Exercises
| Exercise | Avg. Time | Difficulty | Solved by | Tier | |
|---|---|---|---|---|---|
|
CVE-2023-2X8X1
This challenge covers the review of a CVE in a Java codebase and its patch
|
< 1 Hr. |  |
208 | PRO |
|
|
CVE-2022-378xx
This challenge covers the review of a CVE in a Java codebase and its patch
|
< 1 Hr. |  |
392 | PRO |
|
|
CVE-2022-x0x09
This challenge covers the review of a CVE in a Java codebase and its patch
|
< 1 Hr. | |
228 | PRO |
|
|
CVE-2018-8x14
This challenge covers the review of a CVE in a Java codebase and its patch
|
2-4 Hr. | |
158 | PRO |
|
|
CVE-2014-X80X
This challenge covers the review of a CVE in a Java codebase and its patch
|
< 1 Hr. | |
198 | PRO |
|
|
CVE-2015-3XX0
This challenge covers the review of a CVE in a Java codebase and its patch
|
< 1 Hr. | |
180 | PRO |
|
|
CVE-2022-458X1
This challenge covers the review of a CVE in a Java codebase and its patch
|
< 1 Hr. | |
237 | PRO |
|
SAML: CVE-2021-21239
This exercise covers the exploitation of CVE-2021-21239 (PySAML2)
|
1-2 Hr. | |
128 | PRO |
|
|
CVE-2022-393XX
This challenge covers the review of a CVE in a Java codebase and its patch
|
< 1 Hr. | |
195 | PRO |
|
|
CVE-2023-2XX60
This challenge covers the review of a CVE in a Java codebase and its patch
|
< 1 Hr. | |
190 | PRO |
|
|
CVE-2023-2XX61
This challenge covers the review of a CVE in a Java codebase and its patch
|
< 1 Hr. | |
201 | PRO |
|
|
CVE-2021-22204: Exiftool RCE II
This exercise covers how you can gain code execution when an application uses exiftool on user-controlled files
|
< 1 Hr. | |
84 | PRO |
|
|
CVE-2022-39224
This exercise covers the exploitation of CVE-2022-39224
|
1-2 Hr. | |
106 | PRO |
|
|
CVE-2020-13xxx
This challenge covers the review of a CVE and its patch
|
< 1 Hr. | |
678 | PRO |
|
|
CVE-2008-5x8x
This challenge covers the review of a CVE and its patch
|
< 1 Hr. | |
851 | PRO |
|
|
CVE-2022-3x7x1
This challenge covers the review of a CVE and its patch
|
< 1 Hr. | |
776 | PRO |
|
|
CVE-2019-5x2x
This challenge covers the review of a CVE and its patch
|
< 1 Hr. | |
621 | PRO |
|
|
CVE-2022-26xx9
This challenge covers a vulnerable snippet in a real Java application
|
< 1 Hr. | |
629 | PRO |
|
|
CVE-2008-5x8x_ii
This challenge covers the review of a CVE and its patch
|
< 1 Hr. | |
649 | PRO |
|
|
CVE-2005-2x8x
This challenge covers the review of a CVE and its patch
|
< 1 Hr. |  |
646 | PRO |
|
|
CVE-2022-21449
JWT
This exercise covers the exploitation of CVE-2022-21449 against a Java Application relying on JWT
|
< 1 Hr. | |
183 | PRO |
|
|
CVE-2021-33564 Argument Injection in Ruby Dragonfly
This exercise covers how you can get arbitrary file read using CVE-2021-33564 against Refinery CMS
|
< 1 Hr. | |
151 | PRO |
|
|
CVE-2021-45xx9
This challenge covers a vulnerable snippet in a real Python application
|
< 1 Hr. | |
790 | PRO |
|
|
CVE-2021-39x3x
This challenge covers the review of a CVE and its patch
|
< 1 Hr. | |
653 | PRO |
|
|
CVE-2022-21724: JDBC RCE PostgreSQL
This challenge covers how to gain code execution by leveraging a JDBC connection string with PostgreSQL
|
< 1 Hr. | |
194 | PRO |
|
|
CVE-2009-3x8x
This challenge covers the review of a CVE and its patch
|
< 1 Hr. | |
806 | PRO |
|
|
CVE-2021-381xx
This challenge covers the review of a CVE and its patch
|
< 1 Hr. | |
684 | PRO |
|
|
CVE-2008-4x9x
This challenge covers the review of a CVE and its patch
|
< 1 Hr. | |
756 | PRO |
|
|
CVE-2021-4379x
This challenge covers the review of a CVE and its patch
|
< 1 Hr. | |
755 | PRO |
|
|
CVE-2021-4xx50
This challenge covers the review of a CVE and its patch
|
< 1 Hr. | |
840 | PRO |
Showing 121–150 of 188 exercises
Free Labs of the Month
