Exercises
| Exercise | Avg. Time | Difficulty | Solved by | Tier | |
|---|---|---|---|---|---|
|
CVE-2026-24895: FrankenPHP Path Confusion RCE using Unicode | 1-2 Hr. |  |
3 | PRO |
|
CVE-2021-X5X8
This challenge covers the review of a CVE in a Golang codebase and its patch
|
-- | |
36 | PRO |
|
|
SAML: CVE-2025-25291
This exercise covers the exploitation of CVE-2025-25291 (impacting ruby-saml)
|
2-4 Hr. | |
11 | PRO |
|
|
SAML: CVE-2025-29775 Signed Metadata
This exercise covers the exploitation of CVE-2025-29775 (impacting xml-crypto) without XMLResponse
|
2-4 Hr. | |
8 | PRO |
|
|
SAML: CVE-2025-29775
This exercise covers the exploitation of CVE-2025-29775 (impacting xml-crypto)
|
1-2 Hr. | |
16 | PRO |
|
|
CVE-2005-2x8x
This challenge covers the review of a CVE and its patch
|
< 1 Hr. | |
623 | PRO |
|
|
CVE-2021-22204: Exiftool RCE
This exercise covers how you can gain code execution when an application uses exiftool on user-controlled files
|
1-2 Hr. | |
175 | PRO |
|
|
CVE-2020-8163: Rails local name RCE
This exercise details the exploitation of CVE-2020-8163 to gain code execution
|
1-2 Hr. | |
227 | PRO |
|
|
CVE-2019-5418
This exercise details the exploitation of CVE-2019-5418 to get code execution
|
1-2 Hr. | |
514 | PRO |
|
|
cve-2019-5420 II
This exercise details the exploitation of CVE-2019-5420 to gain code execution
|
1-2 Hr. | |
573 | PRO |
|
|
Gogs RCE II
This exercise covers how to get code execution against the Git self hosted tool: Gogs.
|
< 1 Hr. | |
609 | PRO |
|
|
Gogs RCE
This exercise covers how to get code execution against the Git self hosted tool: Gogs.
|
1-2 Hr. | |
681 | PRO |
|
|
CVE-2018-11235: Git Submodule RCE
This exercise details the exploitation of a vulnerability in Git Sub
module that can be used to get command execution
|
2-4 Hr. | |
526 | PRO |
|
|
CVE-2018-0114
JWT
This exercise details
the exploitation of a vulnerability in Cisco's node-jose, a JavaScript library created to manage JWT
|
2-4 Hr. | |
1905 | PRO |
|
|
CVE-2012-6081: MoinMoin code execution
This exercise explains how you can exploit CVE-2012-6081 to gain code execution. This vulnerability was exploited to compromise Debian's wiki and Python documentation website
|
-- | |
0 | FREE |
|
|
CVE-2012-2661: ActiveRecord SQL injection
This exercise explains how you can exploit CVE-2012-2661 to retrieve information from a database
|
-- | |
0 | FREE |
Showing 1–16 of 16 exercises
Free Labs of the Month
