Login
Register
Introduction 00 (next)
Course
Videos
Scoring
Introduction Badge
Introduction Badge (next)
Badges
Introduction
0 / 4
Unix
0 / 35
Essential
0 / 60
PCAP badge
0 / 35
HTTP
0 / 43
White
0 / 6
Serialize
0 / 5
Yellow
0 / 7
Blue
0 / 11
Green
0 / 16
Orange
0 / 15
Intercept
0 / 5
Authentication / Authorization
0 / 21
Android
0 / 8
Capture-The-Flag
0 / 6
Brown
0 / 26
Recon
0 / 27
API
0 / 19
Media
0 / 16
Code Review
0 / 107
Java Serialize
0 / 11
Login
Register
Authentication / Authorization Badge
108
Completed
39
Videos
21
Exercises
Easy
OAuth2: Authorization Server CSRF
This exercise covers the exploitation of a CSRF in the Authorization server
2 videos
Completed by 857 students
Takes Between 1 and 2 hours on average
Ruby-On-Rails
Easy
SAML: Introduction
This exercise covers the exploitation of a signature stripping vulnerability in SAML
2 videos
Completed by 2047 students
Takes Less than an hour on average
RoR
Easy
SAML: Comment Injection
This exercise covers the exploitation of a comment injection vulnerability in SAML
2 videos
Completed by 1112 students
Takes Less than an hour on average
Ruby on Rails
Easy
SAML: Signature Stripping
This exercise covers the exploitation of a signature stripping vulnerability in SAML
2 videos
Completed by 1484 students
Takes Less than an hour on average
RoR
Medium
OAuth2: Client CSRF
This exercise covers the exploitation of a CSRF in the OAuth2 Client
2 videos
Completed by 734 students
Takes Less than an hour on average
Ruby-On-Rails
Medium
OAuth2: Client CSRF II
This exercise covers the exploitation of a CSRF in the OAuth2 Client
2 videos
Completed by 355 students
Takes Between 2 and 4 hours on average
Ruby-On-Rails
Medium
SAML: Known Key
This exercise covers the exploitation of a known key in SAML
3 videos
Completed by 294 students
Takes Between 1 and 2 hours on average
Ruby on Rails
Medium
SAML: Trusted Embedded Key
This exercise covers the exploitation of a service provider (SP) that doesn't check the certificate provided in the SAMLResponse
2 videos
Completed by 301 students
Takes Less than an hour on average
Ruby on Rails
Medium
SAML: SAMLResponse forwarding
This exercise covers how one can pass the SAMLResponse from one Service Provider to another Service Provider.
Completed by 284 students
Takes Less than an hour on average
Ruby on Rails
Medium
OAuth2: State Fixation
This exercise covers the exploitation of a state fixation in the OAuth2 Client
2 videos
Completed by 259 students
Takes Between 1 and 2 hours on average
Ruby-On-Rails
Medium
SAML: Comment Injection II
This exercise covers the exploitation of a comment injection vulnerability in SAML
2 videos
Completed by 329 students
Takes Less than an hour on average
Ruby on Rails
Medium
OAuth2: Authorization Server XSS
This exercise covers the exploitation of a XSS in the Authorization server
2 videos
Completed by 218 students
Takes Less than an hour on average
Ruby-On-Rails
Medium
OAuth2: Authorization Server OpenRedirect
This exercise covers the exploitation of an OpenRedirect in the Authorization Server
3 videos
Completed by 759 students
Takes Less than an hour on average
Ruby-On-Rails
Medium
OAuth2: Client OpenRedirect
This exercise covers the exploitation of an OpenRedirect in the OAuth2 Client
2 videos
Completed by 663 students
Takes Less than an hour on average
Ruby-On-Rails
Hard
OAuth2: Github HTTP HEAD
This exercise covers the exploitation of the HTTP HEAD issue impacting Github in 2019
2 videos
Completed by 353 students
Takes Between 1 and 2 hours on average
Ruby-On-Rails
Hard
OAuth2: Client Server XSS
This exercise covers the exploitation of a Cross-Site Scripting in the OAuth2 Client Server
2 videos
Completed by 248 students
Takes Between 1 and 2 hours on average
Ruby-On-Rails
Hard
OAuth2: Predictable State
This exercise covers the exploitation of predictable state in the OAuth2 Client
2 videos
Completed by 195 students
Takes Between 2 and 4 hours on average
Ruby-On-Rails
Hard
OAuth2: Predictable State II
This exercise covers the exploitation of predictable state in the OAuth2 Client
2 videos
Completed by 177 students
Takes Between 1 and 2 hours on average
Ruby-On-Rails
Hard
SAML: Signature Wrapping
This exercise covers how one can use Signature Wrapping to become arbitrary users.
1 video
Completed by 323 students
Takes Less than an hour on average
Ruby on Rails
Hard
SAML: Signature Wrapping II
This exercise covers how one can use Signature Wrapping to become arbitrary users.
Completed by 245 students
Takes Less than an hour on average
Ruby on Rails
Hard
OAuth2: Authorization Server XSS II
This exercise covers the exploitation of a XSS in the Authorization server
2 videos
Completed by 169 students
Takes Less than an hour on average
Ruby-On-Rails