Generic University

Overview

Generic University's IT department has announced the development of an exciting new online tool that allows students to view their grades conveniently. While the platform is still a work in progress, it has captured the attention of the hacking community, especially with its vulnerabilities being laid bare for discovery. This dual-purpose tool serves as both an academic utility and a potential playground for those interested in ethical hacking. With the university's bug bounty program active, there’s an opportunity for students and security enthusiasts to engage with the system responsibly.

Features

• Vulnerable API: The Laravel app is known for its vulnerabilities listed in the OWASP API Top 10, making it a perfect target for budding security researchers.
• Bug Bounty Program: Participants can earn rewards by identifying and reporting bugs, encouraging ethical hacking practices.
• Initial Setup Flexibility: Users can set up the tool using various methods, including XAMPP on Windows or Docker for convenient deployment.
• Clear Vulnerabilities: Unlike traditional Capture The Flag (CTF) challenges, this tool exposes its vulnerabilities openly, making it accessible for learning and hands-on experience.
• Access to Key Functions: Users can attempt various tasks such as altering grades or gaining administrative access, providing a rich environment for testing and exploration.
• Community Contributions: Resources such as setup guides and assistance from the community are available to ease the setup process.
• No Hidden Bugs: The vulnerabilities are straightforward and meant to be discovered, promoting a transparent approach to security education.