diff --git a/content-type_bypass/flag b/content-type_bypass/flag
new file mode 100644
index 0000000..1599a1d
--- /dev/null
+++ b/content-type_bypass/flag
@@ -0,0 +1 @@
+46910d9ce35b385885a9f7e2b336249d622f29b267a1771fbacf52133beddba8
diff --git a/headers_manipulation/flag b/headers_manipulation/flag
new file mode 100644
index 0000000..4916501
--- /dev/null
+++ b/headers_manipulation/flag
@@ -0,0 +1 @@
+f2a29020ef3132e01dd61df97fd33ec8d7fcd1388cc9601e7db691d17d4d6188
diff --git a/hidden_field_manipulation/flag b/hidden_field_manipulation/flag
new file mode 100644
index 0000000..b67bb13
--- /dev/null
+++ b/hidden_field_manipulation/flag
@@ -0,0 +1 @@
+1d4855f7337c0c14b6f44946872c4eb33853f40b2d54393fbe94f49f1e19bbb0
diff --git a/input_validation/flag b/input_validation/flag
new file mode 100644
index 0000000..83f01d9
--- /dev/null
+++ b/input_validation/flag
@@ -0,0 +1 @@
+03a944b434d5baff05f46c4bede5792551a2595574bcafc9a6e25f67c382ccaa
diff --git a/open_redirect/flag b/open_redirect/flag
new file mode 100644
index 0000000..cb4224d
--- /dev/null
+++ b/open_redirect/flag
@@ -0,0 +1 @@
+b9e775a0291fed784a2d9680fcfad7edd6b8cdf87648da647aaf4bba288bcab3
diff --git a/sensitive_file_exposure/flag b/sensitive_file_exposure/flag
new file mode 100644
index 0000000..5e2459c
--- /dev/null
+++ b/sensitive_file_exposure/flag
@@ -0,0 +1 @@
+d19b4823e0d5600ceed56d5e896ef328d7a2b9e7ac7e80f4fcdb9b10bcb3e7ff
diff --git a/weak_cookie_auth/flag b/weak_cookie_auth/flag
new file mode 100644
index 0000000..3f979c7
--- /dev/null
+++ b/weak_cookie_auth/flag
@@ -0,0 +1 @@
+df2eb4ba34ed059a1e3e89ff4dfc13445f104a1a52295214def1c4fb1693a5c3
diff --git a/xss_feedback/README.md b/xss_feedback/README.md
index 4d886f6..0c1569d 100644
--- a/xss_feedback/README.md
+++ b/xss_feedback/README.md
@@ -1,4 +1,4 @@
-#  
+# bypassable xss filter  
 
 ## How We Found It
 there is a page to leave a feedback at the bottom of the home page.
diff --git a/xss_feedback/flag b/xss_feedback/flag
new file mode 100644
index 0000000..c3b8286
--- /dev/null
+++ b/xss_feedback/flag
@@ -0,0 +1 @@
+0fbb54bbf7d099713ca4be297e1bc7da0173d8b3c21c1811b916a3a86652724e