diff --git a/app.py b/app.py
index 2ff538b..46b96be 100644
--- a/app.py
+++ b/app.py
@@ -51,7 +51,7 @@ def osint():
     return render_template('osint-main.html')
 
 @app.route("/web/sql-injection", methods=('GET', 'POST'))
-def sql():
+def websql():
     if request.method == 'POST':
         login = request.form['login']
         password = request.form['pass']
@@ -64,8 +64,24 @@ def sql():
         return redirect(url_for('success_login'), code=302)
     return render_template('sql-injection.html')
 
+@app.route("/web/idor")
+def webidor():
+    return render_template('idor.html')
+
+@app.route("/web/path-traversal")
+def webpt():
+    return render_template('path-traversal.html')
+
+@app.route("/web/ssti")
+def webssti():
+    return render_template('ssti.html')
+
+@app.route("/web/portswigger-guide")
+def webpsguide():
+    return render_template('portswigger-guide.html')
+
 @app.route("/forensic/task1-metadata")
-def task1():
+def forensictask1():
     session['task1_id'] = id = hex(getrandbits(45))[2:]
     session['task1_flag'] = flag_task1 = f'C4TchFl4g{{{hex(getrandbits(45))[2:]}}}'
     task1_flag(flag_task1, id)
@@ -83,10 +99,6 @@ def task1():
 def forensic_task1():
     return send_file(f'/tmp/task1/{session['task1_id']}.jpg')
 
-@app.route("/decode-me")
-def decode():
-    return render_template('decode.html')
-
 @app.route("/success_login", methods=('GET', 'POST'))
 def success_login():
     flag = session.get('sql_flag')
diff --git a/templates/decode.html b/templates/decode.html
deleted file mode 100644
index e7a638b..0000000
--- a/templates/decode.html
+++ /dev/null
@@ -1 +0,0 @@
-{% extends '_task.html' %}
diff --git a/templates/success.html b/templates/success-sql.html
similarity index 100%
rename from templates/success.html
rename to templates/success-sql.html
diff --git a/templates/web-main.html b/templates/web-main.html
index 25e3f78..31462b1 100644
--- a/templates/web-main.html
+++ b/templates/web-main.html
@@ -1,6 +1,22 @@
 <html lang="ru">
-{% include '_head.html' %}
-<body>
-    {% include '_header.html' %}
-    {% include '_sidenav.html' %}
-    <img id="help" src="{{ url_for('static', filename='imgs/icon.png') }}">
\ No newline at end of file
+    {% include '_head.html' %}
+    <body>
+        {% include '_header.html' %}
+        {% include '_sidenav.html' %}
+            <div class="container">
+                <div class="small info1 capsule-window">
+                <p class="simpletext">< Задания категории Web ></p>
+                <nav class="navbtn">
+                {%- for name, descr in (
+                    ('websql',    "SQL-инъекция"),
+                    ('webidor',  "Уязвимость IDOR"),
+                    ('webpt', "Уязвимость Path Traversal"),
+                    ('webssti',  "Уязвимость SSTI"),
+                    ('webpsguide',  "PortSwigger и с чем его едят"),
+                ) %}
+                    <a href="{{ url_for(name) }}" class="btn1">{{ descr }}</a>
+                {%- endfor %}
+            </div>
+        <img id="help" src="{{ url_for('static', filename='imgs/icon.png') }}">
+    </body>
+</html>
\ No newline at end of file