Exercises
| Exercise | Avg. Time | Difficulty | Solved by | Tier | |
|---|---|---|---|---|---|
|
Recon 22
In this challenge, you need to look in repo9 for deleted files
|
< 1 Hr. |  |
5092 | FREE |
|
|
Recon 23
In this challenge, you need to look for sensitive information in commit messages
|
< 1 Hr. |  |
5070 | FREE |
|
SAML: SAMLResponse forwarding
This exercise covers how to pass the SAMLResponse from one Service Provider to another
|
< 1 Hr. | |
526 | PRO |
|
|
CGI and Signature
This exercise covers the exploitation of a vulnerable CGI.
|
< 1 Hr. | |
231 | PRO |
|
|
Recon 17
In this challenge, you need to look at the name of the developer used in the repository test1
|
< 1 Hr. | |
5781 | FREE |
|
|
Recon 18
In this challenge, you need to look at the public repository of the developers in the organisation
|
< 1 Hr. | |
5447 | FREE |
|
|
Recon 19
In this challenge, you need to look at the email addresses used for commits in the repository repo7
|
< 1 Hr. | |
5150 | FREE |
|
Code Review 15
This exercise is one of our challenges to help you learn how to review real source code
|
< 1 Hr. | |
489 | PRO |
|
|
Code Review 14
This exercise is one of our challenges to help you learn how to review real source code
|
< 1 Hr. | |
516 | PRO |
|
CVE-2020-14343: PyYAML unsafe loader
This exercise covers how you can gain code execution when an application use a vulnerable version of PyYAML and relies on load()
|
< 1 Hr. | |
326 | PRO |
|
|
OAuth2: State Fixation
This exercise covers the exploitation of a state fixation in an OAuth2 Client
|
1-2 Hr. | |
416 | PRO |
|
|
Code Review 13
This exercise is one of our challenges to help you learn how to review real source code
|
1-2 Hr. |  |
424 | PRO |
|
|
CVE-2020-7115: Aruba Clearpass RCE
This exercise covers a remote command execution issue on Aruba Clearpass RCE
|
< 1 Hr. | |
221 | PRO |
|
|
Code Review 12
This exercise is one of our challenges to help you learn how to review real source code
|
< 1 Hr. | |
554 | PRO |
|
|
OAuth2: Predictable State II
This exercise covers the exploitation of a predictable state in an OAuth2 Client
|
1-2 Hr. | |
278 | PRO |
|
|
Recon 13
In this challenge, you need to find the TXT record linked to key.z.hackycorp.com
|
< 1 Hr. | |
6617 | FREE |
|
|
Recon 14
In this challenge, you need to find a TXT record by doing a zone transfer on z.hackycorp.com
|
< 1 Hr. | |
5933 | FREE |
|
|
Recon 15
In this challenge, you need to find a TXT record by doing a zone transfer on the internal zone "int"
|
< 1 Hr. | |
5400 | FREE |
|
|
Recon 16
In this challenge, you need to find the version of Bind used
|
< 1 Hr. | |
5562 | FREE |
|
|
EDDSA vulnerability in Monocypher
Crypto
This exercise covers the exploitation of a vulnerability impacting Monocypher.
|
< 1 Hr. | |
188 | PRO |
|
|
Code Review 11
This exercise is one of our challenges to help you learn how to review real source code
|
2-4 Hr. | |
366 | PRO |
|
|
OAuth2: Predictable State
This exercise covers the exploitation of a predictable state in an OAuth2 Client
|
2-4 Hr. | |
300 | PRO |
|
|
Code Review 10
This exercise is one of our challenges to help you learn how to review real source code
|
< 1 Hr. | |
473 | PRO |
|
|
Recon 11 | < 1 Hr. | |
6035 | FREE |
|
|
Recon 12 | < 1 Hr. | |
6592 | FREE |
|
|
Unicode and NFKC
This exercise covers how to leverage unicode to exploit a directory traversal
|
< 1 Hr. | |
324 | PRO |
|
|
SAML: Trusted Embedded Key
This exercise covers the exploitation of a Service Provider (SP) that doesn't check the certificate provided in the SAMLResponse
|
< 1 Hr. | |
529 | PRO |
|
|
Recon 06
This exercise covers default vhost
|
< 1 Hr. | |
11758 | FREE |
|
|
Recon 07
This exercise covers default TLS vhost
|
< 1 Hr. | |
10681 | FREE |
|
|
Recon 08
This exercise covers aliases in TLS certificates
|
< 1 Hr. | |
9370 | FREE |
Showing 421–450 of 722 exercises
Free Labs of the Month
