capture the flag, cybersecurity education, hacking

@RealTryHackMe #AdventOfCyber Series: Challenge 15 – Santa Is Looking For A Sidekick #TisTheSeasonForHacking

Another day, another challenge…

In this post, we’re starting a new series, the Advent of Cyber, hosted by TryHackMe. This is the fourth year of the Advent of Cyber, where a challenge is released every day leading to Christmas. There will be 25 challenges; we’re McSkidy, an elf trying to save Christmas.

In our fifteenth challenge, Santa hired a third-party developer to create a website to hire new elves. Elf McSkidy is aware that third-party risks are serious for websites, and have tasked Exploit McRed with testing the website before going live.

The topics explored in this challenge are input validation for file uploading, unrestricted file upload vulnerabilities, phishing through file uploads, and how to properly secure file upload functionality.

Can Exploit McRed determine if the website is safe before going live? Find out below!

If you enjoy my content, buy me a coffee. Link –>