🔬

browser-ctf-practice

Master cybersecurity through hands-on Capture The Flag challenges. Practice SQL injection, XSS, cryptography, forensics, and more - all in your browser.

🔬 立即试用

这是什么?

🎯 模拟器提示

📚 术语表

CTF
夺旗——安全竞赛形式
Flag
证明挑战完成的秘密字符串
SQLi
SQL注入——数据库攻击
XSS
跨站脚本 - JavaScript 注入
CSRF
跨站请求伪造 - 诱骗用户采取行动
IDOR
不安全的直接对象引用 - 访问其他用户的数据
RCE
远程代码执行 - 在服务器上运行任意代码
LFI
本地文件包含 - 读取服务器文件
RFI
远程文件包含 - 包含外部恶意文件
Payload
攻击代码或数据
Writeup
挑战的详细解决方案说明

🎓 学习资源

💬 给学习者的话

{'encouragement': "Every expert was once a beginner who couldn't solve their first challenge. Struggle is part of learning. The flag you find after hours of trying feels better than one you found in minutes.", 'reminder': 'CTFs are games that teach real skills. What you learn here directly applies to real security work.', 'action': 'Start with a beginner challenge. Get that first flag. Feel that excitement. Then do another.', 'dream': 'A teenager in Kenya might become a world-ranked CTF player. A student in Nigeria might find a critical vulnerability that protects millions. This is your training ground.', 'wiaVision': 'WIA Pin Code brings CTF training to everyone. The security researchers of tomorrow are practicing today. Be one of them.'}

开始使用

免费,无需注册

开始使用 →