Sign in Create Account

Authentication / Authorization Badge

The Authentication/Authorization Badge covers vulnerabilities in authentication and authorisation. It focuses on SAML and Oauth.

25 exercises 188 completed 50 videos

Exercises

Easy
auth badge icon
SAML: Introduction
  • This exercise covers the exploitation of a signature stripping vulnerability in SAML
  • 3 videos
  • Completed by 2912 students
  • Takes < 1 Hr. on average
  • RoR

Easy
auth badge icon
OAuth2: Authorization Server CSRF
  • This exercise covers the exploitation of a CSRF in an OAuth2 Authorization Server
  • 2 videos
  • Completed by 1159 students
  • Takes 1-2 Hrs. on average
  • Ruby-On-Rails
  • CWE-352

Medium
auth badge icon
SAML: Signature Stripping
  • This exercise covers the exploitation of a signature stripping vulnerability in SAML
  • 3 videos
  • Completed by 2056 students
  • Takes < 1 Hr. on average
  • RoR

Medium
auth badge icon
SAML: Comment Injection
  • This exercise covers the exploitation of a comment injection vulnerability in SAML
  • 2 videos
  • Completed by 1703 students
  • Takes < 1 Hr. on average
  • Ruby on Rails

Medium
auth badge icon
SAML: PySAML2 SSRF
  • This exercise covers the exploitation of a SSRF in PySAML2
  • Completed by 251 students
  • Takes < 1 Hr. on average
  • Python

Medium
auth badge icon
SAML: CVE-2021-21239
  • This exercise covers the exploitation of CVE-2021-21239 (PySAML2)
  • 2 videos
  • Completed by 117 students
  • Takes 1-2 Hrs. on average
  • Python

Medium
auth badge icon
SAML: Malicious IDP
  • This exercise covers the creation of a malicious IDP to forge an assertion
  • Completed by 59 students
  • Takes 2-4 Hrs. on average
  • Ruby-on-Rails

Medium
auth badge icon
SAML: Signature Wrapping III
  • This exercise covers the exploitation of a Signature Wrapping Issue in passport-saml (CVE-2022-39299)
  • 2 videos
  • Completed by 173 students
  • Takes 1-2 Hrs. on average
  • Node

Medium
auth badge icon
OAuth2: Authorization Server XSS
  • This exercise covers the exploitation of an XSS in an OAuth2 Authorization Server
  • 2 videos
  • Completed by 386 students
  • Takes < 1 Hr. on average
  • Ruby-On-Rails

Medium
auth badge icon
SAML: Comment Injection II
  • This exercise covers the exploitation of a comment injection vulnerability in SAML
  • 3 videos
  • Completed by 617 students
  • Takes < 1 Hr. on average
  • Ruby on Rails

Medium
auth badge icon
OAuth2: State Fixation
  • This exercise covers the exploitation of a state fixation in an OAuth2 Client
  • 2 videos
  • Completed by 413 students
  • Takes 1-2 Hrs. on average
  • Ruby-On-Rails

Medium
auth badge icon
SAML: SAMLResponse forwarding
  • This exercise covers how to pass the SAMLResponse from one Service Provider to another
  • 1 video
  • Completed by 523 students
  • Takes < 1 Hr. on average
  • Ruby on Rails

Medium
auth badge icon
SAML: Trusted Embedded Key
  • This exercise covers the exploitation of a Service Provider (SP) that doesn't check the certificate provided in the SAMLResponse
  • 2 videos
  • Completed by 509 students
  • Takes < 1 Hr. on average
  • Ruby on Rails

Medium
auth badge icon
SAML: Known Key
  • This exercise covers the exploitation of a known key in SAML
  • 3 videos
  • Completed by 530 students
  • Takes 1-2 Hrs. on average
  • Ruby on Rails

Medium
auth badge icon
OAuth2: Client CSRF II
  • This exercise covers the exploitation of a CSRF in an OAuth2 Client
  • 2 videos
  • Completed by 494 students
  • Takes 2-4 Hrs. on average
  • Ruby-On-Rails
  • CWE-352

Medium
auth badge icon
OAuth2: Client CSRF
  • This exercise covers the exploitation of a CSRF in an OAuth2 Client
  • 2 videos
  • Completed by 966 students
  • Takes < 1 Hr. on average
  • Ruby-On-Rails
  • CWE-352

Medium
auth badge icon
OAuth2: Client OpenRedirect
  • This exercise covers the exploitation of an OpenRedirect in an OAuth2 Client
  • 2 videos
  • Completed by 842 students
  • Takes < 1 Hr. on average
  • Ruby-On-Rails

Medium
auth badge icon
OAuth2: Authorization Server OpenRedirect
  • This exercise covers the exploitation of an OpenRedirect in an OAuth2 Authorization Server
  • 3 videos
  • Completed by 952 students
  • Takes < 1 Hr. on average
  • Ruby-On-Rails

Hard
auth badge icon
OAuth2: Predictable State
  • This exercise covers the exploitation of a predictable state in an OAuth2 Client
  • 2 videos
  • Completed by 299 students
  • Takes 2-4 Hrs. on average
  • Ruby-On-Rails

Hard
auth badge icon
OAuth2: Predictable State II
  • This exercise covers the exploitation of a predictable state in an OAuth2 Client
  • 2 videos
  • Completed by 277 students
  • Takes 1-2 Hrs. on average
  • Ruby-On-Rails

Hard
auth badge icon
SAML: Signature Wrapping
  • This exercise covers how to use Signature Wrapping to become an arbitrary user
  • 2 videos
  • Completed by 558 students
  • Takes < 1 Hr. on average
  • Ruby on Rails

Hard
auth badge icon
SAML: Signature Wrapping II
  • This exercise covers how to use Signature Wrapping to become an arbitrary user
  • 2 videos
  • Completed by 460 students
  • Takes < 1 Hr. on average
  • Ruby on Rails

Hard
auth badge icon
OAuth2: Client Server XSS
  • This exercise covers the exploitation of a Cross-Site Scripting in an OAuth2 Client and Server
  • 2 videos
  • Completed by 379 students
  • Takes 1-2 Hrs. on average
  • Ruby-On-Rails

Hard
auth badge icon
OAuth2: Authorization Server XSS II
  • This exercise covers the exploitation of an XSS in an OAuth2 Authorization Server
  • 2 videos
  • Completed by 281 students
  • Takes < 1 Hr. on average
  • Ruby-On-Rails

Hard
auth badge icon
OAuth2: Github HTTP HEAD
  • This exercise covers the exploitation of the HTTP HEAD issue impacting Github in 2019
  • 2 videos
  • Completed by 463 students
  • Takes < 1 Hr. on average
  • Ruby-On-Rails