Syndis Developer Training


Slides can be found on


You need to register and verify your email to see the challenges. The aim of each challenge is to exploit one or more vulnerabilities, mostly in web pages, to obtain a hidden flag. All flags are of the form flag{FLAG_CONTENTS}, unless otherwise specified in the problem description.

Each challenge is tagged with the type of vulnerabilities it contains, which gives you some hint of where to focus your efforts. Further hints are available for each challenge at the cost of a handful of points.

This platform provides a scoreboard that shows the standing of all users, but please keep in mind that this feature is merely provided for fun. The aim of the challenges is to allow for a deeper understanding of the topics that will be covered during this training, and the impact vulnerabilities can have.


The challenges and slides will be available for, at least, two months from the start of the training.