Green Badge

369 Completed
31 Videos
16 Exercises

Exercises

Easy
GraphQL Introspection
  • This exercise covers how to use introspection to get access to additional information in GraphQL.
  • 1 video
  • Completed by 1993 students
  • Takes < 1 Hr. on average
  • GraphQL/Node/Angular

 

Easy
Ruby 2.x Universal RCE Deserialization Gadget Chain
  • This exercise covers how to get code execution by using a Ruby Universal Gadget when an attacker controls the data passed to Marshal.load()
  • 1 video
  • Completed by 1225 students
  • Takes < 1 Hr. on average
  • Ruby/Sinatra

 

Easy
GraphQL: SQL Injection
  • This exercise covers how to use introspection and a SQL injection to get access to additional information in GraphQL.
  • 1 video
  • Completed by 1203 students
  • Takes 1-2 Hrs. on average
  • GraphQL/Node/Angular/SQLite3

 

Medium
CVE-2019-5420
  • This exercise details the exploitation of CVE-2019-5420 to forge a session as another user
  • 2 videos
  • Completed by 748 students
  • Takes 2-4 Hrs. on average
  • Ruby-on-Rails
  • CWE-330

 

Hard
From SQL injection to Shell III
  • This exercise covers how to gain access to an administration interface using SQL injection followed by how to get command execution using ImageTragick
  • 1 video
  • Completed by 958 students
  • Takes 1-2 Hrs. on average
  • Ruby-on-Rails
  • SQL Injection
  • CWE-89

 

Hard
Length Extension Attack
  • This exercise covers how to use a length extension attack to exploit a directory traversal vulnerability
  • 1 video
  • Completed by 623 students
  • Takes 1-2 Hrs. on average
  • Ruby

 

Hard
Gogs RCE
  • This exercise covers how to get code execution against the Git self hosted tool: Gogs.
  • 3 videos
  • Completed by 570 students
  • Takes 1-2 Hrs. on average
  • Golang
  • CWE-384

 

Hard
Gogs RCE II
  • This exercise covers how to get code execution against the Git self hosted tool: Gogs.
  • 2 videos
  • Completed by 506 students
  • Takes < 1 Hr. on average
  • Golang
  • CWE-94

 

Hard
JWT VIII
  • This exercise covers how to use the jku header to bypass an authentication based on JWT.
  • 3 videos
  • Completed by 817 students
  • Takes 1-2 Hrs. on average
  • Ruby/Sinatra
  • jwt
  • cwe-310

 

Hard
JWT IX
  • This exercise covers how to use the jku header to bypass an authentication based on JWT.
  • 2 videos
  • Completed by 756 students
  • Takes < 1 Hr. on average
  • Ruby/Sinatra
  • jwt
  • cwe-310

 

Hard
JWT XII
  • This exercise covers how to use the x5u header to bypass an authentication based on JWT.
  • 2 videos
  • Completed by 572 students
  • Takes 1-2 Hrs. on average
  • Ruby/Sinatra
  • jwt
  • cwe-310

 

Hard
cve-2019-5420 II
  • This exercise details the exploitation of CVE-2019-5420 to gain code execution
  • 2 videos
  • Completed by 467 students
  • Takes 1-2 Hrs. on average

 

Hard
CVE-2019-5418
  • This exercise details the exploitation of CVE-2019-5418 to get code execution
  • 3 videos
  • Completed by 415 students
  • Takes 1-2 Hrs. on average
  • CWE-22

 

Hard
IDOR to Shell
  • This exercise covers how to get code execution by chaining vulnerabilities in a Ruby-on-Rails application
  • 2 videos
  • Completed by 892 students
  • Takes 1-2 Hrs. on average
  • Ruby-on-Rails
  • CWE-639

 

Hard
JWT X
  • This exercise covers how to use the jku header to bypass an authentication based on JWT.
  • 2 videos
  • Completed by 652 students
  • Takes < 1 Hr. on average
  • Ruby/Sinatra
  • jwt
  • cwe-310

 

Hard
JWT XI
  • This exercise covers how to use the jku header to bypass an authentication based on JWT.
  • 3 videos
  • Completed by 570 students
  • Takes 1-2 Hrs. on average
  • Ruby/Sinatra
  • jwt
  • cwe-310