Stripe: Capture the Flag - Complete
Just completed the Stripe: Capture the Flag security challenge!! It was good fun, involved groking JavaScript, PHP, Python and Ruby code and figuring out attack vectors to proceed through the levels. It was a good mix of XSS, CSRF, SQL Injection, Crypto and Side Channel attacks.
All the tinkering and reading I keep doing helped a lot as I had local environments on which I could easily setup the test code and play around with. I learned 100x more by doing this challenge than I ever did by reading through a lot of security books and articles.
Overall, I thought the contest was very well organized and run, the level of hardness was just right for this challenge and the staff from Stripe were very active in the forums and were prompt with support on technical issues. Kudos to them.