• GraphQL/Node/Angular
  • Completed by 97 students

GraphQL Introspection

  • Difficulty:

This exercise covers how to use introspection to get access to additional information in GraphQL.

  • Ruby/Sinatra
  • Completed by 50 students

Ruby 2.x Universal RCE Deserialization Gadget Chain

  • Difficulty:

This exercise covers how to get code execution by using a Ruby Universal Gadget when an attacker controls the data passed to Marshal.load()

  • GraphQL/Node/Angular/SQLite3
  • Completed by 26 students

GraphQL: SQL Injection

  • Difficulty:

This exercise covers how to use introspection and a SQL injection to get access to additional information in GraphQL.

  • 1 video
  • Ruby-on-Rails
  • Completed by 5 students

CVE-2019-5420

  • Difficulty:

This exercise details the exploitation of CVE-2019-5420 to forge a session as another user

  • Ruby-on-Rails
  • Completed by 40 students

From SQL injection to Shell III

  • Difficulty:

This exercise covers how to gain access to an administration interface using SQL injection followed by how to get command execution using ImageTragick

  • Ruby
  • Completed by 0 students

Length Extension Attack Coming soon

  • Difficulty:

This exercise covers how to use a length extension attack to exploit a directory traversal vulnerability

  • Golang
  • Completed by 18 students

Gogs RCE

  • Difficulty:

This exercise covers how to get code execution against the Git self hosted tool: Gogs.

  • Golang
  • Completed by 10 students

Gogs RCE II

  • Difficulty:

This exercise covers how to get code execution against the Git self hosted tool: Gogs.

  • 2 videos
  • Ruby/Sinatra
  • Completed by 18 students

JWT VIII

  • Difficulty:

This exercise covers how to use the jku header to bypass an authentication based on JWT.

  • 2 videos
  • Ruby/Sinatra
  • Completed by 16 students

JWT IX

  • Difficulty:

This exercise covers how to use the jku header to bypass an authentication based on JWT.

  • Ruby/Sinatra
  • Completed by 0 students

JWT XII Coming soon

  • Difficulty:

This exercise covers how to use the jku header to bypass an authentication based on JWT.

  • Completed by 3 students

cve-2019-5420 II

  • Difficulty:

This exercise details the exploitation of CVE-2019-5420 to gain code execution

  • Completed by 0 students

CVE-2019-5418 Coming soon

  • Difficulty:

This exercise details the exploitation of CVE-2019-5418 to get code execution

  • 2 videos
  • Ruby-on-Rails
  • Completed by 46 students

IDOR to Shell

  • Difficulty:

This exercise covers how to get code execution by chaining vulnerabilities in a Ruby-on-Rails application

  • Ruby/Sinatra
  • Completed by 12 students

JWT X

  • Difficulty:

This exercise covers how to use the jku header to bypass an authentication based on JWT.

  • Ruby/Sinatra
  • Completed by 2 students

JWT XI

  • Difficulty:

This exercise covers how to use the jku header to bypass an authentication based on JWT.