PRO

Serialize Badge

Serialization is currently one of the hot topic in web security. This badge covers the exploitation of serialization vulnerabilities in multiple languages

  • Java
  • Completed by 922 students

XMLDecoder

  • Difficulty:

This exercise covers the exploitation of an application using XMLDecoder

  • Java/Tomcat
  • Completed by 783 students

CVE-2016-0792

  • Difficulty:

This exercise covers the exploitation of an Xstream vulnerability in Jenkins

  • 1 video
  • Java
  • Completed by 760 students

ObjectInputStream

  • Difficulty:

This exercise covers the exploitation of a call to readObject in a Spring application

  • Rails
  • Completed by 650 students

CVE-2013-0156

  • Difficulty:

This exercise covers the exploitation of a code execution in Ruby-on-Rails using XML and YAML.

  • 6 videos
  • PHP/Apache/Mysql
  • Completed by 576 students

API to Shell

  • Difficulty:

This exercise covers the exploitation of PHP type confusion to bypass a signature and the exploitation of unserialize.

About us

PentesterLab is a simple hands-on way to learn web penetration testing.

Latest Free Exercises

CVE-2018-10933: LibSSH auth bypass

Introduction to code review

S2-052

Contact Us

Email: info@pentesterlab.com

Stay Connected

© PentesterLab. ALL Rights Reserved.   | Terms and conditions   | Privacy Policy