Exercises
| Exercise | Avg. Time | Difficulty | Solved by | Tier | |
|---|---|---|---|---|---|
|
API Mass-Assignment 03 | < 1 Hr. |  |
368 | PRO |
|
|
API Mass-Assignment 01 | < 1 Hr. | |
425 | PRO |
|
|
API Mass-Assignment 02 | < 1 Hr. | |
400 | PRO |
|
|
API JWT REVOCATION
JWT
This exercise covers how to bypass a weak JWT Revocation Mechanism.
|
< 1 Hr. |  |
413 | PRO |
|
|
API 20
This exercise covers how to exploit an authorization issue in an API.
|
< 1 Hr. | |
466 | PRO |
|
|
API 19
This exercise covers how to exploit an authorization issue in an API.
|
< 1 Hr. | |
486 | PRO |
|
|
API 18
This exercise covers how to exploit an authorization issue in an API.
|
< 1 Hr. | |
497 | PRO |
|
|
API 17
This exercise covers how to exploit an authorization issue in an API.
|
< 1 Hr. | |
408 | PRO |
|
|
API 16
This exercise covers how to exploit an authorization issue in an API.
|
< 1 Hr. | |
438 | PRO |
|
|
API 15
This exercise covers how to exploit a leaked encrypted password with an API.
|
< 1 Hr. |  |
572 | PRO |
|
|
API 13
This exercise covers a complex filter bypass in API.
|
< 1 Hr. | |
572 | PRO |
|
|
API 14
This exercise covers how to exploit a leaked encrypted password with an API.
|
< 1 Hr. | |
656 | PRO |
|
|
API 12
This exercise covers a common filter bypass in API.
|
< 1 Hr. | |
639 | PRO |
|
|
API 11
This exercise covers a common filter bypass in API.
|
< 1 Hr. | |
675 | PRO |
|
|
API 10
This exercise covers a common filter bypass in API.
|
< 1 Hr. | |
739 | PRO |
|
|
API 09
This exercise covers how one can inspect HTTP responses to identify information leaks.
|
< 1 Hr. | |
875 | PRO |
|
|
API Payments 07
This exercise covers a way to manipulate a shopping cart to lower the total amount
|
< 1 Hr. | |
897 | PRO |
|
|
API Payments 06
This exercise covers a simple payments bypass.
|
< 1 Hr. | |
931 | PRO |
|
|
API Payments 05
This exercise covers how to abuse a shopping cart allowing users to apply a voucher.
|
< 1 Hr. | |
888 | PRO |
|
|
API Payments 04
This exercise covers how to abuse a shopping cart allowing users to apply a voucher..
|
< 1 Hr. | |
1189 | PRO |
|
|
API Payments 03
This exercise covers a simple payments bypass.
|
< 1 Hr. | |
1296 | PRO |
|
|
API Payments 02
This exercise covers a simple payments bypass.
|
< 1 Hr. | |
1460 | PRO |
|
|
API Payments 01
API
This exercise covers a simple payments bypass.
|
< 1 Hr. | |
1894 | PRO |
|
|
API 08
This exercise covers how one can inspect HTTP responses to identify information leaks.
|
< 1 Hr. | |
1677 | PRO |
|
|
API 07
API
Angular
This exercise covers how one can inspect JavaScript code to identify information leak.
|
< 1 Hr. | |
1847 | PRO |
|
|
API 06
API
Angular
This exercise covers how one can inspect JavaScript code to identify unused endpoints.
|
< 1 Hr. | |
1980 | PRO |
|
|
API 05
API
Angular
This exercise covers how one can inspect JavaScript code to identify unused endpoints.
|
< 1 Hr. | |
2288 | PRO |
|
|
API 04
API
Angular
This exercise covers how one can inspect JavaScript code to identify unused endpoints.
|
< 1 Hr. | |
2480 | PRO |
|
|
API 03
API
This exercise is the API version of an exercise you already solved in another badge. You should use it to get more confident with discovering vulnerabilities without any hint on what to look for.
|
< 1 Hr. | |
2449 | PRO |
|
|
API 02
API
This exercise is the API version of an exercise you already solved in another badge. You should use it to get more confident with discovering vulnerabilities without any hint on what to look for.
|
< 1 Hr. | |
3010 | PRO |
Showing 1–30 of 32 exercises
Free Labs of the Month
