Exercises
| Exercise | Avg. Time | Difficulty | Solved by | Tier | |
|---|---|---|---|---|---|
|
CVE-2022-4504x
This challenge covers the review of a CVE in a Java codebase and its patch
|
< 1 Hr. |  |
233 | PRO |
|
|
CVE-2006-6X6X
This challenge covers the review of a CVE in a Java codebase and its patch
|
< 1 Hr. | |
191 | PRO |
|
|
CVE-2011-XX61
This challenge covers the review of a CVE in a Java codebase and its patch
|
< 1 Hr. | |
173 | PRO |
|
|
CVE-2007-546X
This challenge covers the review of a CVE in a Java codebase and its patch
|
< 1 Hr. | |
186 | PRO |
|
Java Serialize 03
This exercise is one of our challenges to help you learn Java Serialisation exploitation
|
< 1 Hr. |  |
152 | PRO |
|
|
Java Serialize 02
This exercise is one of our challenges to help you learn Java Serialisation exploitation
|
< 1 Hr. | |
184 | PRO |
|
|
CVE-2014-7X09
This challenge covers the review of a CVE in a Java codebase and its patch
|
1-2 Hr. | |
247 | PRO |
|
|
CVE-2018-XX34
This challenge covers the review of a CVE in a Java codebase and its patch
|
< 1 Hr. | |
230 | PRO |
|
|
CVE-2020-9X8X
This challenge covers the review of a CVE in a Java codebase and its patch
|
< 1 Hr. | |
293 | PRO |
|
|
CVE-2009-26X3
This challenge covers the review of a CVE in a Java codebase and its patch
|
< 1 Hr. | |
212 | PRO |
|
|
CVE-2022-X41X9
This challenge covers the review of a CVE in a Java codebase and its patch
|
< 1 Hr. | |
165 | PRO |
|
|
CVE-2012-5XX3
This challenge covers the review of a CVE in a Java codebase and its patch
|
< 1 Hr. | |
180 | PRO |
|
|
CVE-2022-357X1
This challenge covers the review of a CVE in a Java codebase and its patch
|
< 1 Hr. | |
195 | PRO |
|
|
CVE-2023-30XX1
This challenge covers the review of a CVE in a Java codebase and its patch
|
< 1 Hr. | |
215 | PRO |
|
|
CVE-2023-2X8X1
This challenge covers the review of a CVE in a Java codebase and its patch
|
< 1 Hr. | |
208 | PRO |
|
SAML: PySAML2 SSRF
This exercise covers the exploitation of a SSRF in PySAML2
|
< 1 Hr. | |
277 | PRO |
|
|
CVE-2022-378xx
This challenge covers the review of a CVE in a Java codebase and its patch
|
< 1 Hr. | |
392 | PRO |
|
|
CVE-2022-x0x09
This challenge covers the review of a CVE in a Java codebase and its patch
|
< 1 Hr. | |
228 | PRO |
|
|
CVE-2018-8x14
This challenge covers the review of a CVE in a Java codebase and its patch
|
2-4 Hr. | |
158 | PRO |
|
|
JWT Algorithm Confusion with ECDSA Public Key Recovery
JWT
This exercise covers the exploitation of algorithm confusion when no public key is available with a ECDSA key
|
1-2 Hr. |  |
42 | PRO |
|
|
CVE-2022-458X1
This challenge covers the review of a CVE in a Java codebase and its patch
|
< 1 Hr. | |
237 | PRO |
|
|
CVE-2015-3XX0
This challenge covers the review of a CVE in a Java codebase and its patch
|
< 1 Hr. | |
180 | PRO |
|
|
CVE-2014-X80X
This challenge covers the review of a CVE in a Java codebase and its patch
|
< 1 Hr. | |
198 | PRO |
|
SAML: CVE-2021-21239
This exercise covers the exploitation of CVE-2021-21239 (PySAML2)
|
1-2 Hr. | |
128 | PRO |
|
|
CVE-2023-2XX61
This challenge covers the review of a CVE in a Java codebase and its patch
|
< 1 Hr. | |
201 | PRO |
|
|
CVE-2023-2XX60
This challenge covers the review of a CVE in a Java codebase and its patch
|
< 1 Hr. | |
190 | PRO |
|
|
CVE-2022-393XX
This challenge covers the review of a CVE in a Java codebase and its patch
|
< 1 Hr. | |
195 | PRO |
|
|
SAML: Malicious IDP
This exercise covers the creation of a malicious IDP to forge an assertion
|
2-4 Hr. | |
80 | PRO |
|
|
DOMPDF RCE IV
This exercise covers the automation of the exploitation of a vulnerability in the DOMPDF library
|
> 4 Hr. | |
29 | PRO |
|
|
SAML: Signature Wrapping III
This exercise covers the exploitation of a Signature Wrapping Issue in passport-saml (CVE-2022-39299)
|
1-2 Hr. | |
184 | PRO |
Showing 211–240 of 734 exercises
Free Labs of the Month
