Blue Badge
This badge is an extension of the yellow badge and covers complex attacks
11
Exercises
145
Completed this badge
13
CPEs
S2-052
This exercise covers the exploitation of the Struts S2-052 vulnerability
Difficulty: EASY- Java/Struts
- Completed by 409 students
- Takes Less than an hour on average
JWT VII
This exercise covers the exploitation of a website using JWT for session without verifying the signature
Difficulty: EASY- Completed by 407 students
- Takes Less than an hour on average
Git Information Leak
This exercise details how to retrieve information from an exposed .git directory on a web server
Difficulty: EASY- 1 video
- Completed by 482 students
- Takes Less than an hour on average
Git Information Leak II
This exercise details how to retrieve information from an exposed .git directory on a web server. This time, the directly listing is disabled
Difficulty: EASY- Completed by 322 students
- Takes Less than an hour on average
CBC-MAC II
This exercise covers the exploitation of an application using CBC-MAC when an attacker has control over the IV
Difficulty: MEDIUM- 1 video
- Completed by 183 students
- Takes Between 1 and 2 hours on average
CVE-2018-0114
This exercise details the exploitation of a vulnerability in Cisco's node-jose, a JavaScript library created to manage JWT
Difficulty: HARD- 1 video
- Completed by 193 students
- Takes Between 2 and 4 hours on average