 |
DOMPDF RCE IV |
-- |
 |
1 |
 |
 |
SAML: Signature Wrapping III |
2-4 Hr. |
 |
3 |
 |
 |
XSL Java |
< 1 Hr. |
 |
18 |
 |
 |
DOMPDF RCE III |
2-4 Hr. |
 |
4 |
 |
 |
XSL PHP V |
1-2 Hr. |
 |
19 |
 |
 |
API Payments 07 |
< 1 Hr. |
 |
114 |
 |
 |
CVE-2021-22204: Exiftool RCE II |
< 1 Hr. |
 |
13 |
 |
 |
XSL PHP IV |
2-4 Hr. |
 |
23 |
 |
 |
API Payments 06 |
< 1 Hr. |
 |
142 |
 |
 |
CVE-2022-39224 |
2-4 Hr. |
 |
10 |
 |
 |
XSL PHP III |
< 1 Hr. |
 |
42 |
 |
 |
DOMPDF RCE II |
2-4 Hr. |
 |
6 |
 |
 |
DOMPDF RCE |
< 1 Hr. |
 |
35 |
 |
 |
API Payments 05 |
< 1 Hr. |
 |
193 |
 |
 |
XSL PHP II |
< 1 Hr. |
 |
76 |
 |
 |
API Payments 04 |
< 1 Hr. |
 |
290 |
 |
 |
XSL PHP |
< 1 Hr. |
 |
94 |
 |
 |
API Payments 03 |
< 1 Hr. |
 |
385 |
 |
 |
Code Review 18 |
1-2 Hr. |
 |
35 |
 |
 |
CVE-2020-13xxx |
< 1 Hr. |
 |
125 |
 |
 |
CVE-2022-3x7x1 |
< 1 Hr. |
 |
186 |
 |
 |
CVE-2008-5x8x |
< 1 Hr. |
 |
150 |
 |
 |
Python Snippet #02 |
< 1 Hr. |
 |
596 |
 |
 |
Java Snippet #10 |
< 1 Hr. |
 |
347 |
 |
 |
Java Snippet #11 |
< 1 Hr. |
 |
339 |
 |
 |
Java Snippet #12 |
< 1 Hr. |
 |
318 |
 |
 |
API Payments 02 |
< 1 Hr. |
 |
479 |
 |
 |
GCM Nonce Reuse |
< 1 Hr. |
 |
51 |
 |
 |
CVE-2019-5x2x |
< 1 Hr. |
 |
118 |
 |
 |
Java Snippet #07 |
< 1 Hr. |
 |
528 |
 |
 |
Java Snippet #08 |
< 1 Hr. |
 |
453 |
 |
 |
Java Snippet #09 |
< 1 Hr. |
 |
350 |
 |
 |
API Payments 01 |
< 1 Hr. |
 |
605 |
 |
 |
CVE-2022-26xx9 |
< 1 Hr. |
 |
119 |
 |
 |
Python Snippet #07 |
< 1 Hr. |
 |
453 |
 |
 |
Python Snippet #08 |
< 1 Hr. |
 |
388 |
 |
 |
Python Snippet #09 |
< 1 Hr. |
 |
437 |
 |
 |
Mongo IDOR |
< 1 Hr. |
 |
385 |
 |
 |
CVE-2008-5x8x_ii |
< 1 Hr. |
 |
129 |
 |
 |
CVE-2005-2x8x |
< 1 Hr. |
 |
135 |
 |
 |
Python Snippet #06 |
< 1 Hr. |
 |
529 |
 |
 |
Golang Snippet #01 |
< 1 Hr. |
 |
474 |
 |
 |
Java Snippet #06 |
< 1 Hr. |
 |
334 |
 |
 |
CVE-2022-21449 |
1-2 Hr. |
 |
42 |
 |
 |
CVE-2021-33564 Argument Injection in Ruby Dragonfly |
< 1 Hr. |
 |
64 |
 |
 |
CVE-2021-45xx9 |
< 1 Hr. |
 |
202 |
 |
 |
PHP Snippet #07 |
< 1 Hr. |
 |
495 |
 |
 |
PHP Snippet #08 |
< 1 Hr. |
 |
424 |
 |
 |
PHP Snippet #09 |
< 1 Hr. |
 |
425 |
 |
 |
Python Snippet #03 |
< 1 Hr. |
 |
506 |
 |
 |
Python Snippet #04 |
< 1 Hr. |
 |
459 |
 |
 |
Python Snippet #05 |
< 1 Hr. |
 |
490 |
 |
 |
CVE-2021-39x3x |
< 1 Hr. |
 |
122 |
 |
 |
CVE-2022-21724: JDBC RCE PostgreSQL |
< 1 Hr. |
 |
77 |
 |
 |
Java Snippet #04 |
< 1 Hr. |
 |
436 |
 |
 |
Java Snippet #05 |
< 1 Hr. |
 |
402 |
 |
 |
Ox Remote Code Execution II |
2-4 Hr. |
 |
12 |
 |
 |
CVE-2009-3x8x |
< 1 Hr. |
 |
167 |
 |
 |
HTTP 41 |
< 1 Hr. |
 |
1239 |
 |
 |
HTTP 42 |
< 1 Hr. |
 |
1254 |
 |
 |
HTTP 43 |
< 1 Hr. |
 |
1204 |
 |
 |
CVE-2021-381xx |
< 1 Hr. |
 |
160 |
 |
 |
H2 RCE |
< 1 Hr. |
 |
43 |
 |
 |
TypeScript Snippet #04 |
< 1 Hr. |
 |
295 |
 |
 |
TypeScript Snippet #05 |
< 1 Hr. |
 |
324 |
 |
 |
TypeScript Snippet #06 |
< 1 Hr. |
 |
265 |
 |
 |
TypeScript Snippet #07 |
< 1 Hr. |
 |
238 |
 |
 |
TypeScript Snippet #08 |
< 1 Hr. |
 |
269 |
 |
 |
TypeScript Snippet #09 |
< 1 Hr. |
 |
289 |
 |
 |
CVE-2008-4x9x |
< 1 Hr. |
 |
154 |
 |
 |
Log4j RCE II |
1-2 Hr. |
 |
91 |
 |
 |
Log4j RCE |
1-2 Hr. |
 |
219 |
 |
 |
CVE-2021-4379x |
< 1 Hr. |
 |
239 |
 |
 |
API 08 |
< 1 Hr. |
 |
638 |
 |
 |
JDBC RCE |
2-4 Hr. |
 |
34 |
 |
 |
CVE-2008-1x3x |
< 1 Hr. |
 |
230 |
 |
 |
Golang Snippet #12 |
< 1 Hr. |
 |
297 |
 |
 |
TypeScript Snippet #01 |
< 1 Hr. |
 |
424 |
 |
 |
TypeScript Snippet #02 |
< 1 Hr. |
 |
386 |
 |
 |
TypeScript Snippet #03 |
< 1 Hr. |
 |
374 |
 |
 |
API 07 |
< 1 Hr. |
 |
695 |
 |
 |
CVE-2021-40438 |
< 1 Hr. |
 |
183 |
 |
 |
CVE-2021-41773 |
< 1 Hr. |
 |
319 |
 |
 |
CVE-2021-41773 II |
1-2 Hr. |
 |
94 |
 |
 |
HTTP 36 |
< 1 Hr. |
 |
1423 |
 |
 |
HTTP 37 |
< 1 Hr. |
 |
1406 |
 |
 |
HTTP 38 |
< 1 Hr. |
 |
1411 |
 |
 |
HTTP 39 |
< 1 Hr. |
 |
1393 |
 |
 |
HTTP 40 |
< 1 Hr. |
 |
1409 |
 |
 |
CVE-2006-4xxx |
< 1 Hr. |
 |
233 |
 |
 |
CVE-2006-4xxx_ii |
< 1 Hr. |
 |
166 |
 |
 |
PHP Snippet #04 |
< 1 Hr. |
 |
629 |
 |
 |
PHP Snippet #05 |
< 1 Hr. |
 |
578 |
 |
 |
PHP Snippet #06 |
< 1 Hr. |
 |
629 |
 |
 |
API 06 |
< 1 Hr. |
 |
790 |
 |
 |
CVE-2021-37xxx |
< 1 Hr. |
 |
178 |
 |
 |
PHP Snippet #01 |
< 1 Hr. |
 |
987 |
 |
 |
PHP Snippet #02 |
< 1 Hr. |
 |
818 |
 |
 |
PHP Snippet #03 |
< 1 Hr. |
 |
653 |
 |
 |
HTTP 31 |
< 1 Hr. |
 |
1511 |
 |
 |
HTTP 32 |
< 1 Hr. |
 |
1496 |
 |
 |
HTTP 35 |
< 1 Hr. |
 |
1460 |
 |
 |
HTTP 34 |
< 1 Hr. |
 |
1467 |
 |
 |
HTTP 33 |
< 1 Hr. |
 |
1486 |
 |
 |
API 05 |
< 1 Hr. |
 |
974 |
 |
 |
API 04 |
< 1 Hr. |
 |
1024 |
 |
 |
Golang Snippet #02 |
< 1 Hr. |
 |
475 |
 |
 |
Golang Snippet #03 |
< 1 Hr. |
 |
378 |
 |
 |
Golang Snippet #04 |
< 1 Hr. |
 |
445 |
 |
 |
Golang Snippet #05 |
< 1 Hr. |
 |
402 |
 |
 |
Golang Snippet #06 |
< 1 Hr. |
 |
337 |
 |
 |
Golang Snippet #07 |
< 1 Hr. |
 |
363 |
 |
 |
Golang Snippet #08 |
< 1 Hr. |
 |
338 |
 |
 |
Golang Snippet #09 |
< 1 Hr. |
 |
325 |
 |
 |
Golang Snippet #10 |
< 1 Hr. |
 |
342 |
 |
 |
Golang Snippet #11 |
< 1 Hr. |
 |
336 |
 |
 |
Javascript Snippet #01 |
< 1 Hr. |
 |
804 |
 |
 |
Javascript Snippet #02 |
< 1 Hr. |
 |
632 |
 |
 |
Javascript Snippet #03 |
< 1 Hr. |
 |
641 |
 |
 |
Javascript Snippet #04 |
< 1 Hr. |
 |
585 |
 |
 |
Javascript Snippet #05 |
< 1 Hr. |
 |
600 |
 |
 |
Javascript Snippet #06 |
< 1 Hr. |
 |
543 |
 |
 |
Javascript Snippet #07 |
< 1 Hr. |
 |
555 |
 |
 |
Python Snippet #01 |
< 1 Hr. |
 |
784 |
 |
 |
Ruby Snippet #01 |
1-2 Hr. |
 |
243 |
 |
 |
Ruby Snippet #02 |
< 1 Hr. |
 |
267 |
 |
 |
Ruby Snippet #03 |
< 1 Hr. |
 |
288 |
 |
 |
Ruby Snippet #04 |
< 1 Hr. |
 |
259 |
 |
 |
Ruby Snippet #05 |
< 1 Hr. |
 |
278 |
 |
 |
Ruby Snippet #06 |
< 1 Hr. |
 |
265 |
 |
 |
Ruby Snippet #07 |
< 1 Hr. |
 |
222 |
 |
 |
Ruby Snippet #08 |
< 1 Hr. |
 |
242 |
 |
 |
Ruby Snippet #09 |
< 1 Hr. |
 |
226 |
 |
 |
HTTP 26 |
< 1 Hr. |
 |
1652 |
 |
 |
HTTP 27 |
< 1 Hr. |
 |
1625 |
 |
 |
HTTP 28 |
< 1 Hr. |
 |
1598 |
 |
 |
HTTP 29 |
< 1 Hr. |
 |
1559 |
 |
 |
HTTP 30 |
< 1 Hr. |
 |
1525 |
 |
 |
CVE-2020-17xx7 |
< 1 Hr. |
 |
296 |
 |
 |
Ox Remote Code Execution |
2-4 Hr. |
 |
20 |
 |
 |
CVE-2020-9x9x |
< 1 Hr. |
 |
229 |
 |
 |
HTTP 21 |
< 1 Hr. |
 |
1756 |
 |
 |
HTTP 22 |
< 1 Hr. |
 |
1727 |
 |
 |
HTTP 23 |
< 1 Hr. |
 |
1701 |
 |
 |
HTTP 24 |
< 1 Hr. |
 |
1698 |
 |
 |
HTTP 25 |
< 1 Hr. |
 |
1695 |
 |
 |
HTTP 16 |
< 1 Hr. |
 |
1843 |
 |
 |
HTTP 20 |
< 1 Hr. |
 |
1764 |
 |
 |
HTTP 18 |
< 1 Hr. |
 |
1819 |
 |
 |
HTTP 19 |
< 1 Hr. |
 |
1788 |
 |
 |
HTTP 17 |
< 1 Hr. |
 |
1830 |
 |
 |
CVE-2020-17xx8 |
< 1 Hr. |
 |
205 |
 |
 |
CVE-2021-22204: Exiftool RCE |
1-2 Hr. |
 |
106 |
 |
 |
SSRF via FFMPEG II |
< 1 Hr. |
 |
84 |
 |
 |
API 03 |
< 1 Hr. |
 |
1028 |
 |
 |
CVE-2020-11xxx |
< 1 Hr. |
 |
223 |
 |
 |
OAuth2: Authorization Server XSS II |
< 1 Hr. |
 |
175 |
 |
 |
HTTP 11 |
< 1 Hr. |
 |
1987 |
 |
 |
HTTP 15 |
< 1 Hr. |
 |
1916 |
 |
 |
HTTP 12 |
< 1 Hr. |
 |
1970 |
 |
 |
HTTP 13 |
< 1 Hr. |
 |
1939 |
 |
 |
HTTP 14 |
< 1 Hr. |
 |
1920 |
 |
 |
API 02 |
< 1 Hr. |
 |
1484 |
 |
 |
Express Local File Read |
< 1 Hr. |
 |
217 |
 |
 |
OAuth2: Authorization Server XSS |
< 1 Hr. |
 |
223 |
 |
 |
HTTP 10 |
< 1 Hr. |
 |
2078 |
 |
 |
HTTP 09 |
< 1 Hr. |
 |
2112 |
 |
 |
HTTP 07 |
< 1 Hr. |
 |
2209 |
 |
 |
HTTP 06 |
< 1 Hr. |
 |
2229 |
 |
 |
HTTP 08 |
< 1 Hr. |
 |
2140 |
 |
 |
HTTP 03 |
< 1 Hr. |
 |
2450 |
 |
 |
HTTP 04 |
< 1 Hr. |
 |
2378 |
 |
 |
HTTP 05 |
< 1 Hr. |
 |
2332 |
 |
 |
HTTP 02 |
< 1 Hr. |
 |
2549 |
 |
 |
HTTP 01 |
< 1 Hr. |
 |
2713 |
 |
 |
API 01 |
< 1 Hr. |
 |
1838 |
 |
 |
JSON Web Token XIII |
< 1 Hr. |
 |
84 |
 |
 |
SAML: Comment Injection II |
< 1 Hr. |
 |
344 |
 |
 |
Recon 24 |
< 1 Hr. |
 |
2225 |
 |
 |
Recon 25 |
1-2 Hr. |
 |
1386 |
 |
 |
Recon 26 |
< 1 Hr. |
 |
2216 |
 |
 |
SSRF via FFMPEG |
1-2 Hr. |
 |
173 |
 |
 |
SAML: Signature Wrapping II |
< 1 Hr. |
 |
254 |
 |
 |
RCE via argument injection |
2-4 Hr. |
 |
24 |
 |
 |
Code Review 16 |
< 1 Hr. |
 |
109 |
 |
 |
SAML: Signature Wrapping |
< 1 Hr. |
 |
336 |
 |
 |
Recon 20 |
< 1 Hr. |
 |
2407 |
 |
 |
Recon 21 |
< 1 Hr. |
 |
2369 |
 |
 |
Recon 22 |
< 1 Hr. |
 |
2231 |
 |
 |
Recon 23 |
< 1 Hr. |
 |
2249 |
 |
 |
SAML: SAMLResponse forwarding |
< 1 Hr. |
 |
294 |
 |
 |
CGI and Signature |
< 1 Hr. |
 |
124 |
 |
 |
Recon 17 |
< 1 Hr. |
 |
2574 |
 |
 |
Recon 18 |
< 1 Hr. |
 |
2436 |
 |
 |
Recon 19 |
< 1 Hr. |
 |
2258 |
 |
 |
Code Review 15 |
< 1 Hr. |
 |
110 |
 |
 |
Code Review 14 |
< 1 Hr. |
 |
118 |
 |
 |
CVE-2020-14343: PyYAML unsafe loader |
< 1 Hr. |
 |
192 |
 |
 |
OAuth2: State Fixation |
1-2 Hr. |
 |
263 |
 |
 |
Code Review 13 |
2-4 Hr. |
 |
72 |
 |
 |
CVE-2020-7115: Aruba Clearpass RCE |
1-2 Hr. |
 |
128 |
 |
 |
Code Review 12 |
< 1 Hr. |
 |
155 |
 |
 |
OAuth2: Predictable State II |
1-2 Hr. |
 |
184 |
 |
 |
Recon 13 |
< 1 Hr. |
 |
3099 |
 |
 |
Recon 14 |
< 1 Hr. |
 |
2817 |
 |
 |
Recon 15 |
< 1 Hr. |
 |
2403 |
 |
 |
Recon 16 |
< 1 Hr. |
 |
2612 |
 |
 |
EDDSA vulnerability in Monocypher |
1-2 Hr. |
 |
84 |
 |
 |
Code Review 11 |
2-4 Hr. |
 |
45 |
 |
 |
OAuth2: Predictable State |
2-4 Hr. |
 |
200 |
 |
 |
Code Review 10 |
< 1 Hr. |
 |
115 |
 |
 |
Recon 11 |
< 1 Hr. |
 |
2717 |
 |
 |
Recon 12 |
< 1 Hr. |
 |
3109 |
 |
 |
Unicode and NFKC |
< 1 Hr. |
 |
189 |
 |
 |
SAML: Trusted Embedded Key |
< 1 Hr. |
 |
316 |
 |
 |
Recon 06 |
< 1 Hr. |
 |
5393 |
 |
 |
Recon 07 |
< 1 Hr. |
 |
4779 |
 |
 |
Recon 08 |
< 1 Hr. |
 |
4281 |
 |
 |
CVE-2020-8163: Rails local name RCE |
2-4 Hr. |
 |
154 |
 |
 |
SAML: Known Key |
1-2 Hr. |
 |
314 |
 |
 |
Code Review 09 |
1-2 Hr. |
 |
82 |
 |
 |
Recon 04 |
< 1 Hr. |
 |
7185 |
 |
 |
Recon 05 |
< 1 Hr. |
 |
5422 |
 |
 |
Recon 01 |
< 1 Hr. |
 |
9532 |
 |
 |
OAuth2: Client Server XSS |
1-2 Hr. |
 |
254 |
 |
 |
Zip symlink |
< 1 Hr. |
 |
419 |
 |
 |
Code Review 08 |
1-2 Hr. |
 |
106 |
 |
 |
SAML: Comment Injection |
< 1 Hr. |
 |
1146 |
 |
 |
Unicode and Downcase |
< 1 Hr. |
 |
431 |
 |
 |
Code Review 07 |
1-2 Hr. |
 |
110 |
 |
 |
Java Serialize 01 |
< 1 Hr. |
 |
256 |
 |
 |
Unicode and Uppercase |
< 1 Hr. |
 |
488 |
 |
 |
Code Review 06 |
2-4 Hr. |
 |
53 |
 |
 |
Cross-Site Leak |
2-4 Hr. |
 |
452 |
 |
 |
From SQL injection to Shell III: PostgreSQL Edition |
2-4 Hr. |
 |
122 |
 |
 |
OAuth2: Client CSRF II |
2-4 Hr. |
 |
363 |
 |
 |
XSS Include |
< 1 Hr. |
 |
1027 |
 |
 |
OAuth2: Client CSRF |
< 1 Hr. |
 |
747 |
 |
 |
Code Review 05 |
2-4 Hr. |
 |
84 |
 |
 |
Code Review 04 |
1-2 Hr. |
 |
185 |
 |
 |
JS Prototype Pollution |
< 1 Hr. |
 |
659 |
 |
 |
OAuth2: Authorization Server CSRF |
1-2 Hr. |
 |
872 |
 |
 |
Code Review 03 |
2-4 Hr. |
 |
99 |
 |
 |
SSRF in PDF generation |
< 1 Hr. |
 |
677 |
 |
 |
OAuth2: Github HTTP HEAD |
1-2 Hr. |
 |
357 |
 |
 |
SVG XSS |
< 1 Hr. |
 |
1399 |
 |
 |
Apache Pluto RCE |
< 1 Hr. |
 |
397 |
 |
 |
JSON Cross-Site Request Forgery |
< 1 Hr. |
 |
1203 |
 |
 |
Cross-Site Request Forgery |
< 1 Hr. |
 |
1305 |
 |
 |
Code Review 02 |
1-2 Hr. |
 |
222 |
 |
 |
postMessage() IV |
< 1 Hr. |
 |
753 |
 |
 |
Spring Actuators |
1-2 Hr. |
 |
210 |
 |
 |
postMessage() III |
1-2 Hr. |
 |
767 |
 |
 |
postMessage() II |
< 1 Hr. |
 |
850 |
 |
 |
PHP phar:// |
< 1 Hr. |
 |
261 |
 |
 |
Signing Oracle |
< 1 Hr. |
 |
614 |
 |
 |
Length Extension Attack |
1-2 Hr. |
 |
544 |
 |
 |
JSON Web Encryption |
< 1 Hr. |
 |
395 |
 |
 |
postMessage() |
< 1 Hr. |
 |
962 |
 |
 |
CVE-2019-5418 |
1-2 Hr. |
 |
368 |
 |
 |
Cross-Site WebSocket Hijacking |
< 1 Hr. |
 |
885 |
 |
 |
JWT XII |
1-2 Hr. |
 |
502 |
 |
 |
Cross-Origin Resource Sharing II |
< 1 Hr. |
 |
831 |
 |
 |
JWT XI |
1-2 Hr. |
 |
500 |
 |
 |
cve-2019-5420 II |
1-2 Hr. |
 |
413 |
 |
 |
OAuth2: Client OpenRedirect |
< 1 Hr. |
 |
671 |
 |
 |
CVE-2019-5420 |
2-4 Hr. |
 |
662 |
 |
 |
JWT X |
< 1 Hr. |
 |
568 |
 |
 |
GraphQL: SQL Injection |
1-2 Hr. |
 |
1022 |
 |
 |
OAuth2: Authorization Server OpenRedirect |
< 1 Hr. |
 |
770 |
 |
 |
JWT IX |
< 1 Hr. |
 |
662 |
 |
 |
Gogs RCE II |
< 1 Hr. |
 |
443 |
 |
 |
JWT VIII |
1-2 Hr. |
 |
711 |
 |
 |
SAML: Signature Stripping |
< 1 Hr. |
 |
1517 |
 |
 |
GraphQL Introspection |
< 1 Hr. |
 |
1771 |
 |
 |
Gogs RCE |
1-2 Hr. |
 |
504 |
 |
 |
Android 07 |
1-2 Hr. |
 |
1089 |
 |
 |
Android 06 |
1-2 Hr. |
 |
1270 |
 |
 |
Android 05 |
1-2 Hr. |
 |
1507 |
 |
 |
Ruby 2.x Universal RCE Deserialization Gadget Chain |
< 1 Hr. |
 |
1089 |
 |
 |
CVE-2018-10933: LibSSH auth bypass |
-- |
 |
0 |
 |
 |
Android 04 |
< 1 Hr. |
 |
1933 |
 |
 |
Android 03 |
< 1 Hr. |
 |
2617 |
 |
 |
From SQL injection to Shell III |
1-2 Hr. |
 |
846 |
 |
 |
Android 02 |
< 1 Hr. |
 |
2850 |
 |
 |
IDOR to Shell |
1-2 Hr. |
 |
789 |
 |
 |
Android 01 |
< 1 Hr. |
 |
3040 |
 |
 |
Introduction to CSP |
< 1 Hr. |
 |
2072 |
 |
 |
CVE-2018-11235: Git Submodule RCE |
2-4 Hr. |
 |
414 |
 |
 |
Git Information Leak II |
< 1 Hr. |
 |
2103 |
 |
 |
Git Information Leak |
< 1 Hr. |
 |
2784 |
 |
 |
JWT VII |
< 1 Hr. |
 |
2657 |
 |
 |
CVE-2016-5386: HTTPoxy/Golang HTTProxy namespace conflict |
< 1 Hr. |
 |
741 |
 |
 |
Unix 31 |
< 1 Hr. |
 |
11829 |
 |
 |
Unix 30 |
< 1 Hr. |
 |
11869 |
 |
 |
Unix 25 |
< 1 Hr. |
 |
12421 |
 |
 |
Unix 32 |
< 1 Hr. |
 |
11813 |
 |
 |
Unix 34 |
< 1 Hr. |
 |
11758 |
 |
 |
Unix 33 |
< 1 Hr. |
 |
11790 |
 |
 |
Unix 27 |
< 1 Hr. |
 |
12275 |
 |
 |
Unix 29 |
< 1 Hr. |
 |
12211 |
 |
 |
Unix 28 |
< 1 Hr. |
 |
12228 |
 |
 |
Unix 26 |
< 1 Hr. |
 |
12345 |
 |
 |
CBC-MAC II |
1-2 Hr. |
 |
1399 |
 |
 |
JWT VI |
< 1 Hr. |
 |
2049 |
 |
 |
CVE-2018-6574: go get RCE |
< 1 Hr. |
 |
722 |
 |
 |
Unix 11 |
< 1 Hr. |
 |
16488 |
 |
 |
Unix 12 |
< 1 Hr. |
 |
16037 |
 |
 |
Unix 13 |
< 1 Hr. |
 |
15361 |
 |
 |
Unix 14 |
< 1 Hr. |
 |
15008 |
 |
 |
Unix 15 |
< 1 Hr. |
 |
13726 |
 |
 |
Unix 16 |
< 1 Hr. |
 |
13425 |
 |
 |
Unix 17 |
< 1 Hr. |
 |
13639 |
 |
 |
Unix 18 |
< 1 Hr. |
 |
13576 |
 |
 |
Unix 19 |
< 1 Hr. |
 |
13490 |
 |
 |
Unix 20 |
< 1 Hr. |
 |
12661 |
 |
 |
Unix 21 |
< 1 Hr. |
 |
12809 |
 |
 |
Unix 22 |
< 1 Hr. |
 |
12689 |
 |
 |
Unix 23 |
< 1 Hr. |
 |
12493 |
 |
 |
Unix 24 |
< 1 Hr. |
 |
12427 |
 |
 |
JWT V |
< 1 Hr. |
 |
2449 |
 |
 |
CVE-2018-0114 |
2-4 Hr. |
 |
1482 |
 |
 |
JWT IV |
< 1 Hr. |
 |
2173 |
 |
 |
CBC-MAC |
1-2 Hr. |
 |
1359 |
 |
 |
JWT III |
1-2 Hr. |
 |
2328 |
 |
 |
Code Execution 09 |
< 1 Hr. |
 |
9050 |
 |
 |
Server Side Template Injection 02 |
< 1 Hr. |
 |
7104 |
 |
 |
MongoDB Injection 02 |
1-2 Hr. |
 |
7141 |
 |
 |
Authorization 06 |
< 1 Hr. |
 |
12232 |
 |
 |
Code Execution 08 |
< 1 Hr. |
 |
9145 |
 |
 |
Authorization 04 |
< 1 Hr. |
 |
13211 |
 |
 |
Authorization 05 |
< 1 Hr. |
 |
12737 |
 |
 |
Command Execution 03 |
< 1 Hr. |
 |
9416 |
 |
 |
Server Side Template Injection 01 |
< 1 Hr. |
 |
7096 |
 |
 |
Code Execution 05 |
< 1 Hr. |
 |
10438 |
 |
 |
Code Execution 06 |
< 1 Hr. |
 |
10210 |
 |
 |
Code Execution 07 |
< 1 Hr. |
 |
9995 |
 |
 |
Introduction to code review |
-- |
 |
0 |
 |
 |
S2-052 |
< 1 Hr. |
 |
2103 |
 |
 |
SQL Injection 06 |
< 1 Hr. |
 |
7741 |
 |
 |
XML Attacks 01 |
< 1 Hr. |
 |
7515 |
 |
 |
XML Attacks 02 |
< 1 Hr. |
 |
7130 |
 |
 |
SQL Injection 04 |
< 1 Hr. |
 |
8199 |
 |
 |
SQL Injection 05 |
< 1 Hr. |
 |
8127 |
 |
 |
SQL Injection 01 |
< 1 Hr. |
 |
9077 |
 |
 |
SQL Injection 02 |
< 1 Hr. |
 |
8787 |
 |
 |
SQL Injection 03 |
< 1 Hr. |
 |
8574 |
 |
 |
Code Execution 02 |
< 1 Hr. |
 |
11539 |
 |
 |
Authorization 03 |
< 1 Hr. |
 |
14078 |
 |
 |
Command Execution 01 |
< 1 Hr. |
 |
9819 |
 |
 |
Command Execution 02 |
< 1 Hr. |
 |
9525 |
 |
 |
Server Side Request Forgery 04 |
< 1 Hr. |
 |
8063 |
 |
 |
Open Redirect 01 |
< 1 Hr. |
 |
8314 |
 |
 |
Open Redirect 02 |
< 1 Hr. |
 |
8042 |
 |
 |
MongoDB Injection 01 |
< 1 Hr. |
 |
8456 |
 |
 |
SAML: Introduction |
< 1 Hr. |
 |
2090 |
 |
 |
Server Side Request Forgery 02 |
< 1 Hr. |
 |
8359 |
 |
 |
Server Side Request Forgery 03 |
< 1 Hr. |
 |
8332 |
 |
 |
Server Side Request Forgery 01 |
< 1 Hr. |
 |
8504 |
 |
 |
XSS 09 |
< 1 Hr. |
 |
7549 |
 |
 |
XSS 10 |
< 1 Hr. |
 |
7001 |
 |
 |
Directory Traversal 01 |
< 1 Hr. |
 |
9934 |
 |
 |
Directory Traversal 02 |
< 1 Hr. |
 |
9779 |
 |
 |
Directory Traversal 03 |
< 1 Hr. |
 |
9676 |
 |
 |
XSS 02 |
< 1 Hr. |
 |
8871 |
 |
 |
XSS 03 |
< 1 Hr. |
 |
8570 |
 |
 |
XSS 04 |
< 1 Hr. |
 |
8147 |
 |
 |
XSS 05 |
< 1 Hr. |
 |
7922 |
 |
 |
XSS 06 |
< 1 Hr. |
 |
7890 |
 |
 |
XSS 07 |
< 1 Hr. |
 |
7757 |
 |
 |
XSS 08 |
< 1 Hr. |
 |
7644 |
 |
 |
File Upload 01 |
< 1 Hr. |
 |
7738 |
 |
 |
File Upload 02 |
< 1 Hr. |
 |
7647 |
 |
 |
XSS 01 |
< 1 Hr. |
 |
9189 |
 |
 |
Authentication 05 |
< 1 Hr. |
 |
14422 |
 |
 |
Code Execution 03 |
< 1 Hr. |
 |
10990 |
 |
 |
Code Execution 04 |
< 1 Hr. |
 |
10792 |
 |
 |
File Include 01 |
< 1 Hr. |
 |
9251 |
 |
 |
File Include 02 |
< 1 Hr. |
 |
9044 |
 |
 |
LDAP 01 |
< 1 Hr. |
 |
8955 |
 |
 |
LDAP 02 |
< 1 Hr. |
 |
8597 |
 |
 |
Authentication 04 |
< 1 Hr. |
 |
15077 |
 |
 |
Authentication 01 |
< 1 Hr. |
 |
16365 |
 |
 |
Authentication 02 |
< 1 Hr. |
 |
15815 |
 |
 |
Authentication 03 |
< 1 Hr. |
 |
15358 |
 |
 |
Authorization 01 |
< 1 Hr. |
 |
14558 |
 |
 |
Authorization 02 |
< 1 Hr. |
 |
14283 |
 |
 |
Code Execution 01 |
< 1 Hr. |
 |
12235 |
 |
 |
CVE-2016-10033: PHPMailer RCE |
< 1 Hr. |
 |
3148 |
 |
 |
Cipher block chaining |
1-2 Hr. |
 |
2436 |
 |
 |
Struts s2-045 |
< 1 Hr. |
 |
2347 |
 |
 |
CVE-2016-2098 |
< 1 Hr. |
 |
3065 |
 |
 |
CVE-2014-4511: Gitlist RCE |
-- |
 |
0 |
 |
 |
ECDSA |
2-4 Hr. |
 |
310 |
 |
 |
Werkzeug DEBUG |
< 1 Hr. |
 |
1401 |
 |
 |
Padding Oracle |
1-2 Hr. |
 |
752 |
 |
 |
Unickle |
1-2 Hr. |
 |
603 |
 |
 |
CVE-2015-3224 |
< 1 Hr. |
 |
1406 |
 |
 |
Luhn |
2-4 Hr. |
 |
549 |
 |
 |
CVE-2013-0156: Rails Object Injection |
< 1 Hr. |
 |
3506 |
 |
 |
JSON Web Token II |
1-2 Hr. |
 |
3089 |
 |
 |
CVE-2016-0792 |
< 1 Hr. |
 |
4119 |
 |
 |
ObjectInputStream |
< 1 Hr. |
 |
3765 |
 |
 |
XMLDecoder |
< 1 Hr. |
 |
4598 |
 |
 |
CVE-2014-1266 |
1-2 Hr. |
 |
1014 |
 |
 |
CVE-2011-0228 |
1-2 Hr. |
 |
1167 |
 |
 |
Intercept 03 |
< 1 Hr. |
 |
1429 |
 |
 |
Intercept 02 |
< 1 Hr. |
 |
1570 |
 |
 |
Intercept 01 |
1-2 Hr. |
 |
1730 |
 |
 |
Struts devMode |
-- |
 |
0 |
 |
 |
JSON Web Token |
< 1 Hr. |
 |
8539 |
 |
 |
Cross-Origin Resource Sharing |
-- |
 |
0 |
 |
 |
API to Shell |
2-4 Hr. |
 |
2993 |
 |
 |
Pickle Code Execution |
< 1 Hr. |
 |
5544 |
 |
 |
Play XML Entities |
1-2 Hr. |
 |
1910 |
 |
 |
CVE-2014-6271/Shellshock |
< 1 Hr. |
 |
7730 |
 |
 |
Play Session Injection |
< 1 Hr. |
 |
2416 |
 |
 |
CVE-2007-1860: mod_jk double-decoding |
1-2 Hr. |
 |
5306 |
 |
 |
XSS and MySQL FILE |
-- |
 |
0 |
 |
 |
Electronic Code Book |
1-2 Hr. |
 |
5066 |
 |
 |
Web for Pentester II |
-- |
 |
0 |
 |
 |
From SQL Injection to Shell II |
-- |
 |
0 |
 |
 |
CVE-2012-6081: MoinMoin code execution |
-- |
 |
0 |
 |
 |
Web for Pentester |
-- |
 |
0 |
 |
 |
Axis2 Web service and Tomcat Manager |
-- |
 |
0 |
 |
 |
CVE-2008-1930: Wordpress 2.5 Cookie Integrity Protection Vulnerability |
-- |
 |
0 |
 |
 |
From SQL Injection to Shell: PostgreSQL edition |
-- |
 |
0 |
 |
 |
Rack Cookies and Commands injection |
-- |
 |
0 |
 |
 |
Linux Host Review |
-- |
 |
0 |
 |
 |
CVE-2012-2661: ActiveRecord SQL injection |
-- |
 |
0 |
 |
 |
CVE-2012-1823: PHP CGI |
-- |
 |
0 |
 |
 |
PHP Include And Post Exploitation |
-- |
 |
0 |
 |
 |
From SQL Injection to Shell |
< 1 Hr. |
 |
7064 |
 |
 |
Code Review 01 |
1-2 Hr. |
 |
352 |
 |
 |
Introduction 01 |
< 1 Hr. |
 |
24284 |
 |
 |
Recon 00 |
< 1 Hr. |
 |
9505 |
 |
 |
Introduction 02 |
< 1 Hr. |
 |
24008 |
 |
 |
Recon 02 |
< 1 Hr. |
 |
7819 |
 |
 |
Introduction 03 |
< 1 Hr. |
 |
23514 |
 |
 |
Recon 03 |
< 1 Hr. |
 |
6962 |
 |
 |
Introduction 00 |
< 1 Hr. |
 |
25060 |
 |
 |
Recon 10 |
< 1 Hr. |
 |
3009 |
 |
 |
Recon 09 |
< 1 Hr. |
 |
4795 |
 |
 |
Code Review 17 |
1-2 Hr. |
 |
52 |
 |
 |
Unix 00 |
< 1 Hr. |
 |
21300 |
 |
 |
Unix 01 |
< 1 Hr. |
 |
20818 |
 |
 |
Unix 02 |
< 1 Hr. |
 |
20607 |
 |
 |
Unix 03 |
< 1 Hr. |
 |
20347 |
 |
 |
Unix 04 |
< 1 Hr. |
 |
20076 |
 |
 |
Unix 05 |
< 1 Hr. |
 |
19105 |
 |
 |
Unix 06 |
< 1 Hr. |
 |
18340 |
 |
 |
Unix 07 |
< 1 Hr. |
 |
18037 |
 |
 |
Unix 08 |
< 1 Hr. |
 |
17765 |
 |
 |
Unix 09 |
< 1 Hr. |
 |
17232 |
 |
 |
Unix 10 |
< 1 Hr. |
 |
16787 |
 |
 |
PCAP 01 |
< 1 Hr. |
 |
6435 |
 |
 |
PCAP 02 |
< 1 Hr. |
 |
6279 |
 |
 |
PCAP 03 |
< 1 Hr. |
 |
6197 |
 |
 |
PCAP 04 |
< 1 Hr. |
 |
5963 |
 |
 |
PCAP 05 |
< 1 Hr. |
 |
5860 |
 |
 |
PCAP 06 |
< 1 Hr. |
 |
5771 |
 |
 |
PCAP 07 |
< 1 Hr. |
 |
5715 |
 |
 |
PCAP 08 |
< 1 Hr. |
 |
5669 |
 |
 |
PCAP 09 |
< 1 Hr. |
 |
5640 |
 |
 |
PCAP 10 |
< 1 Hr. |
 |
5344 |
 |
 |
PCAP 11 |
< 1 Hr. |
 |
5337 |
 |
 |
PCAP 12 |
< 1 Hr. |
 |
5322 |
 |
 |
PCAP 13 |
< 1 Hr. |
 |
5373 |
 |
 |
Java Snippet #01 |
< 1 Hr. |
 |
612 |
 |
 |
PCAP 14 |
< 1 Hr. |
 |
5356 |
 |
 |
Java Snippet #02 |
< 1 Hr. |
 |
539 |
 |
 |
PCAP 15 |
< 1 Hr. |
 |
5345 |
 |
 |
Java Snippet #03 |
< 1 Hr. |
 |
496 |
 |
 |
PCAP 16 |
< 1 Hr. |
 |
5320 |
 |
 |
PCAP 17 |
< 1 Hr. |
 |
5268 |
 |
 |
PCAP 18 |
< 1 Hr. |
 |
5264 |
 |
 |
PCAP 19 |
< 1 Hr. |
 |
5244 |
 |
 |
PCAP 20 |
< 1 Hr. |
 |
5145 |
 |
 |
PCAP 21 |
< 1 Hr. |
 |
5094 |
 |
 |
PCAP 22 |
< 1 Hr. |
 |
5081 |
 |
 |
PCAP 23 |
< 1 Hr. |
 |
5072 |
 |
 |
PCAP 24 |
< 1 Hr. |
 |
5060 |
 |
 |
PCAP 25 |
< 1 Hr. |
 |
5063 |
 |
 |
PCAP 26 |
< 1 Hr. |
 |
5061 |
 |
 |
PCAP 27 |
< 1 Hr. |
 |
5011 |
 |
 |
PCAP 28 |
< 1 Hr. |
 |
4991 |
 |
 |
PCAP 29 |
< 1 Hr. |
 |
4978 |
 |
 |
PCAP 30 |
< 1 Hr. |
 |
4953 |
 |
 |
PCAP 31 |
< 1 Hr. |
 |
4934 |
 |
 |
PCAP 32 |
< 1 Hr. |
 |
4863 |
 |
 |
CVE-2021-4xx50 |
< 1 Hr. |
 |
321 |
 |
 |
PCAP 33 |
< 1 Hr. |
 |
4775 |
 |
 |
PCAP 34 |
< 1 Hr. |
 |
4838 |
 |
 |
PCAP 35 |
< 1 Hr. |
 |
4901 |
 |
 |
Android 08 |
1-2 Hr. |
 |
1029 |
 |
No search results found... |