API Badge

• This exercise is the API version of an exercise you already solved in the Essential Badge. You should use it to get more confident with discovering vulnerabilities without any hint on what to look for.
• 1 video
• Completed by 2263 students
• Takes Less than an hour on average
• Rails/Angular
• API
• cwe-639,cwe-284

• This exercise is the API version of an exercise you already solved in another badge. You should use it to get more confident with discovering vulnerabilities without any hint on what to look for.
• 1 video
• Completed by 1864 students
• Takes Less than an hour on average
• Rails/Angular
• API
• CWE-327

• This exercise is the API version of an exercise you already solved in another badge. You should use it to get more confident with discovering vulnerabilities without any hint on what to look for.
• 1 video
• Completed by 1365 students
• Takes Less than an hour on average
• Rails/Angular
• API
• CWE-327

• This exercise covers how one can inspect JavaScript code to identify unused endpoints.
• 1 video
• Completed by 1343 students
• Takes Less than an hour on average
• Rails/Angular
• API, Angular
• CWE-1028

• This exercise covers how one can inspect JavaScript code to identify unused endpoints.
• 1 video
• Completed by 1277 students
• Takes Less than an hour on average
• Rails/Angular
• API, Angular
• CWE-1028

• This exercise covers a simple payments bypass.
• 2 videos
• Completed by 929 students
• Takes Less than an hour on average
• Rails/Angular
• API
• CWE-288,CWE-354,CWE-472

• This exercise covers how one can inspect JavaScript code to identify unused endpoints.
• 1 video
• Completed by 1049 students
• Takes Less than an hour on average
• Rails/Angular
• API, Angular
• CWE-1028

• This exercise covers a simple payments bypass.
• 2 videos
• Completed by 751 students
• Takes Less than an hour on average
• Rails/Angular
• CWE-354,CWE-472

• This exercise covers a simple payments bypass.
• 2 videos
• Completed by 631 students
• Takes Less than an hour on average
• Rails/Angular
• CWE-354,CWE-472

• This exercise covers how to abuse a shopping cart allowing users to apply a voucher..
• 2 videos
• Completed by 533 students
• Takes Less than an hour on average
• Rails/Angular
• CWE-472

• This exercise covers a simple payments bypass.
• 2 videos
• Completed by 375 students
• Takes Less than an hour on average
• Rails/Angular
• CWE-472

• This exercise covers a way to manipulate a shopping cart to lower the total amount
• 2 videos
• Completed by 346 students
• Takes Less than an hour on average
• Rails/Angular
• CWE-353

• This exercise covers how one can inspect JavaScript code to identify information leak.
• 1 video
• Completed by 923 students
• Takes Less than an hour on average
• Rails/Angular
• API, Angular
• CWE-950

• This exercise covers how one can inspect HTTP responses to identify information leaks.
• 1 video
• Completed by 856 students
• Takes Less than an hour on average
• Rails/Angular
• CWE-200

API 09

• This exercise covers how one can inspect HTTP responses to identify information leaks.
• Takes -- on average
• Rails/Angular

• This challenge covers how to exploit an IDOR when Mongo IDs are used
• Completed by 574 students
• Takes Less than an hour on average
• ROR/MongoDB

API Mobile 01

• This exercise covers how you can intercept traffic from a mobile application and uses this to gain access to sensitive information.
• Takes -- on average
• Node/React Native

Mongo IDOR II

• This challenge covers how to recover a Mongo ID to leverage an IDOR
• Takes -- on average
• ROR/MongoDB

• This exercise covers how to abuse a shopping cart allowing users to apply a voucher.
• 1 video
• Completed by 370 students
• Takes Less than an hour on average
• Rails/Angular
• CWE-345,CWE-693