User Profile




No information has been set by the researcher

Recognised by

None listed.

miraj50's challenge statistics

View Researcher Activity

7 total submissions

6 accepted

1 rejected

Easy Find the vulnerable parameter and try beat the XSS filter!

I couldn't use the traditional methods of stopping XSS because of the way my application works. Because of this i've had to create a "strict" filter to stop malicious attackers and help...
Category: Cross Site Scripting (XSS)
Completed on 30-10-2018

Easy This developer didn't realise people could view the HTML source. What can you find?

Note: This challenge just requires you to have a keen eye. Look carefully! Firstly, this developer hid his admin panel at a random subdomain he didn't think anyone could find. Because of this...
Category: Test your recon
Completed on 30-10-2018

Medium Can you add yourself to the hall of fame?

I created a hall of fame with one condition: you have to add yourself, and only one user can control the hall of fame! Can you become the king and show your name proudly? Find a way to get your name...
Category: Misc / Application Logic
Completed on 07-12-2018

Easy/medium Can you bypass the Open URL redirect filter?

Try not to overthink this one. Even though a website sometimes tell you how a function SHOULD function, sometimes it doesn't always do that. Look at what request is being sent, and can anything be...
Category: openurl
Completed on 30-10-2018

Medium Blind testing - debug mode

This one will require a bit of thinking. It's designed to be a complete blackbox so you have no idea what it's looking for but using information on the page and basic understanding of HTTP requests...
Category: Cross Site Scripting (XSS)
Completed on 30-10-2018

Medium/hard Can you find the flag via SQL injection?

The form is vulnerable to SQL injection and there's a flag inside the database waiting for you. Using **ONLY** union based injection, can you retrieve it?
Category: SQL Injection (SQLi)
Completed on 30-10-2018