Login
Register
Introduction 00 (next)
Course
Videos
Scoring
Introduction Badge
Introduction Badge (next)
Badges
Introduction
0 / 4
Unix
0 / 35
Essential
0 / 60
PCAP badge
0 / 35
HTTP
0 / 43
White
0 / 6
Serialize
0 / 5
Yellow
0 / 7
Blue
0 / 11
Green
0 / 16
Orange
0 / 15
Intercept
0 / 5
Authentication / Authorization
0 / 21
Android
0 / 8
Capture-The-Flag
0 / 6
Brown
0 / 26
Recon
0 / 27
API
0 / 19
Media
0 / 18
Code Review
0 / 107
Java Serialize
0 / 11
Java Code Review
0 / 30
Login
Register
Yellow Badge
1766
Completed
11
Videos
7
Exercises
Easy
CVE-2016-10033: PHPMailer RCE
This exercise covers a remote code execution vulnerability in PHPMailer
1 video
Completed by 3297 students
Takes Less than an hour on average
PHP
CWE-77
Easy
CVE-2016-2098
This exercise covers a remote code execution vulnerability in Ruby-on-Rails when using render on user-supplied data
1 video
Completed by 3206 students
Takes Less than an hour on average
Rails
CWE-20
Easy
Cipher block chaining
This exercise details how to tamper with data encrypted using CBC
2 videos
Completed by 2555 students
Takes Between 1 and 2 hours on average
PHP
crypto
Medium
Play Session Injection
This exercise covers the exploitation of a session injection in the Play framework. This issue can be used to tamper with the content of the session while bypassing the signing mechanism
2 videos
Completed by 2530 students
Takes Less than an hour on average
Java/Play
Medium
Play XML Entities
This exercise covers the exploitation of a XML entities in the Play framework.
1 video
Completed by 1993 students
Takes Between 1 and 2 hours on average
Java/Play
Medium
JSON Web Token II
This exercise covers the exploitation of an issue with some implementations of JWT
3 videos
Completed by 3253 students
Takes Between 1 and 2 hours on average
PHP
jwt
cwe-310
Medium
Struts s2-045
This exercise covers a Remote Code Execution in Struts 2.
1 video
Completed by 2448 students
Takes Less than an hour on average
Tomcat/Struts
