Green Badge

188 Completed
16 Exercises
Easy image for GraphQL Introspection

GraphQL Introspection

  • This exercise covers how to use introspection to get access to additional information in GraphQL.
  • 1 video
  • Completed by 1223 students
  • Takes Less than an hour on average
  • GraphQL/Node/Angular
Easy image for Ruby 2.x Universal RCE Deserialization Gadget Chain

Ruby 2.x Universal RCE Deserialization Gadget Chain

  • This exercise covers how to get code execution by using a Ruby Universal Gadget when an attacker controls the data passed to Marshal.load()
  • 1 video
  • Completed by 737 students
  • Takes Less than an hour on average
  • Ruby/Sinatra
Easy image for GraphQL: SQL Injection

GraphQL: SQL Injection

  • This exercise covers how to use introspection and a SQL injection to get access to additional information in GraphQL.
  • 1 video
  • Completed by 607 students
  • Takes Between 1 and 2 hours on average
  • GraphQL/Node/Angular/SQLite3
Medium image for CVE-2019-5420

CVE-2019-5420

  • This exercise details the exploitation of CVE-2019-5420 to forge a session as another user
  • 2 videos
  • Completed by 424 students
  • Takes Between 2 and 4 hours on average
  • Ruby-on-Rails
Hard image for From SQL injection to Shell III

From SQL injection to Shell III

  • This exercise covers how to gain access to an administration interface using SQL injection followed by how to get command execution using ImageTragick
  • 1 video
  • Completed by 535 students
  • Takes Between 1 and 2 hours on average
  • Ruby-on-Rails
  • SQL Injection,
Hard image for Length Extension Attack

Length Extension Attack

  • This exercise covers how to use a length extension attack to exploit a directory traversal vulnerability
  • 1 video
  • Completed by 313 students
  • Takes Between 1 and 2 hours on average
  • Ruby
Hard image for Gogs RCE

Gogs RCE

  • This exercise covers how to get code execution against the Git self hosted tool: Gogs.
  • 3 videos
  • Completed by 327 students
  • Takes Between 1 and 2 hours on average
  • Golang
Hard image for Gogs RCE II

Gogs RCE II

  • This exercise covers how to get code execution against the Git self hosted tool: Gogs.
  • 2 videos
  • Completed by 282 students
  • Takes Less than an hour on average
  • Golang
Hard image for JWT VIII

JWT VIII

  • This exercise covers how to use the jku header to bypass an authentication based on JWT.
  • 3 videos
  • Completed by 459 students
  • Takes Between 1 and 2 hours on average
  • Ruby/Sinatra
  • jwt,
Hard image for JWT IX

JWT IX

  • This exercise covers how to use the jku header to bypass an authentication based on JWT.
  • 2 videos
  • Completed by 422 students
  • Takes Less than an hour on average
  • Ruby/Sinatra
  • jwt,
Hard image for JWT XII

JWT XII

  • This exercise covers how to use the x5u header to bypass an authentication based on JWT.
  • 2 videos
  • Completed by 313 students
  • Takes Between 1 and 2 hours on average
  • Ruby/Sinatra
  • jwt,
Hard image for cve-2019-5420 II

cve-2019-5420 II

  • This exercise details the exploitation of CVE-2019-5420 to gain code execution
  • 2 videos
  • Completed by 258 students
  • Takes Less than an hour on average
Hard image for CVE-2019-5418

CVE-2019-5418

  • This exercise details the exploitation of CVE-2019-5418 to get code execution
  • 3 videos
  • Completed by 224 students
  • Takes Between 1 and 2 hours on average
Hard image for IDOR to Shell

IDOR to Shell

  • This exercise covers how to get code execution by chaining vulnerabilities in a Ruby-on-Rails application
  • 2 videos
  • Completed by 533 students
  • Takes Between 1 and 2 hours on average
  • Ruby-on-Rails
Hard image for JWT X

JWT X

  • This exercise covers how to use the jku header to bypass an authentication based on JWT.
  • 2 videos
  • Completed by 357 students
  • Takes Less than an hour on average
  • Ruby/Sinatra
  • jwt,
Hard image for JWT XI

JWT XI

  • This exercise covers how to use the jku header to bypass an authentication based on JWT.
  • 3 videos
  • Completed by 309 students
  • Takes Between 1 and 2 hours on average
  • Ruby/Sinatra
  • jwt,