Login
Register
Introduction 00 (next)
Course
Videos
Scoring
Introduction Badge
Introduction Badge (next)
Badges
Introduction
0 / 4
Unix
0 / 35
Essential
0 / 60
PCAP badge
0 / 35
HTTP
0 / 43
White
0 / 6
Serialize
0 / 5
Yellow
0 / 7
Blue
0 / 11
Green
0 / 16
Orange
0 / 15
Intercept
0 / 5
Authentication / Authorization
0 / 21
Android
0 / 8
Capture-The-Flag
0 / 6
Brown
0 / 26
Recon
0 / 27
API
0 / 13
Media
0 / 6
Code Review
0 / 104
Java Serialize
0 / 11
Login
Register
Authentication / Authorization Badge
67
Completed
39
Videos
21
Exercises
Easy
OAuth2: Authorization Server CSRF
This exercise covers the exploitation of a CSRF in the Authorization server
2 videos
Completed by 754 students
Takes Between 1 and 2 hours on average
Ruby-On-Rails
Easy
SAML: Introduction
This exercise covers the exploitation of a signature stripping vulnerability in SAML
2 videos
Completed by 1852 students
Takes Less than an hour on average
RoR
Easy
SAML: Comment Injection
This exercise covers the exploitation of a comment injection vulnerability in SAML
2 videos
Completed by 958 students
Takes Less than an hour on average
Ruby on Rails
Easy
SAML: Signature Stripping
This exercise covers the exploitation of a signature stripping vulnerability in SAML
2 videos
Completed by 1353 students
Takes Less than an hour on average
RoR
Medium
OAuth2: Client CSRF
This exercise covers the exploitation of a CSRF in the OAuth2 Client
2 videos
Completed by 638 students
Takes Less than an hour on average
Ruby-On-Rails
Medium
OAuth2: Client CSRF II
This exercise covers the exploitation of a CSRF in the OAuth2 Client
2 videos
Completed by 301 students
Takes Between 2 and 4 hours on average
Ruby-On-Rails
Medium
SAML: Known Key
This exercise covers the exploitation of a known key in SAML
3 videos
Completed by 194 students
Takes Between 1 and 2 hours on average
Ruby on Rails
Medium
SAML: Trusted Embedded Key
This exercise covers the exploitation of a service provider (SP) that doesn't check the certificate provided in the SAMLResponse
2 videos
Completed by 209 students
Takes Less than an hour on average
Ruby on Rails
Medium
SAML: SAMLResponse forwarding
This exercise covers how one can pass the SAMLResponse from one Service Provider to another Service Provider.
Completed by 215 students
Takes Less than an hour on average
Ruby on Rails
Medium
OAuth2: State Fixation
This exercise covers the exploitation of a state fixation in the OAuth2 Client
2 videos
Completed by 196 students
Takes Between 1 and 2 hours on average
Ruby-On-Rails
Medium
SAML: Comment Injection II
This exercise covers the exploitation of a comment injection vulnerability in SAML
2 videos
Completed by 244 students
Takes Less than an hour on average
Ruby on Rails
Medium
OAuth2: Authorization Server XSS
This exercise covers the exploitation of a XSS in the Authorization server
2 videos
Completed by 149 students
Takes Less than an hour on average
Ruby-On-Rails
Medium
OAuth2: Authorization Server OpenRedirect
This exercise covers the exploitation of an OpenRedirect in the Authorization Server
3 videos
Completed by 675 students
Takes Less than an hour on average
Ruby-On-Rails
Medium
OAuth2: Client OpenRedirect
This exercise covers the exploitation of an OpenRedirect in the OAuth2 Client
2 videos
Completed by 588 students
Takes Less than an hour on average
Ruby-On-Rails
Hard
OAuth2: Github HTTP HEAD
This exercise covers the exploitation of the HTTP HEAD issue impacting Github in 2019
2 videos
Completed by 297 students
Takes Between 1 and 2 hours on average
Ruby-On-Rails
Hard
OAuth2: Client Server XSS
This exercise covers the exploitation of a Cross-Site Scripting in the OAuth2 Client Server
2 videos
Completed by 190 students
Takes Between 1 and 2 hours on average
Ruby-On-Rails
Hard
OAuth2: Predictable State
This exercise covers the exploitation of predictable state in the OAuth2 Client
2 videos
Completed by 143 students
Takes Between 2 and 4 hours on average
Ruby-On-Rails
Hard
OAuth2: Predictable State II
This exercise covers the exploitation of predictable state in the OAuth2 Client
2 videos
Completed by 131 students
Takes Between 1 and 2 hours on average
Ruby-On-Rails
Hard
SAML: Signature Wrapping
This exercise covers how one can use Signature Wrapping to become arbitrary users.
1 video
Completed by 231 students
Takes Less than an hour on average
Ruby on Rails
Hard
SAML: Signature Wrapping II
This exercise covers how one can use Signature Wrapping to become arbitrary users.
Completed by 178 students
Takes Less than an hour on average
Ruby on Rails
Hard
OAuth2: Authorization Server XSS II
This exercise covers the exploitation of a XSS in the Authorization server
2 videos
Completed by 113 students
Takes Less than an hour on average
Ruby-On-Rails