The yellow badge is our second set of exercises. It covers a wide range of web vulnerabilities to give people a view of what kind of issues can be found in web application.
This exercise covers a remote code execution vulnerability in PHPMailer
This exercise covers a remote code execution vulnerability in Ruby-on-Rails when using render on user-supplied data
This exercise details how to tamper with data encrypted using CBC
This exercise covers the exploitation of a session injection in the Play framework. This issue can be used to tamper with the content of the session while bypassing the signing mechanism
This exercise covers the exploitation of a XML entities in the Play framework.
This exercise covers the exploitation of an issue with some implementations of JWT
This exercise covers a Remote Code Execution in Struts 2.
PentesterLab is a simple hands-on way to learn web penetration testing.
Introduction to code review
CVE-2014-4511: Gitlist RCE
© PentesterLab. ALL Rights Reserved. | Terms and conditions |