SuperCheater

EasyWeb Security

Overview

Welcome to the Superheroes High School! Students are training to become the next big heroes by taking exams online. But rumors say the exam system has some… weaknesses. Can you rise to the top of the leaderboard and claim the Hero’s Prize?

User Credentials: SuperCheater:Sup3rCh34t3r#@   

Flag Format: Flag{}

Lab Details

Prerequisites & Requirements

  • Basic understanding of HTTP requests (headers, body, cookies).
  • Ability to capture and analyze requests (e.g., BurpSuite).
  • Python scripting skills.
  • Using requests library in Python.

What will you learn?

  • Why insecure endpoints can be abused (basic web security awareness).
  • How to analyze and exploit insecure API endpoints.
  • How to exploit simple XSS (Cross-Site Scripting).
  • How to do black-box testing (testing without access to source code).
  • How to script simple exploits with Python.

Tools

  • Developer Tools
  • Burp Suite
  • Python requests library

Job Positions

Penetration Tester

Tags

XssOwasp Top 10Session HijackingInput ValidationLogic Flaw