Login
Register
Introduction 00 (next)
Course
Videos
Scoring
Introduction Badge
Introduction Badge (next)
Badges
Introduction Badge
Unix Badge
Essential Badge
PCAP badge
White Badge
Serialize Badge
Yellow Badge
Blue Badge
Green Badge
Orange Badge
Intercept Badge
Authentication / Authorization Badge
Android Badge
Capture-The-Flag Badge
Brown Badge
Recon Badge
API Badge
Code Review Badge
Java Serialize Badge
HTTP Badge
Login
Register
White Badge
3573
Completed
6
Exercises
Easy
CVE-2014-6271/Shellshock
This exercise covers the exploitation of a Bash vulnerability through a CGI.
1 video
Completed by 5988 students
Takes Less than an hour on average
CGI/Apache/Bash
Easy
JSON Web Token
This exercise covers the exploitation of a signature weakness in a JWT library.
2 videos
Completed by 6494 students
Takes Less than an hour on average
PHP/Apache/Mysql
Easy
From SQL Injection to Shell
This exercise explains how you can, from a SQL injection, gain access to the administration console, then in the administration console, how you can run commands on the system.
1 video
Completed by 5483 students
Takes Less than an hour on average
PHP/Apache/Mysql
Easy
CVE-2007-1860: mod_jk double-decoding
This exercise covers the exploitation of CVE-2007-1860. This vulnerability allows an attacker to gain access to inaccessible pages using crafted requests. This is a common trick that a lot of testers miss.
2 videos
Completed by 4111 students
Takes Between 1 and 2 hours on average
Tomcat/Apache
Easy
Pickle Code Execution
This exercise covers the exploitation of Python's pickle when used to deserialize untrusted data
2 videos
Completed by 4266 students
Takes Less than an hour on average
Python
Medium
Electronic Code Book
This exercise explains how you can tamper with an encrypted cookies to access another user's account.
2 videos
Completed by 3915 students
Takes Between 1 and 2 hours on average
PHP/Apache
