Login
Register
Introduction 00 (next)
Course
Videos
Scoring
Introduction Badge
Introduction Badge (next)
Badges
Introduction
0 / 4
Unix
0 / 35
Essential
0 / 60
PCAP badge
0 / 35
HTTP
0 / 43
White
0 / 6
Serialize
0 / 5
Yellow
0 / 7
Blue
0 / 11
Green
0 / 16
Orange
0 / 15
Intercept
0 / 5
Authentication / Authorization
0 / 21
Android
0 / 8
Capture-The-Flag
0 / 6
Brown
0 / 26
Recon
0 / 27
API
0 / 19
Media
0 / 18
Code Review
0 / 107
Java Serialize
0 / 11
Java Code Review
0 / 36
Login
Register
Authentication / Authorization Badge
145
Completed
46
Videos
21
Exercises
Easy
OAuth2: Authorization Server CSRF
This exercise covers the exploitation of a CSRF in the Authorization server
2 videos
Completed by 960 students
Takes 1-2 Hrs. on average
Ruby-On-Rails
CWE-352
Easy
SAML: Introduction
This exercise covers the exploitation of a signature stripping vulnerability in SAML
3 videos
Completed by 2274 students
Takes < 1 Hr. on average
RoR
Easy
SAML: Comment Injection
This exercise covers the exploitation of a comment injection vulnerability in SAML
2 videos
Completed by 1289 students
Takes < 1 Hr. on average
Ruby on Rails
Easy
SAML: Signature Stripping
This exercise covers the exploitation of a signature stripping vulnerability in SAML
3 videos
Completed by 1660 students
Takes < 1 Hr. on average
RoR
Medium
OAuth2: Client CSRF
This exercise covers the exploitation of a CSRF in the OAuth2 Client
2 videos
Completed by 827 students
Takes < 1 Hr. on average
Ruby-On-Rails
CWE-352
Medium
OAuth2: Client CSRF II
This exercise covers the exploitation of a CSRF in the OAuth2 Client
2 videos
Completed by 411 students
Takes 2-4 Hrs. on average
Ruby-On-Rails
CWE-352
Medium
SAML: Known Key
This exercise covers the exploitation of a known key in SAML
3 videos
Completed by 409 students
Takes 1-2 Hrs. on average
Ruby on Rails
Medium
SAML: Trusted Embedded Key
This exercise covers the exploitation of a service provider (SP) that doesn't check the certificate provided in the SAMLResponse
2 videos
Completed by 395 students
Takes < 1 Hr. on average
Ruby on Rails
Medium
SAML: SAMLResponse forwarding
This exercise covers how one can pass the SAMLResponse from one Service Provider to another Service Provider.
1 video
Completed by 370 students
Takes < 1 Hr. on average
Ruby on Rails
Medium
OAuth2: State Fixation
This exercise covers the exploitation of a state fixation in the OAuth2 Client
2 videos
Completed by 311 students
Takes 1-2 Hrs. on average
Ruby-On-Rails
Medium
SAML: Comment Injection II
This exercise covers the exploitation of a comment injection vulnerability in SAML
3 videos
Completed by 427 students
Takes < 1 Hr. on average
Ruby on Rails
Medium
OAuth2: Authorization Server XSS
This exercise covers the exploitation of a XSS in the Authorization server
2 videos
Completed by 267 students
Takes < 1 Hr. on average
Ruby-On-Rails
Medium
OAuth2: Authorization Server OpenRedirect
This exercise covers the exploitation of an OpenRedirect in the Authorization Server
3 videos
Completed by 841 students
Takes < 1 Hr. on average
Ruby-On-Rails
Medium
OAuth2: Client OpenRedirect
This exercise covers the exploitation of an OpenRedirect in the OAuth2 Client
2 videos
Completed by 727 students
Takes < 1 Hr. on average
Ruby-On-Rails
Hard
OAuth2: Github HTTP HEAD
This exercise covers the exploitation of the HTTP HEAD issue impacting Github in 2019
2 videos
Completed by 394 students
Takes 1-2 Hrs. on average
Ruby-On-Rails
Hard
OAuth2: Client Server XSS
This exercise covers the exploitation of a Cross-Site Scripting in the OAuth2 Client Server
2 videos
Completed by 298 students
Takes 1-2 Hrs. on average
Ruby-On-Rails
Hard
OAuth2: Predictable State
This exercise covers the exploitation of predictable state in the OAuth2 Client
2 videos
Completed by 235 students
Takes 2-4 Hrs. on average
Ruby-On-Rails
Hard
OAuth2: Predictable State II
This exercise covers the exploitation of predictable state in the OAuth2 Client
2 videos
Completed by 217 students
Takes 1-2 Hrs. on average
Ruby-On-Rails
Hard
SAML: Signature Wrapping
This exercise covers how one can use Signature Wrapping to become arbitrary users.
2 videos
Completed by 411 students
Takes < 1 Hr. on average
Ruby on Rails
Hard
SAML: Signature Wrapping II
This exercise covers how one can use Signature Wrapping to become arbitrary users.
2 videos
Completed by 321 students
Takes < 1 Hr. on average
Ruby on Rails
Hard
OAuth2: Authorization Server XSS II
This exercise covers the exploitation of a XSS in the Authorization server
2 videos
Completed by 210 students
Takes < 1 Hr. on average
Ruby-On-Rails