Exercises
| Exercise | Avg. Time | Difficulty | Solved by | Tier | |
|---|---|---|---|---|---|
|
HTTP 12
This challenge covers how to send specific HTTP requests
|
< 1 Hr. |  |
3697 | PRO |
|
|
HTTP 13
This challenge covers how to send specific HTTP requests
|
< 1 Hr. | |
3613 | PRO |
|
|
HTTP 14
This challenge covers how to send specific HTTP requests
|
< 1 Hr. |  |
3619 | PRO |
|
API 02
API
This exercise is the API version of an exercise you already solved in another badge. You should use it to get more confident with discovering vulnerabilities without any hint on what to look for.
|
< 1 Hr. | |
3010 | PRO |
|
Express Local File Read
This exercise covers how an insecure call to render can be used to gain local files read with Express
|
< 1 Hr. | |
415 | PRO |
|
OAuth2: Authorization Server XSS
This exercise covers the exploitation of an XSS in an OAuth2 Authorization Server
|
< 1 Hr. | |
386 | PRO |
|
|
HTTP 10
This challenge covers how to send specific HTTP requests
|
< 1 Hr. | |
3832 | PRO |
|
|
HTTP 09
This challenge covers how to send specific HTTP requests
|
< 1 Hr. | |
3938 | PRO |
|
|
HTTP 07
This challenge covers how to send specific HTTP requests
|
< 1 Hr. | |
4035 | PRO |
|
|
HTTP 06
This challenge covers how to send specific HTTP requests
|
< 1 Hr. | |
4124 | PRO |
|
|
HTTP 08
This challenge covers how to send specific HTTP requests
|
< 1 Hr. | |
4024 | PRO |
|
|
HTTP 03
This challenge covers how to send specific HTTP requests
|
< 1 Hr. | |
4474 | PRO |
|
|
HTTP 04
This challenge covers how to send specific HTTP requests
|
< 1 Hr. | |
4319 | PRO |
|
|
HTTP 05
This challenge covers how to send specific HTTP requests
|
< 1 Hr. | |
4236 | PRO |
|
|
HTTP 02
This challenge covers how to send specific HTTP requests
|
< 1 Hr. | |
4710 | PRO |
|
|
HTTP 01
This challenge covers how to send specific HTTP requests
|
< 1 Hr. | |
4964 | PRO |
|
|
API 01
API
This exercise is the API version of an exercise you already solved in the Essential Badge. You should use it to get more confident with discovering vulnerabilities without any hint on what to look for.
|
< 1 Hr. | |
3518 | PRO |
|
|
JWT Algorithm Confusion with RSA Public Key Recovery
JWT
This exercise covers the exploitation of algorithm confusion when no public key is available
|
< 1 Hr. |  |
211 | PRO |
|
|
SAML: Comment Injection II
This exercise covers the exploitation of a comment injection vulnerability in SAML
|
< 1 Hr. | |
617 | PRO |
|
Recon 24
In this challenge, you need to look for a file named key.txt in the place used to serve the assets for the main website
|
< 1 Hr. | |
5277 | FREE |
|
|
Recon 25
In this challenge, you need to look for a file named key2.txt in the place used to serve the assets for the main website
|
1-2 Hr. | |
3216 | FREE |
|
|
Recon 26
In this challenge, you need to look for a key in the JavaScript used by the website
|
< 1 Hr. | |
4980 | FREE |
|
SSRF via FFMPEG
This exercise covers how you can read arbitrary files when an application uses ffmpeg to render videos from a video you provide
|
< 1 Hr. | |
255 | PRO |
|
|
SAML: Signature Wrapping II
This exercise covers how to use Signature Wrapping to become an arbitrary user
|
< 1 Hr. | |
460 | PRO |
|
|
RCE via argument injection
This exercise covers a remote command execution vulnerability via argument injection
|
2-4 Hr. | |
57 | PRO |
|
Code Review 16
This exercise is one of our challenges to help you learn how to review real source code
|
< 1 Hr. | |
434 | PRO |
|
|
Code Review 17
This exercise is one of our challenges to help you learn how to review real source code
|
1-2 Hr. | |
320 | PRO |
|
|
SAML: Signature Wrapping
This exercise covers how to use Signature Wrapping to become an arbitrary user
|
< 1 Hr. | |
558 | PRO |
|
|
Recon 20
In this challenge, you need to look at the branches in repo3
|
< 1 Hr. | |
5316 | FREE |
|
|
Recon 21
In this challenge, you need to look at the information in the branches for repo4
|
< 1 Hr. | |
5194 | FREE |
Showing 361–390 of 692 exercises
Free Labs of the Month
