Exercises
| Exercise | Avg. Time | Difficulty | Solved by | Tier | |
|---|---|---|---|---|---|
|
XSS Include
XSS
This exercise covers how to use Cross-Site-Scripting Include to leak information
|
< 1 Hr. |  |
1378 | PRO |
|
OAuth2: Authorization Server CSRF
This exercise covers the exploitation of a CSRF in an OAuth2 Authorization Server
|
1-2 Hr. | |
1173 | PRO |
|
GraphQL Introspection
This exercise covers how to use introspection to get access to additional information in GraphQL.
|
< 1 Hr. | |
2448 | PRO |
|
|
Android 01
This exercise will guide you through the process of extracting simple information from an APK
|
< 1 Hr. | |
4034 | PRO |
|
|
SAML: Introduction
This exercise covers the exploitation of a signature stripping vulnerability in SAML
|
< 1 Hr. | |
2992 | PRO |
|
|
Introduction 00
This exercise will guide you through the process of scoring on an exercise to get it marked as completed
|
< 1 Hr. | |
31886 | PRO |
|
|
Introduction 01
This exercise will guide through the process of scoring an exercise to mark it as completed
|
< 1 Hr. | |
30814 | PRO |
|
|
Introduction 02
This exercise will guide through the process of scoring an exercise to mark it as completed. Finding the key is just a little bit harder than the previous exercise.
|
< 1 Hr. | |
30402 | PRO |
|
|
Introduction 03
This exercise will guide through the process of scoring an exercise to mark it as completed. However, this time, you will run commands on the underlying operating system. You will need to run the score command with your UUID.
|
< 1 Hr. | |
29705 | PRO |
|
|
Intercept 01
This exercise covers how to intercept an HTTP connection.
|
1-2 Hr. | |
1847 | PRO |
|
|
JSON Web Token None Algorithm
JWT
This exercise covers the exploitation of a signature weakness in a JWT library.
|
< 1 Hr. | |
10293 | PRO |
Showing 1–11 of 11 exercises
Free Labs of the Month
