Available for Free: Energy.js

08/06/2023

This Challenge has been featured in the FIRSTCON23 CTF, as such it has been made available for free for 1 week: 8th June - 15th June

Try it now Energy.js

One of the largest electricity providers in Australia was subjected to a password guessing attack. The attack resulted in unauthorised access to more than 300 customers.

The Energy.js challenge is inspired from this incident. Password guessing attack against authentication system is common. There are a few places where the system leaks user information.

Find these holes and effectively fix them.

Play AppSec WarGames

Want to skill-up in secure coding and AppSec? Try SecDim Wargames to learn how to find, hack and fix security vulnerabilities inspired by real-world incidents.

For Companies Play Now

Got a comment?

Join our secure coding and AppSec community. A discussion board to share and discuss all aspects of secure programming, AppSec, DevSecOps, fuzzing, cloudsec, AIsec code review, and more.