Here's an reality you won't learn in CTFs:

Not every app you test will have crits. Your job isn't to find the flag; it's to find vulnerabilities. That doesn't mean there definitely is an RCE waiting for you.

Also, give praise to devs when they get it right!

@mttaggart this is so true. Something that I had to learn as well!!

Sign in to participate in the conversation

Fosstodon is an English speaking Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.