Exercises
| Exercise | Avg. Time | Difficulty | Solved by | Tier | |
|---|---|---|---|---|---|
|
HTTP 20
This challenge covers how to send specific HTTP requests
|
< 1 Hr. |  |
3438 | PRO |
|
|
HTTP 18
This challenge covers how to send specific HTTP requests
|
< 1 Hr. |  |
3496 | PRO |
|
|
HTTP 19
This challenge covers how to send specific HTTP requests
|
< 1 Hr. | |
3484 | PRO |
|
|
HTTP 17
This challenge covers how to send specific HTTP requests
|
< 1 Hr. | |
3510 | PRO |
|
CVE-2020-17xx8
This challenge covers the review of a CVE and its patch
|
< 1 Hr. | |
755 | PRO |
|
CVE-2021-22204: Exiftool RCE
This exercise covers how you can gain code execution when an application uses exiftool on user-controlled files
|
1-2 Hr. |  |
181 | PRO |
|
SSRF via FFMPEG II
This exercise covers how you can read arbitrary files when an application uses ffmpeg to render videos from a video you provide
|
< 1 Hr. | |
134 | PRO |
|
API 03
API
This exercise is the API version of an exercise you already solved in another badge. You should use it to get more confident with discovering vulnerabilities without any hint on what to look for.
|
< 1 Hr. | |
2511 | PRO |
|
|
CVE-2020-11xxx
This challenge covers the review of a CVE and its patch
|
< 1 Hr. | |
775 | PRO |
|
OAuth2: Authorization Server XSS II
This exercise covers the exploitation of an XSS in an OAuth2 Authorization Server
|
< 1 Hr. | |
285 | PRO |
|
|
HTTP 11
This challenge covers how to send specific HTTP requests
|
< 1 Hr. | |
3807 | PRO |
|
|
HTTP 15
This challenge covers how to send specific HTTP requests
|
< 1 Hr. | |
3656 | PRO |
|
|
HTTP 12
This challenge covers how to send specific HTTP requests
|
< 1 Hr. | |
3756 | PRO |
|
|
HTTP 13
This challenge covers how to send specific HTTP requests
|
< 1 Hr. | |
3671 | PRO |
|
|
HTTP 14
This challenge covers how to send specific HTTP requests
|
< 1 Hr. | |
3677 | PRO |
|
|
API 02
API
This exercise is the API version of an exercise you already solved in another badge. You should use it to get more confident with discovering vulnerabilities without any hint on what to look for.
|
< 1 Hr. | |
3177 | PRO |
|
Express Local File Read
This exercise covers how an insecure call to render can be used to gain local files read with Express
|
< 1 Hr. | |
440 | PRO |
|
|
OAuth2: Authorization Server XSS
This exercise covers the exploitation of an XSS in an OAuth2 Authorization Server
|
< 1 Hr. | |
397 | PRO |
|
|
HTTP 10
This challenge covers how to send specific HTTP requests
|
< 1 Hr. | |
3893 | PRO |
|
|
HTTP 09
This challenge covers how to send specific HTTP requests
|
< 1 Hr. | |
3999 | PRO |
|
|
HTTP 07
This challenge covers how to send specific HTTP requests
|
< 1 Hr. | |
4094 | PRO |
|
|
HTTP 06
This challenge covers how to send specific HTTP requests
|
< 1 Hr. | |
4183 | PRO |
|
|
HTTP 08
This challenge covers how to send specific HTTP requests
|
< 1 Hr. | |
4083 | PRO |
|
|
HTTP 03
This challenge covers how to send specific HTTP requests
|
< 1 Hr. | |
4537 | PRO |
|
|
HTTP 04
This challenge covers how to send specific HTTP requests
|
< 1 Hr. | |
4377 | PRO |
|
|
HTTP 05
This challenge covers how to send specific HTTP requests
|
< 1 Hr. | |
4294 | PRO |
|
|
HTTP 02
This challenge covers how to send specific HTTP requests
|
< 1 Hr. | |
4774 | PRO |
|
|
HTTP 01
This challenge covers how to send specific HTTP requests
|
< 1 Hr. | |
5032 | PRO |
|
|
API 01
API
This exercise is the API version of an exercise you already solved in the Essential Badge. You should use it to get more confident with discovering vulnerabilities without any hint on what to look for.
|
< 1 Hr. | |
3703 | PRO |
|
|
JWT Algorithm Confusion with RSA Public Key Recovery
JWT
This exercise covers the exploitation of algorithm confusion when no public key is available
|
< 1 Hr. | |
218 | PRO |
Showing 391–420 of 734 exercises
Free Labs of the Month
