A fantastic resource to learn real world setups for capture the flags. The best thing that I like about this website is that you won’t be able to find the solution until you figure it out yourself, seriously getting the solution from online forums and other sources is equally challenging. I have solved mostly from the web client section and problems are really well structured.
Web-Client
For a lot of these problems I had to use mockbin to mock an attacker controlled endpoint. Essentially for harvesting any information from the vulnerable server.