Learn about web security vulnerabilities through interactive examples
This site demonstrates common web security vulnerabilities for educational purposes only. Try to solve each challenge by thinking like a hacker!
Each challenge includes a "Show Solution" button that you can click if you get stuck. Try to solve the challenges on your own first!
Select a challenge below to get started:
Learn about Cross-Site Scripting by injecting JavaScript into a vulnerable comment form.
Start Challenge →Bypass authentication by exploiting a vulnerable login form with SQL injection.
Start Challenge →See how attackers can trick users into clicking hidden elements using transparent overlays.
Start Challenge →Understand how Cross-Site Request Forgery attacks can make users perform unwanted actions.
Start Challenge →Exploit a system with hardcoded credentials stored in client-side code.
Start Challenge →Access unauthorized resources by manipulating object references in URLs.
Start Challenge →Discover hidden information through security misconfigurations in the application.
Start Challenge →Explore how directory listing vulnerabilities expose sensitive files and folders.
Start Challenge →Bypass a simple CAPTCHA implementation to understand its weaknesses.
Start Challenge →