Sign in Create Account

Exercises

Exercise Avg. Time Difficulty Solved by Tier
Code Execution 03
This exercise is one of our challenges on Code Execution
 < 1 Hr. medium 13293 PRO
Code Execution 04
This exercise is one of our challenges on Code Execution
 < 1 Hr. medium 13033 PRO
File Include 01
This exercise is one of our challenges on File Include vulnerabilities
 < 1 Hr. medium 11267 PRO
File Include 02
This exercise is one of our challenges on File Include vulnerabilities
 < 1 Hr. easy 10995 PRO
LDAP 01
This exercise is one of our challenges on vulnerabilities related to LDAP
 < 1 Hr. easy 10916 PRO
LDAP 02
This exercise is one of our challenges on vulnerabilities related to LDAP
 < 1 Hr. medium 10437 PRO
Authentication 04
This exercise is one of our challenges on Authentication issues
 < 1 Hr. easy 18633 PRO
Authentication 01
This exercise is one of our challenges on Authentication issues
 < 1 Hr. easy 20535 PRO
Authentication 02
This exercise is one of our challenges on Authentication issues
 < 1 Hr. easy 19577 PRO
Authentication 03
This exercise is one of our challenges on Authentication issues
 < 1 Hr. easy 18993 PRO
Authorization 01
This exercise is one of our challenges on Authorisation issues
 < 1 Hr. easy 18111 PRO
Authorization 02
This exercise is one of our challenges on Authorisation issues
 < 1 Hr. easy 17632 PRO
Code Execution 01
This exercise is one of our challenges on Code Execution
 < 1 Hr. easy 14918 PRO
CVE-2016-10033: PHPMailer RCE
This exercise covers a remote code execution vulnerability in PHPMailer
 < 1 Hr. medium 3810 PRO
Cipher block chaining Crypto
This exercise details how to tamper with data encrypted using CBC
 1-2 Hr. medium 2986 PRO
Struts s2-045
This exercise covers a Remote Code Execution in Struts 2.
 < 1 Hr. medium 2826 PRO
CVE-2016-2098
This exercise covers a remote code execution vulnerability in Ruby-on-Rails when using render on user-supplied data
 < 1 Hr. medium 3721 PRO
CVE-2014-4511: Gitlist RCE
This exercise explains how you can exploit a vulnerability published in 2014 in Gitlist.
 < 1 Hr. medium 13 FREE
ECDSA Crypto
This exercise covers the exploitation of a weakness in the usage of ECDSA
 2-4 Hr. hard 365 PRO
Werkzeug DEBUG
This challenge was written for Ruxcon CTF 2015 and cover the Debug mode of Werkzeug/Flask
 < 1 Hr. medium 1620 PRO
Padding Oracle
This exercise covers an attack against CBC mode. This attack can be used to decrypt data and re-encrypt arbitrary data
 1-2 Hr. medium 850 FREE
Unickle
This challenge was written for Ruxcon CTF 2015. It's an SQL injection mixed with a remote code execution.
 1-2 Hr. hard 679 PRO
CVE-2015-3224
This exercise is a challenge written for Nullcon CTF in 2015
 < 1 Hr. medium 1634 PRO
Luhn
This challenge was written for Ruxcon CTF 2015. It's an SQL injection with a twist
 2-4 Hr. hard 627 PRO
Introduction 00
This exercise will guide you through the process of scoring on an exercise to get it marked as completed
 < 1 Hr. easy 31707 PRO
Introduction 01
This exercise will guide through the process of scoring an exercise to mark it as completed
 < 1 Hr. easy 30645 PRO
Introduction 02
This exercise will guide through the process of scoring an exercise to mark it as completed. Finding the key is just a little bit harder than the previous exercise.
 < 1 Hr. easy 30236 PRO
Introduction 03
This exercise will guide through the process of scoring an exercise to mark it as completed. However, this time, you will run commands on the underlying operating system. You will need to run the score command with your UUID.
 < 1 Hr. easy 29548 PRO
CVE-2013-0156: Rails Object Injection
This exercise covers the exploitation of a code execution in Ruby-on-Rails using XML and YAML.
 < 1 Hr. medium 4060 PRO
JWT Algorithm Confusion JWT
This exercise covers the exploitation of an issue with some implementations of JWT
 1-2 Hr. medium 3856 PRO
1 20 21 22 23 24 25
Showing 661–690 of 722 exercises