PentesterLab will help you
Category:
Unicode and NFKC
Brown Badge
SAML: Trusted Embedded Key
Authentication / Authorization Badge
Recon 06
Recon Badge
Recon 07
Recon Badge
Recon 08
Recon Badge
CVE-2020-8163: Rails local name RCE
Brown Badge
SAML: Known Key
Authentication / Authorization Badge
Code Review 09
Code Review Badge
Recon 04
Recon Badge
Recon 05
Recon Badge
Recon 01
Recon Badge
OAuth2: Client Server XSS
Authentication / Authorization Badge
Zip symlink
Brown Badge
Code Review 08
Code Review Badge
SAML: Comment Injection
Authentication / Authorization Badge
Unicode and Downcase
Brown Badge
Code Review 07
Code Review Badge
Java Serialize 01
Java Serialize Badge
Unicode and Uppercase
Brown Badge
Code Review 06
Code Review Badge
Cross-Site Leak
Orange Badge
From SQL injection to Shell III: PostgreSQL Edition
Brown Badge
OAuth2: Client CSRF II
Authentication / Authorization Badge
XSS Include
Orange Badge
OAuth2: Client CSRF
Authentication / Authorization Badge
Code Review 05
Code Review Badge
Code Review 04
Code Review Badge
JS Prototype Pollution
Brown Badge
OAuth2: Authorization Server CSRF
Authentication / Authorization Badge
Code Review 03
Code Review Badge
SSRF in PDF generation
Brown Badge
OAuth2: Github HTTP HEAD
Authentication / Authorization Badge
SVG XSS
Orange Badge
Apache Pluto RCE
Brown Badge
JSON Cross-Site Request Forgery
Orange Badge
Cross-Site Request Forgery
Orange Badge
Code Review 02
Code Review Badge
postMessage() IV
Orange Badge
Spring Actuators
Brown Badge
postMessage() III
Orange Badge
postMessage() II
Orange Badge
PHP phar://
Brown Badge
Signing Oracle
Brown Badge
Length Extension Attack
Green Badge
JSON Web Encryption
Brown Badge
postMessage()
Orange Badge
CVE-2019-5418
Green Badge
Cross-Site WebSocket Hijacking
Orange Badge
JWT XII
Green Badge
Cross-Origin Resource Sharing II
Orange Badge
JWT XI
Green Badge
cve-2019-5420 II
Green Badge
OAuth2: Client OpenRedirect
Authentication / Authorization Badge
CVE-2019-5420
Green Badge
JWT X
Green Badge
GraphQL: SQL Injection
Green Badge
OAuth2: Authorization Server OpenRedirect
Authentication / Authorization Badge
JWT IX
Green Badge
Gogs RCE II
Green Badge
JWT VIII
Green Badge
SAML: Signature Stripping
Authentication / Authorization Badge
GraphQL Introspection
Green Badge
Gogs RCE
Green Badge
Android 07
Android Badge
Android 06
Android Badge
Android 05
Android Badge
Ruby 2.x Universal RCE Deserialization Gadget Chain
Green Badge
CVE-2018-10933: LibSSH auth bypass
Android 04
Android Badge
Android 03
Android Badge
From SQL injection to Shell III
Green Badge
Android 02
Android Badge
IDOR to Shell
Green Badge
Android 01
Android Badge
Introduction to CSP
Orange Badge
CVE-2018-11235: Git Submodule RCE
Orange Badge
Git Information Leak II
Blue Badge
Git Information Leak
Blue Badge
JWT VII
Blue Badge
CVE-2016-5386: HTTPoxy/Golang HTTProxy namespace conflict
Orange Badge
CBC-MAC II
Blue Badge
JWT VI
Blue Badge
CVE-2018-6574: go get RCE
Orange Badge
JWT V
Blue Badge
CVE-2018-0114
Blue Badge
JWT IV
Blue Badge
CBC-MAC
Blue Badge
JWT III
Blue Badge
Introduction to code review
S2-052
Blue Badge
SAML: Introduction
Authentication / Authorization Badge
CVE-2016-10033: PHPMailer RCE
Yellow Badge
Cipher block chaining
Yellow Badge
Struts s2-045
Yellow Badge
CVE-2016-2098
Yellow Badge
CVE-2014-4511: Gitlist RCE
ECDSA
Capture-The-Flag Badge
Werkzeug DEBUG
Capture-The-Flag Badge
Padding Oracle
Capture-The-Flag Badge
Unickle
Capture-The-Flag Badge
CVE-2015-3224
Capture-The-Flag Badge
Luhn
Capture-The-Flag Badge
CVE-2013-0156: Rails Object Injection
Serialize Badge
JSON Web Token II
Yellow Badge
CVE-2016-0792
Serialize Badge
ObjectInputStream
Serialize Badge
XMLDecoder
Serialize Badge
CVE-2014-1266
Intercept Badge
CVE-2011-0228
Intercept Badge
Intercept 03
Intercept Badge
Intercept 02
Intercept Badge
Intercept 01
Intercept Badge
Struts devMode
JSON Web Token
White Badge
Cross-Origin Resource Sharing
API to Shell
Serialize Badge
Pickle Code Execution
White Badge
Play XML Entities
Yellow Badge
CVE-2014-6271/Shellshock
White Badge
Play Session Injection
Yellow Badge
CVE-2007-1860: mod_jk double-decoding
White Badge
XSS and MySQL FILE
Electronic Code Book
White Badge
Web for Pentester II
From SQL Injection to Shell II
CVE-2012-6081: MoinMoin code execution
Web for Pentester
Axis2 Web service and Tomcat Manager
CVE-2008-1930: Wordpress 2.5 Cookie Integrity Protection Vulnerability
From SQL Injection to Shell: PostgreSQL edition
Rack Cookies and Commands injection
Linux Host Review
CVE-2012-2661: ActiveRecord SQL injection
CVE-2012-1823: PHP CGI
PHP Include And Post Exploitation
From SQL Injection to Shell
White Badge
Code Review 01
Code Review Badge
Recon 00
Recon Badge
Recon 02
Recon Badge
Recon 03
Recon Badge