Welcome to my collection of writeups for Hacker101 CTF challenges! This repository contains detailed solutions and explanations for various web security challenges.
Hacker101 CTF is HackerOne's educational capture-the-flag platform designed to teach web security fundamentals through hands-on practice. The challenges cover a wide range of vulnerabilities including:
- Cross-Site Scripting (XSS)
- SQL Injection
- Authentication Bypass
- Business Logic Flaws
- Directory Traversal
- And many more!
| Challenge | Difficulty | Description | Writeup |
|---|---|---|---|
| XSS Playground by zseano | Medium | Multiple XSS vulnerabilities and API authentication bypass | ๐ View Writeup |
Each writeup includes:
- Challenge Description: Overview of the target and objectives
- Vulnerability Analysis: Detailed breakdown of security flaws
- Exploitation Steps: Step-by-step solution process
- Tools & Techniques: Methods and tools used
- Lessons Learned: Key takeaways and security insights
- Code Examples: Relevant payloads and commands
- Visit Hacker101 CTF
- Create an account and start with beginner challenges
- Use these writeups as reference when stuck
- Practice responsible disclosure principles
These writeups are for educational purposes only. The techniques described should only be used on:
- Official CTF platforms
- Systems you own or have explicit permission to test
- Authorized penetration testing engagements
Do not use these techniques on systems without proper authorization.
Happy Hacking! ๐ ๐ด