Exercises
| Exercise | Avg. Time | Difficulty | Solved by | Tier | |
|---|---|---|---|---|---|
|
HTTP 19
This challenge covers how to send specific HTTP requests
|
< 1 Hr. |  |
3486 | PRO |
|
|
HTTP 12
This challenge covers how to send specific HTTP requests
|
< 1 Hr. | |
3759 | PRO |
|
|
HTTP 13
This challenge covers how to send specific HTTP requests
|
< 1 Hr. | |
3673 | PRO |
|
Express Local File Read
This exercise covers how an insecure call to render can be used to gain local files read with Express
|
< 1 Hr. | |
441 | PRO |
|
OAuth2: Authorization Server XSS
This exercise covers the exploitation of an XSS in an OAuth2 Authorization Server
|
< 1 Hr. | |
399 | PRO |
|
|
HTTP 09
This challenge covers how to send specific HTTP requests
|
< 1 Hr. | |
4001 | PRO |
|
|
HTTP 02
This challenge covers how to send specific HTTP requests
|
< 1 Hr. | |
4779 | PRO |
|
|
SAML: Comment Injection II
This exercise covers the exploitation of a comment injection vulnerability in SAML
|
< 1 Hr. | |
653 | PRO |
|
Recon 24
In this challenge, you need to look for a file named key.txt in the place used to serve the assets for the main website
|
< 1 Hr. | |
5452 | FREE |
|
|
Recon 26
In this challenge, you need to look for a key in the JavaScript used by the website
|
< 1 Hr. | |
5156 | FREE |
|
SSRF via FFMPEG
This exercise covers how you can read arbitrary files when an application uses ffmpeg to render videos from a video you provide
|
< 1 Hr. | |
257 | PRO |
|
Code Review 17
This exercise is one of our challenges to help you learn how to review real source code
|
1-2 Hr. | |
411 | PRO |
|
|
Recon 22
In this challenge, you need to look in repo9 for deleted files
|
< 1 Hr. | |
5153 | FREE |
|
|
SAML: SAMLResponse forwarding
This exercise covers how to pass the SAMLResponse from one Service Provider to another
|
< 1 Hr. | |
536 | PRO |
|
|
CGI and Signature
This exercise covers the exploitation of a vulnerable CGI.
|
< 1 Hr. | |
237 | PRO |
|
|
Recon 17
In this challenge, you need to look at the name of the developer used in the repository test1
|
< 1 Hr. | |
5827 | FREE |
|
|
Recon 18
In this challenge, you need to look at the public repository of the developers in the organisation
|
< 1 Hr. | |
5514 | FREE |
|
|
Recon 19
In this challenge, you need to look at the email addresses used for commits in the repository repo7
|
< 1 Hr. | |
5195 | FREE |
|
|
Code Review 15
This exercise is one of our challenges to help you learn how to review real source code
|
< 1 Hr. | |
506 | PRO |
|
|
Code Review 14
This exercise is one of our challenges to help you learn how to review real source code
|
< 1 Hr. | |
532 | PRO |
|
CVE-2020-14343: PyYAML unsafe loader
This exercise covers how you can gain code execution when an application use a vulnerable version of PyYAML and relies on load()
|
< 1 Hr. | |
343 | PRO |
|
|
OAuth2: State Fixation
This exercise covers the exploitation of a state fixation in an OAuth2 Client
|
1-2 Hr. | |
420 | PRO |
|
|
CVE-2020-7115: Aruba Clearpass RCE
This exercise covers a remote command execution issue on Aruba Clearpass RCE
|
< 1 Hr. | |
225 | PRO |
|
|
Code Review 12
This exercise is one of our challenges to help you learn how to review real source code
|
< 1 Hr. | |
571 | PRO |
|
|
Recon 16
In this challenge, you need to find the version of Bind used
|
< 1 Hr. | |
5731 | FREE |
|
|
EDDSA vulnerability in Monocypher
Crypto
This exercise covers the exploitation of a vulnerability impacting Monocypher.
|
< 1 Hr. | |
192 | PRO |
|
|
Code Review 10
This exercise is one of our challenges to help you learn how to review real source code
|
< 1 Hr. | |
491 | PRO |
|
|
Unicode and NFKC
This exercise covers how to leverage unicode to exploit a directory traversal
|
< 1 Hr. | |
329 | PRO |
|
|
SAML: Trusted Embedded Key
This exercise covers the exploitation of a Service Provider (SP) that doesn't check the certificate provided in the SAMLResponse
|
< 1 Hr. | |
539 | PRO |
|
|
Recon 08
This exercise covers aliases in TLS certificates
|
< 1 Hr. | |
10016 | FREE |
Showing 121–150 of 260 exercises
Free Labs of the Month
