Sign in Create Account

Exercises

Exercise Avg. Time Difficulty Solved by Tier
Code Execution 03
This exercise is one of our challenges on Code Execution
 < 1 Hr. medium 13251 PRO
Code Execution 04
This exercise is one of our challenges on Code Execution
 < 1 Hr. medium 12991 PRO
File Include 01
This exercise is one of our challenges on File Include vulnerabilities
 < 1 Hr. medium 11239 PRO
File Include 02
This exercise is one of our challenges on File Include vulnerabilities
 < 1 Hr. easy 10966 PRO
LDAP 01
This exercise is one of our challenges on vulnerabilities related to LDAP
 < 1 Hr. easy 10883 PRO
LDAP 02
This exercise is one of our challenges on vulnerabilities related to LDAP
 < 1 Hr. medium 10409 PRO
Authentication 04
This exercise is one of our challenges on Authentication issues
 < 1 Hr. easy 18587 PRO
Authentication 01
This exercise is one of our challenges on Authentication issues
 < 1 Hr. easy 20374 PRO
Authentication 02
This exercise is one of our challenges on Authentication issues
 < 1 Hr. easy 19528 PRO
Authentication 03
This exercise is one of our challenges on Authentication issues
 < 1 Hr. easy 18948 PRO
Authorization 01
This exercise is one of our challenges on Authorisation issues
 < 1 Hr. easy 18009 PRO
Authorization 02
This exercise is one of our challenges on Authorisation issues
 < 1 Hr. easy 17593 PRO
Code Execution 01
This exercise is one of our challenges on Code Execution
 < 1 Hr. easy 14877 PRO
CVE-2016-10033: PHPMailer RCE
This exercise covers a remote code execution vulnerability in PHPMailer
 < 1 Hr. medium 3801 PRO
Cipher block chaining Crypto
This exercise details how to tamper with data encrypted using CBC
 1-2 Hr. medium 2977 PRO
Struts s2-045
This exercise covers a Remote Code Execution in Struts 2.
 < 1 Hr. medium 2819 PRO
CVE-2016-2098
This exercise covers a remote code execution vulnerability in Ruby-on-Rails when using render on user-supplied data
 < 1 Hr. medium 3714 PRO
CVE-2014-4511: Gitlist RCE
This exercise explains how you can exploit a vulnerability published in 2014 in Gitlist.
 < 1 Hr. medium 13 FREE
ECDSA Crypto
This exercise covers the exploitation of a weakness in the usage of ECDSA
 2-4 Hr. hard 362 PRO
Werkzeug DEBUG
This challenge was written for Ruxcon CTF 2015 and cover the Debug mode of Werkzeug/Flask
 < 1 Hr. medium 1619 PRO
Padding Oracle
This exercise covers an attack against CBC mode. This attack can be used to decrypt data and re-encrypt arbitrary data
 1-2 Hr. medium 849 FREE
Unickle
This challenge was written for Ruxcon CTF 2015. It's an SQL injection mixed with a remote code execution.
 1-2 Hr. hard 670 PRO
CVE-2015-3224
This exercise is a challenge written for Nullcon CTF in 2015
 < 1 Hr. medium 1632 PRO
Luhn
This challenge was written for Ruxcon CTF 2015. It's an SQL injection with a twist
 2-4 Hr. hard 627 PRO
Introduction 00
This exercise will guide you through the process of scoring on an exercise to get it marked as completed
 < 1 Hr. easy 31655 PRO
Introduction 01
This exercise will guide through the process of scoring an exercise to mark it as completed
 < 1 Hr. easy 30598 PRO
Introduction 02
This exercise will guide through the process of scoring an exercise to mark it as completed. Finding the key is just a little bit harder than the previous exercise.
 < 1 Hr. easy 30188 PRO
Introduction 03
This exercise will guide through the process of scoring an exercise to mark it as completed. However, this time, you will run commands on the underlying operating system. You will need to run the score command with your UUID.
 < 1 Hr. easy 29501 PRO
CVE-2013-0156: Rails Object Injection
This exercise covers the exploitation of a code execution in Ruby-on-Rails using XML and YAML.
 < 1 Hr. medium 4022 PRO
JWT Algorithm Confusion JWT
This exercise covers the exploitation of an issue with some implementations of JWT
 1-2 Hr. medium 3845 PRO
1 19 20 21 22 23 24
Showing 631–660 of 692 exercises