Green Badge

83 Completed

16 Exercises

image for GraphQL Introspection

GraphQL Introspection

This exercise covers how to use introspection to get access to additional information in GraphQL.
1 video
Completed by 806 students
Takes Less than an hour on average
GraphQL/Node/Angular

image for Ruby 2.x Universal RCE Deserialization Gadget Chain

Ruby 2.x Universal RCE Deserialization Gadget Chain

This exercise covers how to get code execution by using a Ruby Universal Gadget when an attacker controls the data passed to Marshal.load()
1 video
Completed by 416 students
Takes Less than an hour on average
Ruby/Sinatra

image for GraphQL: SQL Injection

GraphQL: SQL Injection

This exercise covers how to use introspection and a SQL injection to get access to additional information in GraphQL.
Completed by 326 students
Takes Between 1 and 2 hours on average
GraphQL/Node/Angular/SQLite3

image for CVE-2019-5420

CVE-2019-5420

This exercise details the exploitation of CVE-2019-5420 to forge a session as another user
2 videos
Completed by 214 students
Takes Between 2 and 4 hours on average
Ruby-on-Rails

image for From SQL injection to Shell III

From SQL injection to Shell III

This exercise covers how to gain access to an administration interface using SQL injection followed by how to get command execution using ImageTragick
1 video
Completed by 295 students
Takes Between 1 and 2 hours on average
Ruby-on-Rails

image for Length Extension Attack

Length Extension Attack

This exercise covers how to use a length extension attack to exploit a directory traversal vulnerability
Completed by 130 students
Takes Between 2 and 4 hours on average
Ruby

image for Gogs RCE

Gogs RCE

This exercise covers how to get code execution against the Git self hosted tool: Gogs.
3 videos
Completed by 177 students
Takes Between 1 and 2 hours on average
Golang

image for Gogs RCE II

Gogs RCE II

This exercise covers how to get code execution against the Git self hosted tool: Gogs.
2 videos
Completed by 143 students
Takes Between 1 and 2 hours on average
Golang

image for JWT VIII

JWT VIII

This exercise covers how to use the jku header to bypass an authentication based on JWT.
3 videos
Completed by 269 students
Takes Between 1 and 2 hours on average
Ruby/Sinatra

image for JWT IX

JWT IX

This exercise covers how to use the jku header to bypass an authentication based on JWT.
2 videos
Completed by 241 students
Takes Less than an hour on average
Ruby/Sinatra

image for JWT XII

JWT XII

This exercise covers how to use the x5u header to bypass an authentication based on JWT.
2 videos
Completed by 165 students
Takes Between 1 and 2 hours on average
Ruby/Sinatra

image for cve-2019-5420 II

cve-2019-5420 II

This exercise details the exploitation of CVE-2019-5420 to gain code execution
2 videos
Completed by 126 students
Takes Between 1 and 2 hours on average

image for CVE-2019-5418

CVE-2019-5418

This exercise details the exploitation of CVE-2019-5418 to get code execution
3 videos
Completed by 106 students
Takes Between 2 and 4 hours on average

image for IDOR to Shell

IDOR to Shell

This exercise covers how to get code execution by chaining vulnerabilities in a Ruby-on-Rails application
2 videos
Completed by 327 students
Takes Between 1 and 2 hours on average
Ruby-on-Rails

image for JWT X

JWT X

This exercise covers how to use the jku header to bypass an authentication based on JWT.
2 videos
Completed by 201 students
Takes Less than an hour on average
Ruby/Sinatra

image for JWT XI

JWT XI

This exercise covers how to use the jku header to bypass an authentication based on JWT.
3 videos
Completed by 165 students
Takes Between 1 and 2 hours on average
Ruby/Sinatra

Black Friday Special! 2x 13.37% PRO subscription

See detail