[ryandrake]

> When I was play noxCTF 2018, I saw a challenge named PSRF, then I thought that might be SSRF, PostScript, or both.

Wow, talk about having no context! You need to do at least three Google searches just to parse the first sentence.

EDIT: Realized my comment was not constructive. For context, might be helpful to make some of the acronyms into links!

[meowface]

SSRF should be well known to anyone familiar with web app vulnerabilities, and PostScript is a programming language that's been around since 1982. Not exactly arcane terms. And noxCTF can reasonably be assumed to be a security CTF competition, even if you aren't familiar with the specific CTF.

[seadog007]

Well, I think if all developer know about these vulnerabilities, then there are no more bug bounty that we can play. Then it might be helpful to put some intro of these terms.

But still, I except people who click the link should already understand these terms.

[seadog007]

I just added a brief intro. I don't think everyone should understand the technique detail, but if that want, they will

[seadog007]

Sorry about that, what is your suggestion?

[umvi]

Write an introduction paragraph that gives context for non security researchers/penetration testers/etc.

[seadog007]

Before your reply, I will add some explain for these terms

[dang]

An introductory paragraph, as umvi suggested, would be very helpful.

Also, please don't use sockpuppet accounts to upvote HN submissions. That's not allowed here, and we ban accounts that do it.