The best defense is a good offense. Capture The Flags have been training generations of hackers since before 1999. They can teach not only how attacks happen, but how to conduct offensive security.
We build every type of security challenge. Whether it's OWASP Top Ten, Forensics, Reverse Engineering, Exploitation, or something in between, we know how to make it fun and approachable.
Phubble is a broken web application riddled with vulnerabilities designed to simulate a real world photo sharing application.
Phubble features vulnerabilities including:
Phubble provides students with the invaluable experience of attacking a live website, exfiltrating data, and slowly escalating privileges until they’re root.
Phubble serves as an excellent exercise for the end user to learn and practice their hacking skills. It can be be approached with or without source code and is designed to be fun for both newcomers and experts of web security.
Each student receives a personal live instance of Phubble, documentation describing various web vulnerabilities, and an instance of CTFd to track their progress and compete against other students.