Exercises
| Exercise | Avg. Time | Difficulty | Solved by | Tier | |
|---|---|---|---|---|---|
|
Ruby Snippet #06
This challenge covers the review of a snippet of code written in Ruby
|
< 1 Hr. |  |
965 | PRO |
|
|
Ruby Snippet #07
This challenge covers the review of a snippet of code written in Ruby
|
< 1 Hr. | |
822 | PRO |
|
|
Ruby Snippet #08
This challenge covers the review of a snippet of code written in Ruby
|
< 1 Hr. | |
784 | PRO |
|
|
Ruby Snippet #09
This challenge covers the review of a snippet of code written in Ruby
|
< 1 Hr. |  |
738 | PRO |
|
HTTP 26
This challenge covers how to send specific HTTP requests
|
< 1 Hr. | |
3228 | PRO |
|
|
HTTP 27
This challenge covers how to send specific HTTP requests
|
< 1 Hr. | |
3151 | PRO |
|
|
HTTP 28
This challenge covers how to send specific HTTP requests
|
< 1 Hr. | |
3146 | PRO |
|
|
HTTP 29
This challenge covers how to send specific HTTP requests
|
< 1 Hr. | |
3053 | PRO |
|
|
HTTP 30
This challenge covers how to send specific HTTP requests
|
< 1 Hr. |  |
3094 | PRO |
|
|
CVE-2020-17xx7
This challenge covers the review of a CVE and its patch
|
< 1 Hr. | |
1109 | PRO |
|
Ox Remote Code Execution
This exercise covers how you can gain code execution when an application is using Ox to deserialize data and is running on Ruby 2.3
|
2-4 Hr. | |
87 | PRO |
|
|
CVE-2020-9x9x
This challenge covers the review of a CVE and its patch
|
< 1 Hr. | |
865 | PRO |
|
|
HTTP 21
This challenge covers how to send specific HTTP requests
|
< 1 Hr. | |
3375 | PRO |
|
|
HTTP 22
This challenge covers how to send specific HTTP requests
|
< 1 Hr. | |
3338 | PRO |
|
|
HTTP 23
This challenge covers how to send specific HTTP requests
|
< 1 Hr. | |
3252 | PRO |
|
|
HTTP 24
This challenge covers how to send specific HTTP requests
|
< 1 Hr. | |
3250 | PRO |
|
|
HTTP 25
This challenge covers how to send specific HTTP requests
|
< 1 Hr. | |
3281 | PRO |
|
|
HTTP 16
This challenge covers how to send specific HTTP requests
|
< 1 Hr. | |
3479 | PRO |
|
|
HTTP 20
This challenge covers how to send specific HTTP requests
|
< 1 Hr. | |
3387 | PRO |
|
|
HTTP 18
This challenge covers how to send specific HTTP requests
|
< 1 Hr. | |
3441 | PRO |
|
|
HTTP 19
This challenge covers how to send specific HTTP requests
|
< 1 Hr. | |
3432 | PRO |
|
|
HTTP 17
This challenge covers how to send specific HTTP requests
|
< 1 Hr. | |
3453 | PRO |
|
|
CVE-2020-17xx8
This challenge covers the review of a CVE and its patch
|
< 1 Hr. | |
656 | PRO |
|
CVE-2021-22204: Exiftool RCE
This exercise covers how you can gain code execution when an application uses exiftool on user-controlled files
|
1-2 Hr. | |
175 | PRO |
|
SSRF via FFMPEG II
This exercise covers how you can read arbitrary files when an application uses ffmpeg to render videos from a video you provide
|
< 1 Hr. | |
131 | PRO |
|
API 03
API
This exercise is the API version of an exercise you already solved in another badge. You should use it to get more confident with discovering vulnerabilities without any hint on what to look for.
|
< 1 Hr. | |
2449 | PRO |
|
|
CVE-2020-11xxx
This challenge covers the review of a CVE and its patch
|
< 1 Hr. | |
669 | PRO |
|
OAuth2: Authorization Server XSS II
This exercise covers the exploitation of an XSS in an OAuth2 Authorization Server
|
< 1 Hr. | |
281 | PRO |
|
|
HTTP 11
This challenge covers how to send specific HTTP requests
|
< 1 Hr. | |
3748 | PRO |
|
|
HTTP 15
This challenge covers how to send specific HTTP requests
|
< 1 Hr. | |
3598 | PRO |
Showing 331–360 of 692 exercises
Free Labs of the Month
