Exercises

Exercise Avg. Time Difficulty Solved by Tier
Mongo IDOR IV 2-4 Hr. hard 88 PRO
Mongo IDOR III < 1 Hr. medium 200 PRO
CVE-2024-X5X87
This challenge covers the review of a CVE in a go codebase and its patch
-- hard 82 PRO
API JWT REVOCATION JWT
This exercise covers how to bypass a weak JWT Revocation Mechanism.
< 1 Hr. easy 413 PRO
CVE-2022-XX975
This challenge covers the review of a CVE in a Go codebase and its patch
< 1 Hr. hard 87 PRO
Puzzle 06
Leverage a weak implementation of lowercase to access arbitrary files
< 1 Hr. hard 20 PRO
Puzzle 07
Leverage a weak implementation of lowercase to access arbitrary files
1-2 Hr. hard 20 PRO
API 18
This exercise covers how to exploit an authorization issue in an API.
< 1 Hr. medium 497 PRO
API 19
This exercise covers how to exploit an authorization issue in an API.
< 1 Hr. medium 486 PRO
API 20
This exercise covers how to exploit an authorization issue in an API.
< 1 Hr. medium 466 PRO
API 16
This exercise covers how to exploit an authorization issue in an API.
< 1 Hr. medium 438 PRO
API 17
This exercise covers how to exploit an authorization issue in an API.
< 1 Hr. medium 408 PRO
GraphQL Authorization 01
This exercise covers a simple authorization issue in a GraphQL application.
< 1 Hr. easy 375 PRO
GraphQL Authorization 02
This exercise covers a simple authorization issue in a GraphQL application.
< 1 Hr. easy 386 PRO
Golang Code Review #03
This challenge covers the review of a snippet of code written in Golang.
< 1 Hr. easy 133 PRO
Golang Code Review #01
This challenge covers the review of a snippet of code written in Golang.
< 1 Hr. easy 173 PRO
CVE-2024-X90X6
This challenge covers the review of a CVE in a Golang codebase and its patch
< 1 Hr. hard 110 PRO
CVE-2022-X10X8
This challenge covers the review of a CVE in a Golang codebase and its patch
1-2 Hr. hard 131 PRO
CVE-2022-2X8XX
This challenge covers the review of a CVE in a Golang codebase and its patch
< 1 Hr. hard 144 PRO
ORM LEAK: SQLite
This exercise covers how to exploit an ORM leak vulnerability
1-2 Hr. medium 121 PRO
CVE-2024-2791X
This challenge covers the review of a CVE in a Golang codebase and its patch
2-4 Hr. hard 98 PRO
CVE-2023-51XX2
This challenge covers the review of a CVE in a Golang codebase and its patch
< 1 Hr. hard 112 PRO
CVE-2022-X87X
This challenge covers the review of a CVE in a Golang codebase and its patch
-- hard 109 PRO
ORM LEAK 02
This exercise covers how to exploit an ORM leak vulnerability
< 1 Hr. medium 192 PRO
Puzzle 05
Authentication Bypass using an SQL injection without or 1=1
1-2 Hr. hard 34 PRO
CVE-2024-X3X06
This challenge covers the review of a CVE in a Go codebase and its patch
< 1 Hr. hard 94 PRO
CVE-2023-X5821
This challenge covers the review of a CVE in a Go codebase and its patch
< 1 Hr. hard 88 PRO
CVE-2022-2X24X
This challenge covers the review of a CVE in a Java codebase and its patch
< 1 Hr. hard 205 PRO
CVE-2022-4x3x5
This challenge covers the review of a CVE in a Java codebase and its patch
< 1 Hr. hard 155 PRO
CVE-2023-3X4X6
This challenge covers the review of a CVE in a Java codebase and its patch
< 1 Hr. hard 182 PRO
1 2 3 4 5 6 7 24
Showing 91–120 of 713 exercises