Green Badge

357 Completed
31 Videos
16 Exercises
Easy image for GraphQL Introspection

GraphQL Introspection

  • This exercise covers how to use introspection to get access to additional information in GraphQL.
  • 1 video
  • Completed by 1944 students
  • Takes < 1 Hr. on average
  • GraphQL/Node/Angular

 

Easy image for Ruby 2.x Universal RCE Deserialization Gadget Chain

Ruby 2.x Universal RCE Deserialization Gadget Chain

  • This exercise covers how to get code execution by using a Ruby Universal Gadget when an attacker controls the data passed to Marshal.load()
  • 1 video
  • Completed by 1192 students
  • Takes < 1 Hr. on average
  • Ruby/Sinatra

 

Easy image for GraphQL: SQL Injection

GraphQL: SQL Injection

  • This exercise covers how to use introspection and a SQL injection to get access to additional information in GraphQL.
  • 1 video
  • Completed by 1159 students
  • Takes 1-2 Hrs. on average
  • GraphQL/Node/Angular/SQLite3

 

Medium image for CVE-2019-5420

CVE-2019-5420

  • This exercise details the exploitation of CVE-2019-5420 to forge a session as another user
  • 2 videos
  • Completed by 727 students
  • Takes 2-4 Hrs. on average
  • Ruby-on-Rails
  • CWE-330

 

Hard image for From SQL injection to Shell III

From SQL injection to Shell III

  • This exercise covers how to gain access to an administration interface using SQL injection followed by how to get command execution using ImageTragick
  • 1 video
  • Completed by 930 students
  • Takes 1-2 Hrs. on average
  • Ruby-on-Rails
  • SQL Injection
  • CWE-89

 

Hard image for Length Extension Attack

Length Extension Attack

  • This exercise covers how to use a length extension attack to exploit a directory traversal vulnerability
  • 1 video
  • Completed by 602 students
  • Takes 1-2 Hrs. on average
  • Ruby

 

Hard image for Gogs RCE

Gogs RCE

  • This exercise covers how to get code execution against the Git self hosted tool: Gogs.
  • 3 videos
  • Completed by 551 students
  • Takes 1-2 Hrs. on average
  • Golang
  • CWE-384

 

Hard image for Gogs RCE II

Gogs RCE II

  • This exercise covers how to get code execution against the Git self hosted tool: Gogs.
  • 2 videos
  • Completed by 490 students
  • Takes < 1 Hr. on average
  • Golang
  • CWE-94

 

Hard image for JWT VIII

JWT VIII

  • This exercise covers how to use the jku header to bypass an authentication based on JWT.
  • 3 videos
  • Completed by 789 students
  • Takes 1-2 Hrs. on average
  • Ruby/Sinatra
  • jwt
  • cwe-310

 

Hard image for JWT IX

JWT IX

  • This exercise covers how to use the jku header to bypass an authentication based on JWT.
  • 2 videos
  • Completed by 735 students
  • Takes < 1 Hr. on average
  • Ruby/Sinatra
  • jwt
  • cwe-310

 

Hard image for JWT XII

JWT XII

  • This exercise covers how to use the x5u header to bypass an authentication based on JWT.
  • 2 videos
  • Completed by 555 students
  • Takes 1-2 Hrs. on average
  • Ruby/Sinatra
  • jwt
  • cwe-310

 

Hard image for cve-2019-5420 II

cve-2019-5420 II

  • This exercise details the exploitation of CVE-2019-5420 to gain code execution
  • 2 videos
  • Completed by 457 students
  • Takes 1-2 Hrs. on average

 

Hard image for CVE-2019-5418

CVE-2019-5418

  • This exercise details the exploitation of CVE-2019-5418 to get code execution
  • 3 videos
  • Completed by 404 students
  • Takes 1-2 Hrs. on average
  • CWE-22

 

Hard image for IDOR to Shell

IDOR to Shell

  • This exercise covers how to get code execution by chaining vulnerabilities in a Ruby-on-Rails application
  • 2 videos
  • Completed by 867 students
  • Takes 1-2 Hrs. on average
  • Ruby-on-Rails
  • CWE-639

 

Hard image for JWT X

JWT X

  • This exercise covers how to use the jku header to bypass an authentication based on JWT.
  • 2 videos
  • Completed by 631 students
  • Takes < 1 Hr. on average
  • Ruby/Sinatra
  • jwt
  • cwe-310

 

Hard image for JWT XI

JWT XI

  • This exercise covers how to use the jku header to bypass an authentication based on JWT.
  • 3 videos
  • Completed by 555 students
  • Takes 1-2 Hrs. on average
  • Ruby/Sinatra
  • jwt
  • cwe-310