Exercises
| Exercise | Avg. Time | Difficulty | Solved by | Tier | |
|---|---|---|---|---|---|
|
SQL Injection 06
SQL Injection
This exercise is one of our challenges on SQL Injections
|
< 1 Hr. |  |
9625 | PRO |
|
XML Attacks 01
This exercise is one of our challenges on vulnerabilities related to XML processing
|
< 1 Hr. | |
9249 | PRO |
|
|
XML Attacks 02
This exercise is one of our challenges on vulnerabilities related to XML processing
|
< 1 Hr. | |
8740 | PRO |
|
|
SQL Injection 04
SQL Injection
This exercise is one of our challenges on SQL Injections
|
< 1 Hr. | |
10236 | PRO |
|
|
Command Execution 02
This exercise is one of our challenges on Command Execution
|
< 1 Hr. | |
11706 | PRO |
|
|
Open Redirect 01
This exercise is one of our challenges on Open Redirect
|
< 1 Hr. | |
10267 | PRO |
|
|
Open Redirect 02
This exercise is one of our challenges on Open Redirect
|
< 1 Hr. | |
9937 | PRO |
|
|
MongoDB Injection 01
This exercise is one of our challenges on vulnerabilities related to MongoDB
|
< 1 Hr. | |
10339 | PRO |
|
XSS 09
XSS
This exercise is one of our challenges on Cross-Site Scripting
|
< 1 Hr. | |
9431 | PRO |
|
|
XSS 10
XSS
This exercise is one of our challenges on Cross-Site Scripting
|
< 1 Hr. | |
8726 | PRO |
|
|
XSS 03
XSS
This exercise is one of our challenges on Cross-Site Scripting
|
< 1 Hr. | |
10753 | PRO |
|
|
XSS 05
XSS
This exercise is one of our challenges on Cross-Site Scripting
|
< 1 Hr. | |
9957 | PRO |
|
|
XSS 06
XSS
This exercise is one of our challenges on Cross-Site Scripting
|
< 1 Hr. | |
9850 | PRO |
|
|
XSS 07
XSS
This exercise is one of our challenges on Cross-Site Scripting
|
< 1 Hr. | |
9682 | PRO |
|
|
XSS 08
XSS
This exercise is one of our challenges on Cross-Site Scripting
|
< 1 Hr. | |
9522 | PRO |
|
|
Authentication 05
This exercise is one of our challenges on Authentication issues
|
< 1 Hr. | |
17914 | PRO |
|
|
Code Execution 03
This exercise is one of our challenges on Code Execution
|
< 1 Hr. | |
13388 | PRO |
|
|
Code Execution 04
This exercise is one of our challenges on Code Execution
|
< 1 Hr. | |
13123 | PRO |
|
|
File Include 01
This exercise is one of our challenges on File Include vulnerabilities
|
< 1 Hr. | |
11336 | PRO |
|
|
LDAP 02
This exercise is one of our challenges on vulnerabilities related to LDAP
|
< 1 Hr. | |
10509 | PRO |
|
CVE-2016-10033: PHPMailer RCE
This exercise covers a remote code execution vulnerability in PHPMailer
|
< 1 Hr. | |
3828 | PRO |
|
|
Cipher block chaining
Crypto
This exercise details how to tamper with data encrypted using CBC
|
1-2 Hr. | |
3015 | PRO |
|
|
Struts s2-045
This exercise covers a Remote Code Execution in Struts 2.
|
< 1 Hr. | |
2838 | PRO |
|
|
CVE-2016-2098
This exercise covers a remote code execution vulnerability in Ruby-on-Rails when using render on user-supplied data
|
< 1 Hr. | |
3739 | PRO |
|
|
CVE-2014-4511: Gitlist RCE
This exercise explains how you can exploit a vulnerability published in 2014 in Gitlist.
|
< 1 Hr. | |
15 | FREE |
|
|
Werkzeug DEBUG
This challenge was written for Ruxcon CTF 2015 and cover the Debug mode of Werkzeug/Flask
|
< 1 Hr. | |
1628 | PRO |
|
|
Padding Oracle
This exercise covers an attack against CBC mode. This attack can be used to decrypt data and re-encrypt arbitrary data
|
1-2 Hr. | |
855 | FREE |
|
|
CVE-2015-3224
This exercise is a challenge written for Nullcon CTF in 2015
|
< 1 Hr. | |
1643 | PRO |
|
|
CVE-2013-0156: Rails Object Injection
This exercise covers the exploitation of a code execution in Ruby-on-Rails using XML and YAML.
|
< 1 Hr. | |
4073 | PRO |
|
|
JWT Algorithm Confusion
JWT
This exercise covers the exploitation of an issue with some implementations of JWT
|
1-2 Hr. | |
3877 | PRO |
Showing 211–240 of 260 exercises
Free Labs of the Month
