Exercises
| Exercise | Avg. Time | Difficulty | Solved by | Tier | |
|---|---|---|---|---|---|
|
Recon 22
In this challenge, you need to look in repo9 for deleted files
|
< 1 Hr. |  |
4998 | FREE |
|
|
Recon 23
In this challenge, you need to look for sensitive information in commit messages
|
< 1 Hr. |  |
4975 | FREE |
|
SAML: SAMLResponse forwarding
This exercise covers how to pass the SAMLResponse from one Service Provider to another
|
< 1 Hr. | |
523 | PRO |
|
|
CGI and Signature
This exercise covers the exploitation of a vulnerable CGI.
|
< 1 Hr. | |
231 | PRO |
|
|
Recon 17
In this challenge, you need to look at the name of the developer used in the repository test1
|
< 1 Hr. | |
5661 | FREE |
|
|
Recon 18
In this challenge, you need to look at the public repository of the developers in the organisation
|
< 1 Hr. | |
5348 | FREE |
|
|
Recon 19
In this challenge, you need to look at the email addresses used for commits in the repository repo7
|
< 1 Hr. | |
5031 | FREE |
|
Code Review 15
This exercise is one of our challenges to help you learn how to review real source code
|
< 1 Hr. | |
413 | PRO |
|
|
Code Review 14
This exercise is one of our challenges to help you learn how to review real source code
|
< 1 Hr. | |
435 | PRO |
|
CVE-2020-14343: PyYAML unsafe loader
This exercise covers how you can gain code execution when an application use a vulnerable version of PyYAML and relies on load()
|
< 1 Hr. | |
316 | PRO |
|
|
OAuth2: State Fixation
This exercise covers the exploitation of a state fixation in an OAuth2 Client
|
1-2 Hr. | |
413 | PRO |
|
|
Code Review 13
This exercise is one of our challenges to help you learn how to review real source code
|
1-2 Hr. |  |
343 | PRO |
|
|
CVE-2020-7115: Aruba Clearpass RCE
This exercise covers a remote command execution issue on Aruba Clearpass RCE
|
< 1 Hr. | |
220 | PRO |
|
|
Code Review 12
This exercise is one of our challenges to help you learn how to review real source code
|
< 1 Hr. | |
473 | PRO |
|
|
OAuth2: Predictable State II
This exercise covers the exploitation of a predictable state in an OAuth2 Client
|
1-2 Hr. | |
277 | PRO |
|
|
Recon 13
In this challenge, you need to find the TXT record linked to key.z.hackycorp.com
|
< 1 Hr. | |
6617 | FREE |
|
|
Recon 14
In this challenge, you need to find a TXT record by doing a zone transfer on z.hackycorp.com
|
< 1 Hr. | |
5933 | FREE |
|
|
Recon 15
In this challenge, you need to find a TXT record by doing a zone transfer on the internal zone "int"
|
< 1 Hr. | |
5400 | FREE |
|
|
Recon 16
In this challenge, you need to find the version of Bind used
|
< 1 Hr. | |
5562 | FREE |
|
|
EDDSA vulnerability in Monocypher
Crypto
This exercise covers the exploitation of a vulnerability impacting Monocypher.
|
< 1 Hr. | |
185 | PRO |
|
|
Code Review 11
This exercise is one of our challenges to help you learn how to review real source code
|
2-4 Hr. | |
298 | PRO |
|
|
OAuth2: Predictable State
This exercise covers the exploitation of a predictable state in an OAuth2 Client
|
2-4 Hr. | |
299 | PRO |
|
|
Code Review 10
This exercise is one of our challenges to help you learn how to review real source code
|
< 1 Hr. | |
397 | PRO |
|
|
Recon 11 | < 1 Hr. | |
6035 | FREE |
|
|
Recon 12 | < 1 Hr. | |
6592 | FREE |
|
|
Unicode and NFKC
This exercise covers how to leverage unicode to exploit a directory traversal
|
< 1 Hr. | |
316 | PRO |
|
|
SAML: Trusted Embedded Key
This exercise covers the exploitation of a Service Provider (SP) that doesn't check the certificate provided in the SAMLResponse
|
< 1 Hr. | |
509 | PRO |
|
|
Recon 06
This exercise covers default vhost
|
< 1 Hr. | |
11758 | FREE |
|
|
Recon 07
This exercise covers default TLS vhost
|
< 1 Hr. | |
10681 | FREE |
|
|
Recon 08
This exercise covers aliases in TLS certificates
|
< 1 Hr. | |
9370 | FREE |
Showing 391–420 of 692 exercises
Free Labs of the Month
