Login
Register
Introduction 00 (next)
Course
Videos
Scoring
Introduction Badge
Introduction Badge (next)
Badges
Introduction Badge
Unix Badge
Essential Badge
PCAP badge
White Badge
Serialize Badge
Yellow Badge
Blue Badge
Green Badge
Orange Badge
Intercept Badge
Authentication / Authorization Badge
Android Badge
Capture-The-Flag Badge
Brown Badge
Recon Badge
API Badge
Code Review Badge
Java Serialize Badge
HTTP Badge
Login
Register
Yellow Badge
1111
Completed
7
Exercises
Easy
CVE-2016-10033: PHPMailer RCE
This exercise covers a remote code execution vulnerability in PHPMailer
1 video
Completed by 2132 students
Takes Less than an hour on average
PHP
Easy
CVE-2016-2098
This exercise covers a remote code execution vulnerability in Ruby-on-Rails when using render on user-supplied data
1 video
Completed by 2030 students
Takes Less than an hour on average
Rails
Easy
Cipher block chaining
This exercise details how to tamper with data encrypted using CBC
2 videos
Completed by 1583 students
Takes Between 1 and 2 hours on average
PHP
Medium
Play Session Injection
This exercise covers the exploitation of a session injection in the Play framework. This issue can be used to tamper with the content of the session while bypassing the signing mechanism
2 videos
Completed by 1603 students
Takes Less than an hour on average
Java/Play
Medium
Play XML Entities
This exercise covers the exploitation of a XML entities in the Play framework.
1 video
Completed by 1278 students
Takes Between 1 and 2 hours on average
Java/Play
Medium
JSON Web Token II
This exercise covers the exploitation of an issue with some implementations of JWT
3 videos
Completed by 1993 students
Takes Between 1 and 2 hours on average
PHP
Medium
Struts s2-045
This exercise covers a Remote Code Execution in Struts 2.
1 video
Completed by 1614 students
Takes Less than an hour on average
Tomcat/Struts