Exercises
| Exercise | Avg. Time | Difficulty | Solved by | Tier | |
|---|---|---|---|---|---|
|
SQL Injection 06
SQL Injection
This exercise is one of our challenges on SQL Injections
|
< 1 Hr. |  |
9616 | PRO |
|
XML Attacks 01
This exercise is one of our challenges on vulnerabilities related to XML processing
|
< 1 Hr. | |
9237 | PRO |
|
|
XML Attacks 02
This exercise is one of our challenges on vulnerabilities related to XML processing
|
< 1 Hr. | |
8729 | PRO |
|
|
SQL Injection 04
SQL Injection
This exercise is one of our challenges on SQL Injections
|
< 1 Hr. | |
10225 | PRO |
|
|
Command Execution 02
This exercise is one of our challenges on Command Execution
|
< 1 Hr. | |
11695 | PRO |
|
|
Open Redirect 01
This exercise is one of our challenges on Open Redirect
|
< 1 Hr. | |
10254 | PRO |
|
|
Open Redirect 02
This exercise is one of our challenges on Open Redirect
|
< 1 Hr. | |
9924 | PRO |
|
|
MongoDB Injection 01
This exercise is one of our challenges on vulnerabilities related to MongoDB
|
< 1 Hr. | |
10326 | PRO |
|
XSS 09
XSS
This exercise is one of our challenges on Cross-Site Scripting
|
< 1 Hr. | |
9411 | PRO |
|
|
XSS 10
XSS
This exercise is one of our challenges on Cross-Site Scripting
|
< 1 Hr. | |
8709 | PRO |
|
|
XSS 03
XSS
This exercise is one of our challenges on Cross-Site Scripting
|
< 1 Hr. | |
10728 | PRO |
|
|
XSS 05
XSS
This exercise is one of our challenges on Cross-Site Scripting
|
< 1 Hr. | |
9936 | PRO |
|
|
XSS 06
XSS
This exercise is one of our challenges on Cross-Site Scripting
|
< 1 Hr. | |
9829 | PRO |
|
|
XSS 07
XSS
This exercise is one of our challenges on Cross-Site Scripting
|
< 1 Hr. | |
9660 | PRO |
|
|
XSS 08
XSS
This exercise is one of our challenges on Cross-Site Scripting
|
< 1 Hr. | |
9503 | PRO |
|
|
Authentication 05
This exercise is one of our challenges on Authentication issues
|
< 1 Hr. | |
17894 | PRO |
|
|
Code Execution 03
This exercise is one of our challenges on Code Execution
|
< 1 Hr. | |
13372 | PRO |
|
|
Code Execution 04
This exercise is one of our challenges on Code Execution
|
< 1 Hr. | |
13106 | PRO |
|
|
File Include 01
This exercise is one of our challenges on File Include vulnerabilities
|
< 1 Hr. | |
11326 | PRO |
|
|
LDAP 02
This exercise is one of our challenges on vulnerabilities related to LDAP
|
< 1 Hr. | |
10497 | PRO |
|
CVE-2016-10033: PHPMailer RCE
This exercise covers a remote code execution vulnerability in PHPMailer
|
< 1 Hr. | |
3823 | PRO |
|
|
Cipher block chaining
Crypto
This exercise details how to tamper with data encrypted using CBC
|
1-2 Hr. | |
3013 | PRO |
|
|
Struts s2-045
This exercise covers a Remote Code Execution in Struts 2.
|
< 1 Hr. | |
2836 | PRO |
|
|
CVE-2016-2098
This exercise covers a remote code execution vulnerability in Ruby-on-Rails when using render on user-supplied data
|
< 1 Hr. | |
3736 | PRO |
|
|
CVE-2014-4511: Gitlist RCE
This exercise explains how you can exploit a vulnerability published in 2014 in Gitlist.
|
< 1 Hr. | |
15 | FREE |
|
|
Werkzeug DEBUG
This challenge was written for Ruxcon CTF 2015 and cover the Debug mode of Werkzeug/Flask
|
< 1 Hr. | |
1626 | PRO |
|
|
Padding Oracle
This exercise covers an attack against CBC mode. This attack can be used to decrypt data and re-encrypt arbitrary data
|
1-2 Hr. | |
854 | FREE |
|
|
CVE-2015-3224
This exercise is a challenge written for Nullcon CTF in 2015
|
< 1 Hr. | |
1641 | PRO |
|
|
CVE-2013-0156: Rails Object Injection
This exercise covers the exploitation of a code execution in Ruby-on-Rails using XML and YAML.
|
< 1 Hr. | |
4069 | PRO |
|
|
JWT Algorithm Confusion
JWT
This exercise covers the exploitation of an issue with some implementations of JWT
|
1-2 Hr. | |
3872 | PRO |
Showing 211–240 of 260 exercises
Free Labs of the Month
