Penetration Testing, Security Code Review and Web App Security Exercises

Free PRO CVE Easy Medium Hard XSS Code Review API SSRF HTTP RECON CSRF SQLi

Exercise	Avg. Time	Solved by	Tier
CVE-2026-24895: FrankenPHP Path Confusion RCE using Unicode	< 1 Hr.	15	PRO
SAML: CVE-2025-25291 This exercise covers the exploitation of CVE-2025-25291 (impacting ruby-saml)	2-4 Hr.	17	PRO
SAML: CVE-2025-29775 Signed Metadata This exercise covers the exploitation of CVE-2025-29775 (impacting xml-crypto) without XMLResponse	2-4 Hr.	13	PRO
SAML: CVE-2025-29775 This exercise covers the exploitation of CVE-2025-29775 (impacting xml-crypto)	1-2 Hr.	20	PRO
JSON Web Token XV: CVE-2022-39227 JWT This exercise covers the exploitation of polyglot token against python_jwt (CVE-2022-39227)	< 1 Hr.	41	PRO
JWT Algorithm Confusion with ECDSA Public Key Recovery JWT This exercise covers the exploitation of algorithm confusion when no public key is available with a ECDSA key	1-2 Hr.	42	PRO
OAuth2: Authorization Server XSS II This exercise covers the exploitation of an XSS in an OAuth2 Authorization Server	< 1 Hr.	285	PRO
JWT Algorithm Confusion with RSA Public Key Recovery JWT This exercise covers the exploitation of algorithm confusion when no public key is available	< 1 Hr.	218	PRO
SAML: Signature Wrapping II This exercise covers how to use Signature Wrapping to become an arbitrary user	< 1 Hr.	493	PRO
SAML: Signature Wrapping This exercise covers how to use Signature Wrapping to become an arbitrary user	< 1 Hr.	597	PRO
OAuth2: Predictable State II This exercise covers the exploitation of a predictable state in an OAuth2 Client	1-2 Hr.	280	PRO
OAuth2: Predictable State This exercise covers the exploitation of a predictable state in an OAuth2 Client	2-4 Hr.	302	PRO
OAuth2: Client Server XSS This exercise covers the exploitation of a Cross-Site Scripting in an OAuth2 Client and Server	1-2 Hr.	381	PRO
OAuth2: Github HTTP HEAD This exercise covers the exploitation of the HTTP HEAD issue impacting Github in 2019	< 1 Hr.	465	PRO
JWT XII JWT This exercise covers how to use the x5u header to bypass an authentication based on JWT.	1-2 Hr.	702	PRO
JWT XI JWT This exercise covers how to use the jku header to bypass an authentication based on JWT.	1-2 Hr.	695	PRO
JWT X JWT This exercise covers how to use the jku header to bypass an authentication based on JWT.	< 1 Hr.	790	PRO
JWT IX JWT This exercise covers how to use the jku header to bypass an authentication based on JWT.	< 1 Hr.	918	PRO
Gogs RCE II This exercise covers how to get code execution against the Git self hosted tool: Gogs.	< 1 Hr.	616	PRO
JWT VIII JWT This exercise covers how to use the jku header to bypass an authentication based on JWT.	1-2 Hr.	995	PRO
Gogs RCE This exercise covers how to get code execution against the Git self hosted tool: Gogs.	1-2 Hr.	689	PRO
Android 07 This exercise will guide you through the process of reversing a simple obfuscated Android code to recover the encrypted data	1-2 Hr.	1493	PRO
Android 08 This exercise will guide you through the process of reversing a simple obfuscated Android code to recover the encrypted data	1-2 Hr.	1416	PRO
Android 06 This exercise will guide you through the process of reversing a simple obfuscated Android code to recover the encrypted data	< 1 Hr.	1743	PRO
From SQL injection to Shell III SQL Injection This exercise covers how to gain access to an administration interface using SQL injection followed by how to get command execution using ImageTragick	1-2 Hr.	1148	PRO
IDOR to Shell This exercise covers how to get code execution by chaining vulnerabilities in a Ruby-on-Rails application	1-2 Hr.	1083	PRO
ECDSA Crypto This exercise covers the exploitation of a weakness in the usage of ECDSA	2-4 Hr.	369	PRO
Unickle This challenge was written for Ruxcon CTF 2015. It's an SQL injection mixed with a remote code execution.	1-2 Hr.	683	PRO
Luhn This challenge was written for Ruxcon CTF 2015. It's an SQL injection with a twist	2-4 Hr.	632	PRO
CVE-2014-1266 This exercise covers how to intercept an HTTPs connection	1-2 Hr.	1078	PRO

‹ 1 2 ›

Showing 1–30 of 32 exercises