Easy Web
Could be simple could be hard, depends on you xD. Jk It’s nice and easy
Heading on to the website, we notice something in the URL (bottom of the page)
Let’s put this through burp or zap to intercept packets and see what’s going on here looking through the results of zap we the api field once again, let’s try changing the id parameter
we notice there’s a source for id
Reading everything about the source from Zap (or burp) you’ll notice something bout gimme-flag giving flag and any other, telling you they know nothing you speaking of.
And there’s our flag