austinhartzheim
commented
7 years ago One idea might be to exploit a bug in an HSTS implementation. The Servo implementation seems pretty readable: https://github.com/servo/servo/blob/master/components/net/hsts.rs
Exposes participants to the Rust language, which is very interesting from a security perspective, and helps them learn about bug hunting.
Done when: