Recently, I competed in an ethical hacking competition (Stripe CTF 2.0: Web Edition) with a team from work. We’ve written several posts detailing our approaches to each level.
Check out our write-up here!
Also, I’ll be writing a post here in the new future describing my personal experience in depth.
EDIT: I just wrote a related post about my experience at Stripe and how it got me thinking about distributed web applications.