The Natas wargame teaches the basics of serverside web-security by enabling players to identify and exploit vulnerabilities in web applications. If you notice something essential is missing or have ideas for new levels, please let us know!
This game, like most others, is organized into levels. You start at Level 0 and try to "beat" or "finish" it. Completing a level provides information on how to start the next level. The pages on this website for "Level " contain information on how to progress from the previous level to Level X. For example, the page for Level 1 has information on how to gain access from Level 0 to Level 1. All levels in this game have a dedicated page on this website, accessible from the sidemenu on the left of this page.
You may encounter situations where you have no idea what to do. Don’t panic! Don’t give up! The purpose of this game is for you to learn the basics of web security, and part of learning is reading new information. If you've never interacted with web applications in a security context, start with this introduction to web security.
Here are several things you can try when you're unsure how to proceed:
- If you encounter a new concept or technique, look it up! Web security is a broad field, and there are plenty of resources available online.
- Use the developer tools in your web browser. Right-click on the webpage and select "Inspect" or press
Ctrl+Shift+Ito open them. These tools will allow you to see the HTML, CSS, and JavaScript that make up the page. - Your favorite search engine is your friend. Learn how to use it! Google is recommended.
You’re ready to start! Begin with Level 0, linked on the left of this page. Good luck!
When working on Natas levels, you may find it useful to use web security tools like Burp Suite or OWASP ZAP. These tools can help you analyze and manipulate web traffic to better understand how the web applications you are interacting with work.
You can expand this format for subsequent levels, detailing the objectives, instructions, hints, and solutions. This approach will provide a clear and structured guide for users working through the Natas levels.