Injection
- x Local File Inclusion
- x Local File Inclusion - Double encoding
- x Nginx - SSRF Misconfiguration
- x Node - Eval
- x PHP - Loose Comparison
- x PHP - preg_replace()
- x PHP - type juggling
- x Remote File Inclusion
- x SQL injection - Authentication
- x SQL injection - Authentication - GBK
- x SQL injection - String
- x XSLT - Code execution
- x Elixir - EEx
- x JWT - Unsecure Key Handling
- x LDAP injection - Authentication
- x Node - Serialize
- x NoSQL injection - Authentication
- x PHP - Path Truncation
- x PHP - Serialization
- x SQL injection - Numeric
- x SQL Injection - Routed
- x SQL Truncation
- x XML External Entity
- x XPath injection - Authentication
- x Yaml - Deserialization
- x API - Broken Access 2
- x GraphQL - Backend injection
- x GraphQL - Mutation
- x Java - Spring Boot
- x Local File Inclusion - Wrappers
- x PHP - Eval
- x PHP - Eval - Advanced filters bypass
- x SQL injection - Error
- x SQL injection - Insert
- x SQL injection - File reading
- x XPath injection - String
- x File upload - Polyglot
- x NodeJS - Prototype Pollution Bypass
- x NoSQL injection - Blind
- x SQL injection - Time based
- x Java - Custom gadget deserialization
- x NodeJS - vm escape
- x Server Side Request Forgery
- x SQL injection - Blind
- x LDAP injection - Blind
- x PHP - Unserialize overflow
- x PHP - Unserialize Pop Chain
- x SQL Injection - Second Order
- x Python - dotenv
- x Python - Blind SSTI Filters Bypass
- x XPath injection - Blind
- x SQL injection - Filter bypass