Our challenges do NOT require any bruteforcing/directory fuzzing/massive amounts of traffic. Please practise hacking on our challenges manually.
Failure to abide by the rules will put you at risk of being restricted from using our free challenges.
"I've won a bounty" generator
We know people love to say they've some bounties so simply input your username & bounty amount and then generate your image!
Can you discover how the application works and if there's anything interesting happening? Perhaps there is XSS somewhere hidden here.