Hello! We’ve just launched a new wargame site called damn vulnerable web! It consists only of web challenges, primarily designed for intermediate to advanced players rather than beginners. We hope this wargame helps more people gain deeper and broader knowledge in web hacking

Read the article :

We’ve published a new article! This is a full writeup of the web challenges from the SECCON 14 Qual round. It has been written in detail so that readers can understand the core concepts and techniques even if they did not attempt the challenges themselves. We would like to

Read the research:

We have successfully published our third research! This research focuses on diving deep into the Spring framework. Spring is an important framework used by many companies. However, since the Spring framework doesn't frequently appear in challenges, we expect many people are

English Version article : https://t.co/ABbsMEf0FM Korean Version article : https://t.co/XzFBEeAMs2

We have published a new article! You can check out the research in both Korean and English versions below :) This article is not research, but a complete writeup of the web challenges from the CODEGATE 2025 final round. We have organized it in as much detail as possible so that

Read the research:

We have successfully published our second research! This research focuses on various XSLeaks techniques through real case studies. It explains why XSLeaks are dangerous in the real world and how XSLeaks techniques can be utilized in challenges such as CTFs. This is a series

Read the research:

We have successfully published our first research! This research conducts an in-depth study of potential security vulnerabilities and issues in the Next.js framework. We highlight security vulnerabilities in Next.js based on various CVEs and case studies.