Hey guys, has anyone have a hint on how to find the POST request on the skills assessment. I clicked on everything while capturing the traffic on Burpsuite, I checked the source code, and used the dev tools but with no success…
Hey! I recommend looking for forms that require your input. Generally these forms can be submitted, and I have found that usually gets sent as a POST request.
Sometimes I find clicking through the web application without burpsuite helps too. I usually spend 5-10 minutes just clicking every page and button, at least with the interceptor turned off.
Feel free to DM if you still cannot find it. If you post another topic, think about putting the Academy tag on it, its the only one I have set to notify me!
-onthesauce
2 Likes
I just found the flag !! If anyone needs help you can DM me 
Yes man! I was stucked on this as well - fired up BURP disabled intercept and browsed the site and clicked and clicked and finally got a POST - not where I thought it would be like in seach fields etc. Hint here is to be consistant and try all functionalities of the site and just wait for a POST with parameters.
Then it took like 5 min to get the flag using what this modules has taught you - absolutly NO surprises in commands and tricks. Getting the POST took me honestly 4-5 hours lol.
hahahaha same for me, I was literally poking around thinking I’ve already clicked on it xD
1 Like
Another little trick tip would be to click around for a bit and fully explore the website’s functions. Then go to the HTTP History tab under the Proxy section of Burp Suite and sort by request method!!! You should find the POST request pretty quickly.
Maybe this will save someone some time in the future.
-onthesauce
3 Likes