Green Badge

330 Completed
31 Videos
16 Exercises
Easy image for GraphQL Introspection

GraphQL Introspection

  • This exercise covers how to use introspection to get access to additional information in GraphQL.
  • 1 video
  • Completed by 1816 students
  • Takes Less than an hour on average
  • GraphQL/Node/Angular
Easy image for Ruby 2.x Universal RCE Deserialization Gadget Chain

Ruby 2.x Universal RCE Deserialization Gadget Chain

  • This exercise covers how to get code execution by using a Ruby Universal Gadget when an attacker controls the data passed to Marshal.load()
  • 1 video
  • Completed by 1116 students
  • Takes Less than an hour on average
  • Ruby/Sinatra
Easy image for GraphQL: SQL Injection

GraphQL: SQL Injection

  • This exercise covers how to use introspection and a SQL injection to get access to additional information in GraphQL.
  • 1 video
  • Completed by 1058 students
  • Takes Between 1 and 2 hours on average
  • GraphQL/Node/Angular/SQLite3
Medium image for CVE-2019-5420

CVE-2019-5420

  • This exercise details the exploitation of CVE-2019-5420 to forge a session as another user
  • 2 videos
  • Completed by 680 students
  • Takes Between 2 and 4 hours on average
  • Ruby-on-Rails
  • CWE-330
Hard image for From SQL injection to Shell III

From SQL injection to Shell III

  • This exercise covers how to gain access to an administration interface using SQL injection followed by how to get command execution using ImageTragick
  • 1 video
  • Completed by 872 students
  • Takes Between 1 and 2 hours on average
  • Ruby-on-Rails
  • SQL Injection
  • CWE-89
Hard image for Length Extension Attack

Length Extension Attack

  • This exercise covers how to use a length extension attack to exploit a directory traversal vulnerability
  • 1 video
  • Completed by 557 students
  • Takes Between 1 and 2 hours on average
  • Ruby
Hard image for Gogs RCE

Gogs RCE

  • This exercise covers how to get code execution against the Git self hosted tool: Gogs.
  • 3 videos
  • Completed by 517 students
  • Takes Between 1 and 2 hours on average
  • Golang
  • CWE-384
Hard image for Gogs RCE II

Gogs RCE II

  • This exercise covers how to get code execution against the Git self hosted tool: Gogs.
  • 2 videos
  • Completed by 455 students
  • Takes Less than an hour on average
  • Golang
  • CWE-94
Hard image for JWT VIII

JWT VIII

  • This exercise covers how to use the jku header to bypass an authentication based on JWT.
  • 3 videos
  • Completed by 731 students
  • Takes Between 1 and 2 hours on average
  • Ruby/Sinatra
  • jwt
  • cwe-310
Hard image for JWT IX

JWT IX

  • This exercise covers how to use the jku header to bypass an authentication based on JWT.
  • 2 videos
  • Completed by 682 students
  • Takes Less than an hour on average
  • Ruby/Sinatra
  • jwt
  • cwe-310
Hard image for JWT XII

JWT XII

  • This exercise covers how to use the x5u header to bypass an authentication based on JWT.
  • 2 videos
  • Completed by 515 students
  • Takes Between 1 and 2 hours on average
  • Ruby/Sinatra
  • jwt
  • cwe-310
Hard image for cve-2019-5420 II

cve-2019-5420 II

  • This exercise details the exploitation of CVE-2019-5420 to gain code execution
  • 2 videos
  • Completed by 421 students
  • Takes Between 1 and 2 hours on average
Hard image for CVE-2019-5418

CVE-2019-5418

  • This exercise details the exploitation of CVE-2019-5418 to get code execution
  • 3 videos
  • Completed by 372 students
  • Takes Between 1 and 2 hours on average
  • CWE-22
Hard image for IDOR to Shell

IDOR to Shell

  • This exercise covers how to get code execution by chaining vulnerabilities in a Ruby-on-Rails application
  • 2 videos
  • Completed by 801 students
  • Takes Between 1 and 2 hours on average
  • Ruby-on-Rails
  • CWE-639
Hard image for JWT X

JWT X

  • This exercise covers how to use the jku header to bypass an authentication based on JWT.
  • 2 videos
  • Completed by 583 students
  • Takes Less than an hour on average
  • Ruby/Sinatra
  • jwt
  • cwe-310
Hard image for JWT XI

JWT XI

  • This exercise covers how to use the jku header to bypass an authentication based on JWT.
  • 3 videos
  • Completed by 513 students
  • Takes Between 1 and 2 hours on average
  • Ruby/Sinatra
  • jwt
  • cwe-310