Exercises
| Exercise | Avg. Time | Difficulty | Solved by | Tier | |
|---|---|---|---|---|---|
|
CVE-2023-2X8X1
This challenge covers the review of a CVE in a Java codebase and its patch
|
< 1 Hr. |  |
210 | PRO |
|
|
CVE-2022-378xx
This challenge covers the review of a CVE in a Java codebase and its patch
|
< 1 Hr. |  |
394 | PRO |
|
|
CVE-2022-x0x09
This challenge covers the review of a CVE in a Java codebase and its patch
|
< 1 Hr. | |
229 | PRO |
|
|
CVE-2018-8x14
This challenge covers the review of a CVE in a Java codebase and its patch
|
2-4 Hr. | |
159 | PRO |
|
|
CVE-2014-X80X
This challenge covers the review of a CVE in a Java codebase and its patch
|
< 1 Hr. | |
200 | PRO |
|
|
CVE-2015-3XX0
This challenge covers the review of a CVE in a Java codebase and its patch
|
< 1 Hr. | |
183 | PRO |
|
|
CVE-2022-458X1
This challenge covers the review of a CVE in a Java codebase and its patch
|
< 1 Hr. | |
239 | PRO |
|
SAML: CVE-2021-21239
This exercise covers the exploitation of CVE-2021-21239 (PySAML2)
|
1-2 Hr. | |
131 | PRO |
|
|
CVE-2022-393XX
This challenge covers the review of a CVE in a Java codebase and its patch
|
< 1 Hr. | |
197 | PRO |
|
|
CVE-2023-2XX60
This challenge covers the review of a CVE in a Java codebase and its patch
|
< 1 Hr. | |
192 | PRO |
|
|
CVE-2023-2XX61
This challenge covers the review of a CVE in a Java codebase and its patch
|
< 1 Hr. | |
204 | PRO |
|
|
CVE-2021-22204: Exiftool RCE II
This exercise covers how you can gain code execution when an application uses exiftool on user-controlled files
|
< 1 Hr. | |
84 | PRO |
|
|
CVE-2022-39224
This exercise covers the exploitation of CVE-2022-39224
|
1-2 Hr. | |
106 | PRO |
|
|
CVE-2020-13xxx
This challenge covers the review of a CVE and its patch
|
< 1 Hr. | |
682 | PRO |
|
|
CVE-2008-5x8x
This challenge covers the review of a CVE and its patch
|
< 1 Hr. | |
853 | PRO |
|
|
CVE-2022-3x7x1
This challenge covers the review of a CVE and its patch
|
< 1 Hr. | |
781 | PRO |
|
|
CVE-2019-5x2x
This challenge covers the review of a CVE and its patch
|
< 1 Hr. | |
625 | PRO |
|
|
CVE-2022-26xx9
This challenge covers a vulnerable snippet in a real Java application
|
< 1 Hr. | |
635 | PRO |
|
|
CVE-2008-5x8x_ii
This challenge covers the review of a CVE and its patch
|
< 1 Hr. | |
653 | PRO |
|
|
CVE-2005-2x8x
This challenge covers the review of a CVE and its patch
|
< 1 Hr. |  |
651 | PRO |
|
|
CVE-2022-21449
JWT
This exercise covers the exploitation of CVE-2022-21449 against a Java Application relying on JWT
|
< 1 Hr. | |
185 | PRO |
|
|
CVE-2021-33564 Argument Injection in Ruby Dragonfly
This exercise covers how you can get arbitrary file read using CVE-2021-33564 against Refinery CMS
|
< 1 Hr. | |
152 | PRO |
|
|
CVE-2021-45xx9
This challenge covers a vulnerable snippet in a real Python application
|
< 1 Hr. | |
793 | PRO |
|
|
CVE-2021-39x3x
This challenge covers the review of a CVE and its patch
|
< 1 Hr. | |
656 | PRO |
|
|
CVE-2022-21724: JDBC RCE PostgreSQL
This challenge covers how to gain code execution by leveraging a JDBC connection string with PostgreSQL
|
< 1 Hr. | |
196 | PRO |
|
|
CVE-2009-3x8x
This challenge covers the review of a CVE and its patch
|
< 1 Hr. | |
809 | PRO |
|
|
CVE-2021-381xx
This challenge covers the review of a CVE and its patch
|
< 1 Hr. | |
689 | PRO |
|
|
CVE-2008-4x9x
This challenge covers the review of a CVE and its patch
|
< 1 Hr. | |
759 | PRO |
|
|
CVE-2021-4379x
This challenge covers the review of a CVE and its patch
|
< 1 Hr. | |
758 | PRO |
|
|
CVE-2021-4xx50
This challenge covers the review of a CVE and its patch
|
< 1 Hr. | |
844 | PRO |
Showing 121–150 of 188 exercises
Free Labs of the Month
