Green Badge

372 Completed
31 Videos
16 Exercises

Exercises

Easy
GraphQL Introspection
  • This exercise covers how to use introspection to get access to additional information in GraphQL.
  • 1 video
  • Completed by 2005 students
  • Takes < 1 Hr. on average
  • GraphQL/Node/Angular

 

Medium
Ruby 2.x Universal RCE Deserialization Gadget Chain
  • This exercise covers how to get code execution by using a Ruby Universal Gadget when an attacker controls the data passed to Marshal.load()
  • 1 video
  • Completed by 1233 students
  • Takes < 1 Hr. on average
  • Ruby/Sinatra

 

Medium
GraphQL: SQL Injection
  • This exercise covers how to use introspection and a SQL injection to get access to additional information in GraphQL.
  • 1 video
  • Completed by 1211 students
  • Takes 1-2 Hrs. on average
  • GraphQL/Node/Angular/SQLite3

 

Medium
CVE-2019-5420
  • This exercise details the exploitation of CVE-2019-5420 to forge a session as another user
  • 2 videos
  • Completed by 754 students
  • Takes 2-4 Hrs. on average
  • Ruby-on-Rails
  • CWE-330

 

Hard
From SQL injection to Shell III
  • This exercise covers how to gain access to an administration interface using SQL injection followed by how to get command execution using ImageTragick
  • 1 video
  • Completed by 970 students
  • Takes 1-2 Hrs. on average
  • Ruby-on-Rails
  • SQL Injection
  • CWE-89

 

Hard
Length Extension Attack
  • This exercise covers how to use a length extension attack to exploit a directory traversal vulnerability
  • 1 video
  • Completed by 629 students
  • Takes 1-2 Hrs. on average
  • Ruby

 

Hard
Gogs RCE
  • This exercise covers how to get code execution against the Git self hosted tool: Gogs.
  • 3 videos
  • Completed by 575 students
  • Takes 1-2 Hrs. on average
  • Golang
  • CWE-384

 

Hard
Gogs RCE II
  • This exercise covers how to get code execution against the Git self hosted tool: Gogs.
  • 2 videos
  • Completed by 511 students
  • Takes < 1 Hr. on average
  • Golang
  • CWE-94

 

Hard
JWT VIII
  • This exercise covers how to use the jku header to bypass an authentication based on JWT.
  • 3 videos
  • Completed by 829 students
  • Takes 1-2 Hrs. on average
  • Ruby/Sinatra
  • jwt
  • cwe-310

 

Hard
JWT IX
  • This exercise covers how to use the jku header to bypass an authentication based on JWT.
  • 2 videos
  • Completed by 766 students
  • Takes < 1 Hr. on average
  • Ruby/Sinatra
  • jwt
  • cwe-310

 

Hard
JWT XII
  • This exercise covers how to use the x5u header to bypass an authentication based on JWT.
  • 2 videos
  • Completed by 577 students
  • Takes 1-2 Hrs. on average
  • Ruby/Sinatra
  • jwt
  • cwe-310

 

Hard
cve-2019-5420 II
  • This exercise details the exploitation of CVE-2019-5420 to gain code execution
  • 2 videos
  • Completed by 473 students
  • Takes < 1 Hr. on average

 

Hard
CVE-2019-5418
  • This exercise details the exploitation of CVE-2019-5418 to get code execution
  • 3 videos
  • Completed by 418 students
  • Takes 1-2 Hrs. on average
  • CWE-22

 

Hard
IDOR to Shell
  • This exercise covers how to get code execution by chaining vulnerabilities in a Ruby-on-Rails application
  • 2 videos
  • Completed by 900 students
  • Takes 1-2 Hrs. on average
  • Ruby-on-Rails
  • CWE-639

 

Hard
JWT X
  • This exercise covers how to use the jku header to bypass an authentication based on JWT.
  • 2 videos
  • Completed by 656 students
  • Takes < 1 Hr. on average
  • Ruby/Sinatra
  • jwt
  • cwe-310

 

Hard
JWT XI
  • This exercise covers how to use the jku header to bypass an authentication based on JWT.
  • 3 videos
  • Completed by 577 students
  • Takes 1-2 Hrs. on average
  • Ruby/Sinatra
  • jwt
  • cwe-310