Exercises
| Exercise | Avg. Time | Difficulty | Solved by | Tier | |
|---|---|---|---|---|---|
|
SSRF via FFMPEG
This exercise covers how you can read arbitrary files when an application uses ffmpeg to render videos from a video you provide
|
< 1 Hr. |  |
255 | PRO |
|
Code Review 17
This exercise is one of our challenges to help you learn how to review real source code
|
1-2 Hr. | |
320 | PRO |
|
Recon 22
In this challenge, you need to look in repo9 for deleted files
|
< 1 Hr. | |
4998 | FREE |
|
SAML: SAMLResponse forwarding
This exercise covers how to pass the SAMLResponse from one Service Provider to another
|
< 1 Hr. | |
523 | PRO |
|
|
CGI and Signature
This exercise covers the exploitation of a vulnerable CGI.
|
< 1 Hr. | |
231 | PRO |
|
|
Recon 17
In this challenge, you need to look at the name of the developer used in the repository test1
|
< 1 Hr. | |
5661 | FREE |
|
|
Recon 18
In this challenge, you need to look at the public repository of the developers in the organisation
|
< 1 Hr. | |
5348 | FREE |
|
|
Recon 19
In this challenge, you need to look at the email addresses used for commits in the repository repo7
|
< 1 Hr. | |
5031 | FREE |
|
|
Code Review 15
This exercise is one of our challenges to help you learn how to review real source code
|
< 1 Hr. | |
413 | PRO |
|
|
Code Review 14
This exercise is one of our challenges to help you learn how to review real source code
|
< 1 Hr. | |
435 | PRO |
|
CVE-2020-14343: PyYAML unsafe loader
This exercise covers how you can gain code execution when an application use a vulnerable version of PyYAML and relies on load()
|
< 1 Hr. | |
316 | PRO |
|
|
OAuth2: State Fixation
This exercise covers the exploitation of a state fixation in an OAuth2 Client
|
1-2 Hr. | |
413 | PRO |
|
|
CVE-2020-7115: Aruba Clearpass RCE
This exercise covers a remote command execution issue on Aruba Clearpass RCE
|
< 1 Hr. | |
220 | PRO |
|
|
Code Review 12
This exercise is one of our challenges to help you learn how to review real source code
|
< 1 Hr. | |
473 | PRO |
|
|
Recon 16
In this challenge, you need to find the version of Bind used
|
< 1 Hr. | |
5562 | FREE |
|
|
EDDSA vulnerability in Monocypher
Crypto
This exercise covers the exploitation of a vulnerability impacting Monocypher.
|
< 1 Hr. | |
185 | PRO |
|
|
Code Review 10
This exercise is one of our challenges to help you learn how to review real source code
|
< 1 Hr. | |
397 | PRO |
|
|
Unicode and NFKC
This exercise covers how to leverage unicode to exploit a directory traversal
|
< 1 Hr. | |
316 | PRO |
|
|
SAML: Trusted Embedded Key
This exercise covers the exploitation of a Service Provider (SP) that doesn't check the certificate provided in the SAMLResponse
|
< 1 Hr. | |
509 | PRO |
|
|
Recon 08
This exercise covers aliases in TLS certificates
|
< 1 Hr. | |
9370 | FREE |
|
|
SAML: Known Key
This exercise covers the exploitation of a known key in SAML
|
1-2 Hr. | |
530 | PRO |
|
|
Recon 04
This exercise covers common interesting directories
|
< 1 Hr. | |
16401 | FREE |
|
|
Recon 05
This exercise covers simple directory bruteforcing
|
< 1 Hr. | |
12025 | FREE |
|
|
Recon 01
This exercise covers 404 error pages
|
< 1 Hr. | |
21536 | FREE |
|
|
Zip symlink
This exercise covers how you can create a malicious Zip file and use it to gain access to sensitive files.
|
< 1 Hr. | |
595 | PRO |
|
|
SAML: Comment Injection
This exercise covers the exploitation of a comment injection vulnerability in SAML
|
< 1 Hr. | |
1703 | PRO |
|
|
Unicode and Downcase
This exercise covers how you can use unicode to gain access to an admin account.
|
< 1 Hr. | |
604 | PRO |
|
|
Recon 10
This exercise covers visual content discovery
|
< 1 Hr. | |
6610 | FREE |
|
|
Unicode and Uppercase
This exercise covers how you can use unicode to gain access to an admin account.
|
< 1 Hr. | |
681 | PRO |
|
|
Code Review 06
This exercise is one of our challenges to help you learn how to review real source code
|
2-4 Hr. | |
329 | PRO |
Showing 121–150 of 250 exercises
Free Labs of the Month
