- GraphQL/Node/Angular
- Completed by 50 students
GraphQL Introspection
This exercise covers how to use introspection to get access to additional information in GraphQL.
- Ruby/Sinatra
- Completed by 36 students
Ruby 2.x Universal RCE Deserialization Gadget Chain
This exercise covers how to get code execution by using a Ruby Universal Gadget when an attacker controls the data passed to Marshal.load()
- GraphQL/Node/Angular/SQLite3
- Completed by 0 students
GraphQL: SQL Injection Coming soon
This exercise covers how to use introspection and a SQL injection to get access to additional information in GraphQL.
- Ruby-on-Rails
- Completed by 29 students
From SQL injection to Shell III
This exercise covers how to gain access to an administration interface using SQL injection followed by how to get command execution using ImageTragick
- Ruby
- Completed by 0 students
Length Extension Attack Coming soon
This exercise covers how to use a length extension attack to exploit a directory traversal vulnerability
- Golang
- Completed by 10 students
Gogs RCE
This exercise covers how to get code execution against the Git self hosted tool: Gogs.
- Golang
- Completed by 3 students
Gogs RCE II
This exercise covers how to get code execution against the Git self hosted tool: Gogs.
- Ruby/Sinatra
- Completed by 0 students
JWT XII Coming soon
This exercise covers how to use the jku header to bypass an authentication based on JWT.
- Ruby-on-Rails
- Completed by 19 students
IDOR to Shell
This exercise covers how to get code execution by chaining vulnerabilities in a Ruby-on-Rails application
- Ruby/Sinatra
- Completed by 0 students
JWT X Coming soon
This exercise covers how to use the jku header to bypass an authentication based on JWT.
- Ruby/Sinatra
- Completed by 0 students
JWT XI Coming soon
This exercise covers how to use the jku header to bypass an authentication based on JWT.