https://en.wikipedia.org/wiki/Hash_function [Read More]

Page content manipulation with JavaScript is a petty and trivial thing to do with injection vulnerabilities. Try to complete this challenge! [Read More]

Session management is tricky. Obviously, caching user credentials is unsafe. Modern websites employ a variety of techniques, most often assigning active sessions a unique identifier, which is called a token. Besides this single and basic strategy, it is necessary to implement additional checks to maximize safety. [Read More]

Find OR fix a vulnerability in the Let’s Talk! server. Be ready to present your findings on April 3rd (after Spring Break). [Read More]

XSS is a popular, and well-known vulnerability. CSRF is less common but just as dangerous, particularly because of the lack of awareness. [Read More]