Exercises
| Exercise | Avg. Time | Difficulty | Solved by | Tier | |
|---|---|---|---|---|---|
|
Intercept 02
This exercise covers how to intercept an HTTPs connection.
|
< 1 Hr. |  |
1667 | PRO |
|
|
Intercept 01
This exercise covers how to intercept an HTTP connection.
|
1-2 Hr. |  |
1841 | PRO |
|
|
Struts devMode
This exercise covers how to get code execution when a Struts application is running in devMode
|
-- | |
0 | PRO |
|
|
JSON Web Token None Algorithm
JWT
This exercise covers the exploitation of a signature weakness in a JWT library.
|
< 1 Hr. | |
10127 | PRO |
|
API to Shell
API
This exercise covers the exploitation of PHP type confusion to bypass a signature and the exploitation of unserialize.
|
2-4 Hr. |  |
3513 | PRO |
|
|
Cross-Origin Resource Sharing
This exercise covers Cross-Origin Resource Sharing and how it can be used to bypass CSRF protection if it's misconfigured
|
-- | |
0 | PRO |
|
|
Pickle Code Execution
This exercise covers the exploitation of Python's pickle when used to deserialize untrusted data
|
< 1 Hr. | |
6491 | PRO |
Showing 91–97 of 97 exercises
Free Labs of the Month
