Cryptography
Objective: Understand common encodings and data transformation.Base64 is a binary-to-text encoding scheme. Decode the string below to find your first flag.
RkxBR3tjcmlwdG9fYmFzaWNzfQ==
- Navigate to the decoding tool via the link below.
- Select Base64 Decode.
- Paste the encoded text and reveal the flag.
Reflection Question:
What is Base64 encoding used for, and why is it not considered encryption?
Web Inspection
Objective: Learn how information looks while inspecting the elements.- Open the target webpage using the link below.
- Right-click anywhere on the page and select Inspect.
- Open the Elements tab and scan the HTML comments
- Find the word "of" how many times its occurance in the text?
Reflection Question:
Why should sensitive information never be stored in client-side HTML comments?
Steganography
Objective: Understand how data is hidden inside media files.Target File: bisy3006_lab.png
- Download the image provided above.
- Upload it to the Steganography Online tool below.
- Extract the hidden message to reveal your flag.
Reflection Question:
What real-world risks does steganography introduce in cybersecurity?
Regular Expressions
Objective: Identify patterns using RegEx.Target Log Data:
User log:admin_01 logged inguest logged inadmin_99 logged inroot logged inadmin_07 logged in
- Paste the log text above into the Regex101 tool.
- Enter the following pattern:
admin_[0-9]+ - Confirm that only valid admin users are highlighted.
Reflection Question:
How can poor regex design lead to security vulnerabilities?
OSINT
Objective: Use public data to reveal technical details.- Navigate to the WHOIS search tool.
- Search for the domain: example.com
- Identify the Registrar name to find the final flag.
Reflection Question:
Why is OSINT a critical phase in penetration testing and threat intelligence?