White Badge
5267 Completed
16 Videos
6 Exercises
The white badge covers a wide range of web vulnerabilities to give people a view of what kind of issues can be found in web application. We usually recommend to start with this badge once you have finished the Introduction, Essential, Unix, PCAP badges.
White Videos
White Exercises
Easy
PENTESTERLAB
CVE-2014-6271/Shellshock
- This exercise covers the exploitation of a Bash vulnerability through a CGI.
- 1 video
- Completed by 8709 students
- Takes < 1 Hr. on average
- CGI/Apache/Bash
- CWE-78
Medium
PENTESTERLAB
From SQL Injection to Shell
- This exercise demonstrates how to leverage a SQL injection to gain access to the admin console, and from there, how to execute commands on the underlying system
- 2 videos
- Completed by 7963 students
- Takes < 1 Hr. on average
- PHP/Apache/Mysql
- SQL Injection
- CWE-89
Medium
PENTESTERLAB
CVE-2007-1860: mod_jk double-decoding
- This exercise covers the exploitation of CVE-2007-1860. This vulnerability allows an attacker to gain access to inaccessible pages using crafted requests. This is a common trick that a lot of testers miss.
- 4 videos
- Completed by 5949 students
- Takes 1-2 Hrs. on average
- Tomcat/Apache
- CWE-22
Medium
PENTESTERLAB
Pickle Code Execution
- This exercise covers the exploitation of Python's pickle when used to deserialize untrusted data
- 4 videos
- Completed by 6246 students
- Takes < 1 Hr. on average
- Python