rootdrifter.io contains hidden challenges for those who look carefully.
This is not a gimmick — each challenge teaches a real security technique.
CHALLENGE 0 — VIEW SOURCE · LIVE
- Difficulty: // OBSERVER (anyone can find this)
- Technique: information gathering from page source
- Reward: you already have it — check the source.
- Hint: the first flag is hidden on the homepage.
CHALLENGE 1 — FOLLOW THE TRAIL · COMING SOON
- Difficulty: // BASELINE (curious beginner)
- Technique: robots.txt recon
- Reward: 1 month Supporter membership
CHALLENGE 2 — THE OPEN DOOR · COMING SOON
- Difficulty: // SIGNAL (security student)
- Technique: web application reconnaissance
- Reward: 3 months Patron membership
- Note: this challenge runs on an isolated environment, not the production site.
CHALLENGE 3 — SIGNAL IN THE NOISE · COMING SOON
- Difficulty: // SIGNAL+ (practitioner)
- Technique: steganographic analysis
- Reward: a direct consultation session
// HOW TO SUBMIT
Email [email protected] with subject Challenge [N] — [your handle]. Include the flag value and a brief description of how you found it.
// SOLVER HALL OF FAME
The first solver for each challenge is acknowledged here. (Coming as challenges go live.)
Security note: all challenges that could affect production infrastructure run on isolated, sandboxed environments. Challenge 0 is a static HTML comment — it cannot be used to compromise anything.