Exercises
| Exercise | Avg. Time | Difficulty | Solved by | Tier | |
|---|---|---|---|---|---|
|
CVE-2016-5386: HTTPoxy/Golang HTTProxy namespace conflict
This exercise covers the exploitation of HTTPoxy against an old version of Golang
|
< 1 Hr. |  |
939 | PRO |
|
Unix 31
This exercise is one of our challenges to help you learn more about Unix/Linux
|
< 1 Hr. | |
14228 | PRO |
|
|
Unix 30
This exercise is one of our challenges to help you learn more about Unix/Linux
|
< 1 Hr. | |
14254 | PRO |
|
|
CBC-MAC II
Crypto
This exercise covers the exploitation of an application using CBC-MAC when an attacker has control over the IV
|
1-2 Hr. | |
1763 | PRO |
|
|
JWT VI
JWT
This exercise covers the exploitation of an injection in the kid element of a JWT. This injection can be used to bypass the signature mechanism
|
< 1 Hr. | |
2587 | PRO |
|
|
CVE-2018-6574: go get RCE
This exercise covers a remote command execution in Golang's go get command.
|
< 1 Hr. | |
905 | PRO |
|
|
Unix 15
This exercise is one of our challenges to help you learn more about Unix/Linux
|
< 1 Hr. | |
16514 | PRO |
|
|
Unix 20
This exercise is one of our challenges to help you learn more about Unix/Linux
|
< 1 Hr. | |
15177 | PRO |
|
|
JWT V
JWT
This exercise covers the exploitation of a trivial secret used to sign JWT tokens.
|
< 1 Hr. | |
3067 | PRO |
|
|
JWT IV
JWT
This exercise covers the exploitation of a vulnerability similar to the recent CVE-2017-17405 impacting Ruby Net::FTP
|
< 1 Hr. | |
2736 | PRO |
|
|
JWT kid Injection
JWT
This exercise covers the exploitation of an issue in the usage of JWT token
|
1-2 Hr. | |
2960 | PRO |
|
|
Code Execution 09
This exercise is one of our challenges on Code Execution
|
< 1 Hr. | |
10949 | PRO |
|
|
Server Side Template Injection 02
This exercise is one of our challenges on Server-Side Template Injection
|
< 1 Hr. | |
8638 | PRO |
|
|
Authorization 06
This exercise is one of our challenges on Authorisation issues
|
< 1 Hr. | |
15043 | PRO |
|
|
Code Execution 08
This exercise is one of our challenges on Code Execution
|
< 1 Hr. | |
11045 | PRO |
|
|
Authorization 04
This exercise is one of our challenges on Authorisation issues
|
< 1 Hr. | |
16160 | PRO |
|
|
Authorization 05
This exercise is one of our challenges on Authorisation issues
|
< 1 Hr. | |
15444 | PRO |
|
|
Server Side Template Injection 01
This exercise is one of our challenges on Server-Side Template Injection
|
< 1 Hr. | |
8629 | PRO |
|
|
Code Execution 05
This exercise is one of our challenges on Code Execution
|
< 1 Hr. | |
12592 | PRO |
|
|
Code Execution 07
This exercise is one of our challenges on Code Execution
|
< 1 Hr. | |
12053 | PRO |
|
SQL Injection 06
SQL Injection
This exercise is one of our challenges on SQL Injections
|
< 1 Hr. | |
9499 | PRO |
|
|
XML Attacks 01
This exercise is one of our challenges on vulnerabilities related to XML processing
|
< 1 Hr. | |
9040 | PRO |
|
|
XML Attacks 02
This exercise is one of our challenges on vulnerabilities related to XML processing
|
< 1 Hr. | |
8649 | PRO |
|
|
SQL Injection 04
SQL Injection
This exercise is one of our challenges on SQL Injections
|
< 1 Hr. | |
10088 | PRO |
|
|
Command Execution 02
This exercise is one of our challenges on Command Execution
|
< 1 Hr. | |
11577 | PRO |
|
|
Open Redirect 01
This exercise is one of our challenges on Open Redirect
|
< 1 Hr. | |
10161 | PRO |
|
|
Open Redirect 02
This exercise is one of our challenges on Open Redirect
|
< 1 Hr. | |
9833 | PRO |
|
|
MongoDB Injection 01
This exercise is one of our challenges on vulnerabilities related to MongoDB
|
< 1 Hr. | |
10233 | PRO |
|
XSS 09
XSS
This exercise is one of our challenges on Cross-Site Scripting
|
< 1 Hr. | |
9181 | PRO |
|
|
XSS 10
XSS
This exercise is one of our challenges on Cross-Site Scripting
|
< 1 Hr. | |
8468 | PRO |
Showing 181–210 of 250 exercises
Free Labs of the Month
