Login
Register
Introduction 00 (next)
Course
Videos
Scoring
Introduction Badge
Introduction Badge (next)
Badges
Introduction
0 / 4
Unix
0 / 35
Essential
0 / 60
PCAP badge
0 / 35
HTTP
0 / 43
White
0 / 6
Serialize
0 / 5
Yellow
0 / 7
Blue
0 / 11
Green
0 / 16
Orange
0 / 15
Intercept
0 / 5
Authentication / Authorization
0 / 21
Android
0 / 8
Capture-The-Flag
0 / 6
Brown
0 / 26
Recon
0 / 27
API
0 / 19
Media
0 / 18
Code Review
0 / 107
Java Serialize
0 / 11
Java Code Review
0 / 30
Login
Register
Serialize Badge
2940
Completed
11
Videos
5
Exercises
Easy
XMLDecoder
This exercise covers the exploitation of an application using XMLDecoder
1 video
Completed by 4775 students
Takes Less than an hour on average
Java
Easy
CVE-2016-0792
This exercise covers the exploitation of an Xstream vulnerability in Jenkins
1 video
Completed by 4274 students
Takes Less than an hour on average
Java/Tomcat
CWE-20
Medium
ObjectInputStream
This exercise covers the exploitation of a call to readObject in a Spring application
1 video
Completed by 3890 students
Takes Less than an hour on average
Java
Medium
CVE-2013-0156: Rails Object Injection
This exercise covers the exploitation of a code execution in Ruby-on-Rails using XML and YAML.
2 videos
Completed by 3621 students
Takes Less than an hour on average
Rails
CWE-20
Hard
API to Shell
This exercise covers the exploitation of PHP type confusion to bypass a signature and the exploitation of unserialize.
6 videos
Completed by 3105 students
Takes Between 2 and 4 hours on average
PHP/Apache/Mysql
API
CWE-502,CWE-310
