Orange Badge

389 Completed
22 Videos
15 Exercises

The orange badge is our third set of exercises. It covers a wide range of vulnerabilities targetting other clients of the applications (XSS, CSRF, CORS...)

Exercises

Easy
XSS Include
  • This exercise covers how to use Cross-Site-Scripting Include to leak information
  • 1 video
  • Completed by 1195 students
  • Takes < 1 Hr. on average
  • Ruby/Rails
  • XSS
  • CWE-87

 

Medium
Introduction to CSP
  • This exercise details the exploitation of a XSS in a simple web application that uses Content Security Policy
  • 1 video
  • Completed by 2291 students
  • Takes < 1 Hr. on average

 

Medium
JSON Cross-Site Request Forgery
  • This exercise details the exploitation of a Cross-Site Request Forgery when JSON is used
  • 2 videos
  • Completed by 1353 students
  • Takes < 1 Hr. on average

 

Medium
SVG XSS
  • This exercise covers how to use an SVG to trigger a Cross-Site-Scripting
  • 1 video
  • Completed by 1640 students
  • Takes < 1 Hr. on average
  • Ruby/Rails
  • CWE-79

 

Medium
CVE-2018-6574: go get RCE
  • This exercise covers a remote command execution in Golang's go get command.
  • 1 video
  • Completed by 816 students
  • Takes < 1 Hr. on average
  • CWE-94

 

Medium
CVE-2016-5386: HTTPoxy/Golang HTTProxy namespace conflict
  • This exercise covers the exploitation of HTTPoxy against an old version of Golang
  • 3 videos
  • Completed by 851 students
  • Takes < 1 Hr. on average
  • CWE-284

 

Medium
Cross-Origin Resource Sharing II
  • This exercise covers Cross-Origin Resource Sharing and how it can be used to get access to sensitive data.
  • 1 video
  • Completed by 956 students
  • Takes < 1 Hr. on average
  • Ruby/Sinatra/Angular

 

Medium
Cross-Site WebSocket Hijacking
  • This exercise covers Cross-Site WebSocket Hijacking and how it can be used to gain access to sensitive information
  • 2 videos
  • Completed by 1011 students
  • Takes < 1 Hr. on average
  • Ruby/Sinatra

 

Medium
postMessage()
  • This exercise covers how insecure calls to the JavaScript function postMessage() can be used to leak sensitive information
  • 2 videos
  • Completed by 1116 students
  • Takes < 1 Hr. on average
  • Ruby/Sinatra

 

Medium
postMessage() II
  • This exercise covers how insecure calls to the JavaScript function postMessage() can be used to leak sensitive information when a listener does not filter the Origin
  • 2 videos
  • Completed by 985 students
  • Takes < 1 Hr. on average
  • Ruby/Sinatra

 

Medium
postMessage() III
  • This exercise covers how insecure calls to the JavaScript function postMessage() can be used to trigger a Cross-Site Scripting
  • 2 videos
  • Completed by 886 students
  • Takes < 1 Hr. on average
  • Ruby/Sinatra

 

Medium
postMessage() IV
  • This exercise covers how insecure calls to the JavaScript function postMessage() can be used to leak sensitive information when a listener does not filter the Origin and X-Frame-Options is used
  • 1 video
  • Completed by 875 students
  • Takes < 1 Hr. on average
  • HTML/Javascript

 

Medium
Cross-Site Request Forgery
  • This exercise details the exploitation of a Cross-Site Request Forgery to gain access to sensitive data
  • 2 videos
  • Completed by 1437 students
  • Takes < 1 Hr. on average
  • CWE-352

 

Hard
CVE-2018-11235: Git Submodule RCE
  • This exercise details the exploitation of a vulnerability in Git Sub module that can be used to get command execution
  • Completed by 474 students
  • Takes 2-4 Hrs. on average
  • CWE-22

 

Hard
Cross-Site Leak
  • This exercise covers how to use Cross-Site Leak to recover sensitive information
  • 1 video
  • Completed by 526 students
  • Takes 2-4 Hrs. on average
  • Ruby