Exercises
| Exercise | Avg. Time | Difficulty | Solved by | Tier | |
|---|---|---|---|---|---|
|
CVE-2026-24895: FrankenPHP Path Confusion RCE using Unicode | 1-2 Hr. |  |
3 | PRO |
|
|
SAML: CVE-2025-25291
This exercise covers the exploitation of CVE-2025-25291 (impacting ruby-saml)
|
2-4 Hr. | |
11 | PRO |
|
|
SAML: CVE-2025-29775 Signed Metadata
This exercise covers the exploitation of CVE-2025-29775 (impacting xml-crypto) without XMLResponse
|
2-4 Hr. | |
8 | PRO |
|
|
SAML: CVE-2025-29775
This exercise covers the exploitation of CVE-2025-29775 (impacting xml-crypto)
|
1-2 Hr. | |
16 | PRO |
|
|
Gogs RCE II
This exercise covers how to get code execution against the Git self hosted tool: Gogs.
|
< 1 Hr. | |
609 | PRO |
|
|
Gogs RCE
This exercise covers how to get code execution against the Git self hosted tool: Gogs.
|
1-2 Hr. | |
681 | PRO |
Showing 1–6 of 6 exercises
Free Labs of the Month
