Penetration Testing, Security Code Review and Web App Security Exercises

Free PRO CVE Easy Medium Hard XSS Code Review API SSRF HTTP RECON CSRF SQLi

Exercise	Avg. Time	Solved by	Tier
OAuth2: Authorization Server XSS This exercise covers the exploitation of an XSS in an OAuth2 Authorization Server	< 1 Hr.	397	PRO
SVG XSS This exercise covers how to use an SVG to trigger a Cross-Site-Scripting	< 1 Hr.	1896	PRO
XSS 09 XSS This exercise is one of our challenges on Cross-Site Scripting	< 1 Hr.	9411	PRO
XSS 10 XSS This exercise is one of our challenges on Cross-Site Scripting	< 1 Hr.	8709	PRO
XSS 03 XSS This exercise is one of our challenges on Cross-Site Scripting	< 1 Hr.	10728	PRO
XSS 05 XSS This exercise is one of our challenges on Cross-Site Scripting	< 1 Hr.	9936	PRO
XSS 06 XSS This exercise is one of our challenges on Cross-Site Scripting	< 1 Hr.	9829	PRO
XSS 07 XSS This exercise is one of our challenges on Cross-Site Scripting	< 1 Hr.	9660	PRO
XSS 08 XSS This exercise is one of our challenges on Cross-Site Scripting	< 1 Hr.	9503	PRO
XSS and MySQL FILE XSS This exercise explains how to exploit a Cross-Site Scripting vulnerability to obtain an administrator's cookies, and how you can use their session to gain access to the administration panel, and find a SQL injection to gain code execution	--	0	FREE

Showing 1–10 of 10 exercises