Penetration Testing, Security Code Review and Web App Security Exercises

Free PRO CVE Easy Medium Hard XSS Code Review API SSRF HTTP RECON CSRF SQLi

Exercise	Avg. Time	Solved by	Tier
OAuth2: Authorization Server XSS This exercise covers the exploitation of an XSS in an OAuth2 Authorization Server	< 1 Hr.	386	PRO
SVG XSS This exercise covers how to use an SVG to trigger a Cross-Site-Scripting	< 1 Hr.	1827	PRO
XSS 09 XSS This exercise is one of our challenges on Cross-Site Scripting	< 1 Hr.	9181	PRO
XSS 10 XSS This exercise is one of our challenges on Cross-Site Scripting	< 1 Hr.	8468	PRO
XSS 03 XSS This exercise is one of our challenges on Cross-Site Scripting	< 1 Hr.	10387	PRO
XSS 05 XSS This exercise is one of our challenges on Cross-Site Scripting	< 1 Hr.	9646	PRO
XSS 06 XSS This exercise is one of our challenges on Cross-Site Scripting	< 1 Hr.	9541	PRO
XSS 07 XSS This exercise is one of our challenges on Cross-Site Scripting	< 1 Hr.	9416	PRO
XSS 08 XSS This exercise is one of our challenges on Cross-Site Scripting	< 1 Hr.	9268	PRO
XSS and MySQL FILE XSS This exercise explains how to exploit a Cross-Site Scripting vulnerability to obtain an administrator's cookies, and how you can use their session to gain access to the administration panel, and find a SQL injection to gain code execution	--	0	FREE

Showing 1–10 of 10 exercises