Brown Badge

• This exercise covers how a signing oracle can be used to bypass authorization in place
• 2 videos
• Completed by 428 students
• Takes Less than an hour on average

• This exercise covers how to exploit Prototype Pollution against a JavaScript application
• 1 video
• Completed by 402 students
• Takes Less than an hour on average

• This exercise covers how you can create your own JWE if you have access to the public key used by the se rver
• 2 videos
• Completed by 260 students
• Takes Less than an hour on average

• This exercise covers how you can gain code execution in Apache Pluto 3.0.0 due to an issue in the authorisation logic
• 1 video
• Completed by 264 students
• Takes Less than an hour on average

• This exercise covers how you can use unicode to gain access to an admin account.
• 1 video
• Completed by 318 students
• Takes Less than an hour on average

• This exercise covers how you can use unicode to gain access to an admin account.
• 1 video
• Completed by 274 students
• Takes Less than an hour on average

• This exercise covers how you can create a malicious Zip file and use it to gain access to sensitive files.
• 1 video
• Completed by 256 students
• Takes Less than an hour on average

• This exercise covers how you can gain code execution when an application use a vulnerable version of PyYAML and relies on load()
• Completed by 85 students
• Takes Less than an hour on average

• This exercise covers how an insecure to render can be used to gain local file read with Express
• Completed by 53 students
• Takes Less than an hour on average

• This exercise covers how the PHP phar:// handler can be used to gain code execution using PHP unserialize.
• 1 video
• Completed by 176 students
• Takes Less than an hour on average

• This exercise covers how you can gain code execution using Spring Actuators when Spring Cloud is used.
• 1 video
• Completed by 129 students
• Takes Between 1 and 2 hours on average

• This exercise covers how to gain access to an administration interface using SQL injection followed by how to get command execution using Ghostscript
• Completed by 74 students
• Takes Between 2 and 4 hours on average
• Ruby-on-Rails
• SQL Injection,

• This exercise covers how can leverage unicode to get exploit a directory traversal
• Completed by 101 students
• Takes Less than an hour on average

• This exercise covers the exploitation of a vulnerability impacting Monocypher.
• Completed by 34 students
• Takes Between 1 and 2 hours on average
• crypto,

• This exercise covers the exploitation of a vulnerable CGI.
• 1 video
• Completed by 46 students
• Takes Less than an hour on average

• This exercise covers a remote command execution issue on Aruba Clearpass RCE
• 1 video
• Completed by 57 students
• Takes Between 1 and 2 hours on average

• This exercise details the exploitation of CVE-2020-8163 to gain code execution
• 2 videos
• Completed by 86 students
• Takes Between 2 and 4 hours on average

• This exercise covers a remote command execution vulnerability in which an attacker can only inject arguments
• Completed by 10 students
• Takes More than 4 hours on average

• This exercise covers how you can gain code execution when an application using Ox to deserialize data and run on Ruby 2.3
• Completed by 3 students
• Takes More than 4 hours on average
• Ruby

• This exercise covers the exploitation of algorithm confusion when no public key is available
• Completed by 31 students
• Takes Less than an hour on average
• PHP
• jwt,

Ox Remote Code Execution II

• This exercise covers how you can gain code execution when an application using Ox to deserialize data and run on Ruby 2.7
• Takes -- on average
• Ruby