CTF Web Exploitation

Use this skill as a routing and execution guide for web-heavy challenges. Keep the first pass short: map the app, confirm the trust boundary, and only then dive into the detailed technique notes.

Prerequisites

Python packages (all platforms):

pip install sqlmap flask-unsign requests

Linux (apt):

apt install hashcat jq curl