Login
Register
Introduction 00 (next)
Course
Videos
Scoring
Introduction Badge
Introduction Badge (next)
Badges
Introduction Badge
Unix Badge
Essential Badge
PCAP badge
White Badge
Serialize Badge
Yellow Badge
Blue Badge
Green Badge
Orange Badge
Intercept Badge
Authentication / Authorization Badge
Android Badge
Capture-The-Flag Badge
Brown Badge
Recon Badge
API Badge
Code Review Badge
Java Serialize Badge
Login
Register
White Badge
3399
Completed
6
Exercises
Easy
CVE-2014-6271/Shellshock
This exercise covers the exploitation of a Bash vulnerability through a CGI.
1 video
Completed by 5751 students
Takes Less than an hour on average
CGI/Apache/Bash
Easy
JSON Web Token
This exercise covers the exploitation of a signature weakness in a JWT library.
2 videos
Completed by 6209 students
Takes Less than an hour on average
PHP/Apache/Mysql
Easy
From SQL Injection to Shell
This exercise explains how you can, from a SQL injection, gain access to the administration console, then in the administration console, how you can run commands on the system.
1 video
Completed by 5254 students
Takes Less than an hour on average
PHP/Apache/Mysql
Easy
CVE-2007-1860: mod_jk double-decoding
This exercise covers the exploitation of CVE-2007-1860. This vulnerability allows an attacker to gain access to inaccessible pages using crafted requests. This is a common trick that a lot of testers miss.
2 videos
Completed by 3924 students
Takes Between 1 and 2 hours on average
Tomcat/Apache
Easy
Pickle Code Execution
This exercise covers the exploitation of Python's pickle when used to deserialize untrusted data
2 videos
Completed by 4075 students
Takes Less than an hour on average
Python
Medium
Electronic Code Book
This exercise explains how you can tamper with an encrypted cookies to access another user's account.
2 videos
Completed by 3741 students
Takes Between 1 and 2 hours on average
PHP/Apache