NGSEC has announced version 3 of their web application security challenge.
"On
each level you will be presented a form asking you to authenticate. You
do not know the user and the password, the goal is to bypass the
authentication mechanism."
Challenge Link: http://quiz.ngsec.com/game3/
