Here is a list of recommended challenes on play.picoctf.org/practice for you to work on.
If you are stuck, it's often a good idea to move on to another challenge and come back later.
Always feel free to work on any challenge that strikes your fancy. These are ones I have taken a look at.
If you are interested in being on a class leaderboard, you can join here:
https://play.picoctf.org/classrooms
Invite code: C7M3rMer6
-
Source searching
-
Cookie inspection and editing
- Power Cookie
- Cookies
- More Cookies (quite a bit harder, try other sections first)
- JAuth (quite a bit harder, try other sections first)
-
JavaScript reversing
-
Headers:
-
Command injection
- Packets Primer
- Wireshark doo dooo do doo
- Wireshark twoo twooo two twoo
- Eavesdrop
- Trivial Flag Transfer Protocol
- shark on wire 1
- shark on wire 2
- scrambled-bytes
- WPA-ing Out
- picoctf.org
- overthewire.org
- portswigger.net/web-security
- microcorruption.com
- hackthebox.com
- youtube.com/@LiveOverflow
- Darknet Diaries Podcast
- youtube.com/@DEFCONConference