Green Badge

16

Exercises

48

Completed this badge

24

CPEs

GraphQL Introspection

This exercise covers how to use introspection to get access to additional information in GraphQL.

Difficulty: EASY
  • 1 video
  • GraphQL/Node/Angular
  • Completed by 489 students
  • Takes Less than an hour on average

Ruby 2.x Universal RCE Deserialization Gadget Chain

This exercise covers how to get code execution by using a Ruby Universal Gadget when an attacker controls the data passed to Marshal.load()

Difficulty: EASY
  • 1 video
  • Ruby/Sinatra
  • Completed by 217 students
  • Takes Less than an hour on average

GraphQL: SQL Injection

This exercise covers how to use introspection and a SQL injection to get access to additional information in GraphQL.

Difficulty: EASY
  • GraphQL/Node/Angular/SQLite3
  • Completed by 183 students
  • Takes Between 2 and 4 hours on average

CVE-2019-5420

This exercise details the exploitation of CVE-2019-5420 to forge a session as another user

Difficulty: MEDIUM
  • 2 videos
  • Ruby-on-Rails
  • Completed by 109 students
  • Takes Between 2 and 4 hours on average

From SQL injection to Shell III

This exercise covers how to gain access to an administration interface using SQL injection followed by how to get command execution using ImageTragick

Difficulty: HARD
  • 1 video
  • Ruby-on-Rails
  • Completed by 167 students
  • Takes Between 2 and 4 hours on average

Length Extension Attack

This exercise covers how to use a length extension attack to exploit a directory traversal vulnerability

Difficulty: HARD
  • Ruby
  • Completed by 69 students
  • Takes Between 2 and 4 hours on average

Gogs RCE

This exercise covers how to get code execution against the Git self hosted tool: Gogs.

Difficulty: HARD
  • 3 videos
  • Golang
  • Completed by 103 students
  • Takes Between 1 and 2 hours on average

Gogs RCE II

This exercise covers how to get code execution against the Git self hosted tool: Gogs.

Difficulty: HARD
  • 2 videos
  • Golang
  • Completed by 82 students
  • Takes Between 1 and 2 hours on average

JWT VIII

This exercise covers how to use the jku header to bypass an authentication based on JWT.

Difficulty: HARD
  • 3 videos
  • Ruby/Sinatra
  • Completed by 157 students
  • Takes Between 1 and 2 hours on average

JWT IX

This exercise covers how to use the jku header to bypass an authentication based on JWT.

Difficulty: HARD
  • 2 videos
  • Ruby/Sinatra
  • Completed by 143 students
  • Takes Less than an hour on average

JWT XII

This exercise covers how to use the x5u header to bypass an authentication based on JWT.

Difficulty: HARD
  • 2 videos
  • Ruby/Sinatra
  • Completed by 91 students
  • Takes Between 1 and 2 hours on average

cve-2019-5420 II

This exercise details the exploitation of CVE-2019-5420 to gain code execution

Difficulty: HARD
  • 2 videos
  • Completed by 71 students
  • Takes Between 1 and 2 hours on average

CVE-2019-5418

This exercise details the exploitation of CVE-2019-5418 to get code execution

Difficulty: HARD
  • 3 videos
  • Completed by 60 students
  • Takes Between 2 and 4 hours on average

IDOR to Shell

This exercise covers how to get code execution by chaining vulnerabilities in a Ruby-on-Rails application

Difficulty: HARD
  • 2 videos
  • Ruby-on-Rails
  • Completed by 218 students
  • Takes Between 1 and 2 hours on average

JWT X

This exercise covers how to use the jku header to bypass an authentication based on JWT.

Difficulty: HARD
  • 2 videos
  • Ruby/Sinatra
  • Completed by 123 students
  • Takes Less than an hour on average

JWT XI

This exercise covers how to use the jku header to bypass an authentication based on JWT.

Difficulty: HARD
  • 3 videos
  • Ruby/Sinatra
  • Completed by 96 students
  • Takes Between 1 and 2 hours on average