This badge is an extension of the yellow badge and covers complex attacks
- Java/Struts
- Completed by 330 students
S2-052
This exercise covers the exploitation of the Struts S2-052 vulnerability
- Completed by 309 students
JWT VII
This exercise covers the exploitation of a website using JWT for session without verifying the signature
- 1 video
- Completed by 381 students
Git Information Leak
This exercise details how to retrieve information from an exposed .git directory on a web server
- Completed by 246 students
Git Information Leak II
This exercise details how to retrieve information from an exposed .git directory on a web server. This time, the directly listing is disabled
- 1 video
- Completed by 128 students
CBC-MAC II
This exercise covers the exploitation of an application using CBC-MAC when an attacker has control over the IV
- 1 video
- Completed by 133 students
CVE-2018-0114
This exercise details the exploitation of a vulnerability in Cisco's node-jose, a JavaScript library created to manage JWT