We'll help you get to the Next Level!

TRY OUR FREE EXERCISES OR GO PRO
FILTER
EXERCISE AVERAGE TIME TO COMPLETE DIFFICULTY # OF USERS COMPLETED TIER clock icon difficulty icon number of users completed icon free or pro access icon
http label SAML: CVE-2025-29775 Signed Metadata
This exercise covers the exploitation of CVE-2025-29775 (impacting xml-crypto) without XMLResponse
-- diffculty icon 0 small pro icon
http label SAML: CVE-2025-29775
This exercise covers the exploitation of CVE-2025-29775 (impacting xml-crypto)
1-2 Hr. diffculty icon 6 small pro icon
code review label CVE-2024-X5X87
This challenge covers the review of a CVE in a go codebase and its patch
-- diffculty icon 33 small pro icon
code review label CVE-2023-XX463
This challenge covers the review of a CVE in a Go codebase and its patch
-- diffculty icon 31 small pro icon
code review label Golang Code Review #04
This challenge covers the review of a snippet of code written in Golang.
-- diffculty icon 35 small pro icon
api label API Mass-Assignment 03 < 1 Hr. diffculty icon 72 small pro icon
basic beaker label UUIDv1 IDOR 1-2 Hr. diffculty icon 48 small pro icon
api label API Mass-Assignment 02 < 1 Hr. diffculty icon 95 small pro icon
api label API Mass-Assignment 01 < 1 Hr. diffculty icon 110 small pro icon
basic beaker label Mongo IDOR II
This challenge covers how to recover a Mongo ID to leverage an IDOR
< 1 Hr. diffculty icon 99 small pro icon
basic beaker label Mongo IDOR III < 1 Hr. diffculty icon 67 small pro icon
basic beaker label Mongo IDOR IV 2-4 Hr. diffculty icon 37 small pro icon
code review label Golang Code Review #05
This challenge covers the review of a snippet of code written in Golang.
< 1 Hr. diffculty icon 55 small pro icon
code review label Golang Code Review #09
This challenge covers the review of a snippet of code written in Golang.
< 1 Hr. diffculty icon 53 small pro icon
code review label CVE-2024-x730x
This challenge covers the review of a snippet of code written in Golang.
< 1 Hr. diffculty icon 59 small pro icon
code review label CVE-2023-28XX9
This challenge covers the review of a CVE in a Golang codebase and its patch
1-2 Hr. diffculty icon 43 small pro icon
code review label CVE-2023-X5821
This challenge covers the review of a CVE in a Go codebase and its patch
< 1 Hr. diffculty icon 46 small pro icon
code review label CVE-2024-X3X06
This challenge covers the review of a CVE in a Go codebase and its patch
< 1 Hr. diffculty icon 47 small pro icon
code review label CVE-2022-XX975
This challenge covers the review of a CVE in a Go codebase and its patch
< 1 Hr. diffculty icon 47 small pro icon
api label API JWT REVOCATION jwt
This exercise covers how to bypass a weak JWT Revocation Mechanism.
< 1 Hr. diffculty icon 120 small pro icon
basic beaker label Puzzle 06
Leverage a weak implementation of lowercase to access arbitrary files
< 1 Hr. diffculty icon 18 small pro icon
basic beaker label Puzzle 07
Leverage a weak implementation of lowercase to access arbitrary files
1-2 Hr. diffculty icon 17 small pro icon
api label API 18
This exercise covers how to exploit an authorization issue in an API.
< 1 Hr. diffculty icon 150 small pro icon
api label API 19
This exercise covers how to exploit an authorization issue in an API.
< 1 Hr. diffculty icon 142 small pro icon
api label API 20
This exercise covers how to exploit an authorization issue in an API.
< 1 Hr. diffculty icon 146 small pro icon
api label API 16
This exercise covers how to exploit an authorization issue in an API.
< 1 Hr. diffculty icon 219 small pro icon
api label API 17
This exercise covers how to exploit an authorization issue in an API.
< 1 Hr. diffculty icon 161 small pro icon
basic beaker label GraphQL Authorization 01
This exercise covers a simple authorization issue in a GraphQL application.
< 1 Hr. diffculty icon 131 small pro icon
basic beaker label GraphQL Authorization 02
This exercise covers a simple authorization issue in a GraphQL application.
< 1 Hr. diffculty icon 121 small pro icon
code review label Golang Code Review #01
This challenge covers the review of a snippet of code written in Golang.
< 1 Hr. diffculty icon 88 small pro icon
code review label Golang Code Review #03
This challenge covers the review of a snippet of code written in Golang.
< 1 Hr. diffculty icon 63 small pro icon
code review label Golang Code Review #02
This challenge covers the review of a snippet of code written in Golang.
< 1 Hr. diffculty icon 73 small pro icon
code review label CVE-2022-2X8XX
This challenge covers the review of a CVE in a Golang codebase and its patch
< 1 Hr. diffculty icon 87 small pro icon
code review label CVE-2022-X10X8
This challenge covers the review of a CVE in a Golang codebase and its patch
1-2 Hr. diffculty icon 81 small pro icon
code review label CVE-2024-X90X6
This challenge covers the review of a CVE in a Golang codebase and its patch
< 1 Hr. diffculty icon 67 small pro icon
basic beaker label ORM LEAK: SQLite
This exercise covers how to exploit an ORM leak vulnerability
1-2 Hr. diffculty icon 59 small pro icon
code review label CVE-2022-X87X
This challenge covers the review of a CVE in a Golang codebase and its patch
-- diffculty icon 68 small pro icon
code review label CVE-2023-51XX2
This challenge covers the review of a CVE in a Golang codebase and its patch
< 1 Hr. diffculty icon 67 small pro icon
code review label CVE-2024-2791X
This challenge covers the review of a CVE in a Golang codebase and its patch
2-4 Hr. diffculty icon 60 small pro icon
basic beaker label ORM LEAK 02
This exercise covers how to exploit an ORM leak vulnerability
< 1 Hr. diffculty icon 80 small pro icon
basic beaker label Puzzle 05
Authentication Bypass using an SQL injection without or 1=1
1-2 Hr. diffculty icon 22 small pro icon
code review label CVE-2022-2X24X
This challenge covers the review of a CVE in a Java codebase and its patch
< 1 Hr. diffculty icon 114 small pro icon
code review label CVE-2023-3X4X6
This challenge covers the review of a CVE in a Java codebase and its patch
< 1 Hr. diffculty icon 102 small pro icon
code review label CVE-2022-4x3x5
This challenge covers the review of a CVE in a Java codebase and its patch
< 1 Hr. diffculty icon 87 small pro icon
basic beaker label Puzzle 03
Find and exploit a Golang vulnerability inspired by CVE-2022-31683
1-2 Hr. diffculty icon 19 small pro icon
code review label Java Code Review 14
This challenge covers the review of a simple codebase in Java
< 1 Hr. diffculty icon 83 small pro icon
code review label Java Code Review 15
This challenge covers the review of a simple codebase in Java
< 1 Hr. diffculty icon 75 small pro icon
code review label Java Code Review 16
This challenge covers the review of a simple codebase in Java
< 1 Hr. diffculty icon 67 small pro icon
basic beaker label ORM LEAK 01
This exercise covers how to exploit a simple ORM leak.
1-2 Hr. diffculty icon 107 small pro icon
code review label Java Code Review 11
This challenge covers the review of a simple codebase in Java
< 1 Hr. diffculty icon 85 small pro icon
code review label Java Code Review 12
This challenge covers the review of a simple codebase in Java
-- diffculty icon 81 small pro icon
code review label Java Code Review 13
This challenge covers the review of a simple codebase in Java
< 1 Hr. diffculty icon 86 small pro icon
code review label Java Code Review 10
This challenge covers the review of a simple codebase in Java
< 1 Hr. diffculty icon 93 small pro icon
code review label CVE-2023-4X25X
This challenge covers the review of a CVE in a Java codebase and its patch
< 1 Hr. diffculty icon 87 small pro icon
basic beaker label Puzzle 04
Leverage SQL LIKE to gain access to sensitive information
2-4 Hr. diffculty icon 10 small pro icon
code review label CVE-2023-5X38X
This challenge covers the review of a CVE in a Java codebase and its patch
-- diffculty icon 104 small pro icon
code review label CVE-2024-2X31X
This challenge covers the review of a CVE in a Java codebase and its patch
< 1 Hr. diffculty icon 144 small pro icon
code review label CVE-2024-X875X
This challenge covers the review of a CVE in a Java codebase and its patch
-- diffculty icon 120 small pro icon
http label CVE-2022-0415
Exploit CVE-2022-0415 to gain code execution in Gogs
2-4 Hr. diffculty icon 12 small pro icon
code review label Java Code Review 07
This challenge covers the review of a simple codebase in Java
< 1 Hr. diffculty icon 93 small pro icon
code review label Java Code Review 08
This challenge covers the review of a simple codebase in Java
< 1 Hr. diffculty icon 99 small pro icon
code review label Java Code Review 09
This challenge covers the review of a simple codebase in Java
< 1 Hr. diffculty icon 79 small pro icon
basic beaker label Puzzle 01
Find the XSS by leveraging backreferences in a regular expression
< 1 Hr. diffculty icon 30 small pro icon
basic beaker label Puzzle 02 XSS CSP
Leverage a PHP trick to bypass CSP
< 1 Hr. diffculty icon 25 small pro icon
api label API 13
This exercise covers a complex filter bypass in API.
< 1 Hr. diffculty icon 376 small pro icon
api label API 14
This exercise covers how to exploit a leaked encrypted password with an API.
< 1 Hr. diffculty icon 393 small pro icon
api label API 15
This exercise covers how to exploit a leaked encrypted password with an API.
< 1 Hr. diffculty icon 328 small pro icon
code review label Java Code Review 04
This challenge covers the review of a simple codebase in Java
< 1 Hr. diffculty icon 116 small pro icon
code review label Java Code Review 05
This challenge covers the review of a simple codebase in Java
< 1 Hr. diffculty icon 123 small pro icon
code review label Java Code Review 06
This challenge covers the review of a simple codebase in Java
< 1 Hr. diffculty icon 120 small pro icon
api label API 10
This exercise covers a common filter bypass in API.
< 1 Hr. diffculty icon 470 small pro icon
api label API 11
This exercise covers a common filter bypass in API.
< 1 Hr. diffculty icon 445 small pro icon
api label API 12
This exercise covers a common filter bypass in API.
< 1 Hr. diffculty icon 414 small pro icon
code review label Java Code Review 01
This challenge covers the review of a simple codebase in Java
< 1 Hr. diffculty icon 150 small pro icon
code review label Java Code Review 02
This challenge covers the review of a simple codebase in Java
< 1 Hr. diffculty icon 152 small pro icon
code review label Java Code Review 03
This challenge covers the review of a simple codebase in Java
-- diffculty icon 132 small pro icon
basic beaker label JSON Web Token XV: CVE-2022-39227 jwt
This exercise covers the exploitation of polyglot token against python_jwt (CVE-2022-39227)
< 1 Hr. diffculty icon 26 small pro icon
code review label CVE-2023-X48X9
This challenge covers the review of a CVE in a Java codebase and its patch
< 1 Hr. diffculty icon 107 small pro icon
code review label CVE-2009-387X
This challenge covers the review of a CVE in a Java codebase and its patch
1-2 Hr. diffculty icon 169 small pro icon
code review label CVE-2023-5143X
This challenge covers the review of a CVE in a Java codebase and its patch
1-2 Hr. diffculty icon 168 small pro icon
code review label GHSA-95XX
This challenge covers the review of a CVE in a Java codebase and its patch
< 1 Hr. diffculty icon 85 small pro icon
code review label CVE-2022-4x13x
This challenge covers the review of a CVE in a Java codebase and its patch
< 1 Hr. diffculty icon 87 small pro icon
code review label CVE-2023-46XX2
This challenge covers the review of a CVE in a Java codebase and its patch
< 1 Hr. diffculty icon 88 small pro icon
basic beaker label Java Serialize 06
This exercise is one of our challenges to help you learn Java Serialisation exploitation
2-4 Hr. diffculty icon 23 small pro icon
api label API 09
This exercise covers how one can inspect HTTP responses to identify information leaks.
< 1 Hr. diffculty icon 567 small pro icon
basic beaker label Java Serialize 04
This exercise is one of our challenges to help you learn Java Serialisation exploitation
1-2 Hr. diffculty icon 64 small pro icon
basic beaker label Java Serialize 05
This exercise is one of our challenges to help you learn Java Serialisation exploitation
2-4 Hr. diffculty icon 38 small pro icon
basic beaker label Cache Poisoning 01
This exercise details how to exploit an application vulnerable to cache poisoning
< 1 Hr. diffculty icon 98 small pro icon
basic beaker label Cache Deception 02
This exercise details how to exploit an application vulnerable to cache deception
< 1 Hr. diffculty icon 98 small pro icon
code review label CVE-2023-XXX83
This challenge covers the review of a CVE in a Java codebase and its patch
< 1 Hr. diffculty icon 96 small pro icon
code review label CVE-2023-289X6
This challenge covers the review of a CVE in a Java codebase and its patch
< 1 Hr. diffculty icon 83 small pro icon
code review label CVE-2023-350XX
This challenge covers the review of a CVE in a Java codebase and its patch
< 1 Hr. diffculty icon 88 small pro icon
code review label CVE-2022-XX910
This challenge covers the review of a CVE in a Java codebase and its patch
< 1 Hr. diffculty icon 89 small pro icon
code review label CVE-2022-342XX
This challenge covers the review of a CVE in a Java codebase and its patch
< 1 Hr. diffculty icon 87 small pro icon
basic beaker label Cache Deception 01
This exercise details how to exploit an application vulnerable to cache deception
< 1 Hr. diffculty icon 121 small pro icon
code review label CVE-2022-X50X6
This challenge covers the review of a CVE in a Java codebase and its patch
< 1 Hr. diffculty icon 92 small pro icon
code review label CVE-2023-25X4X
This challenge covers the review of a CVE in a Java codebase and its patch
< 1 Hr. diffculty icon 80 small pro icon
code review label CVE-202X-2561X
This challenge covers the review of a CVE in a Java codebase and its patch
< 1 Hr. diffculty icon 99 small pro icon
code review label CVE-2022-x0x08
This challenge covers the review of a CVE in a Java codebase and its patch
< 1 Hr. diffculty icon 117 small pro icon
code review label CVE-2022-4504x
This challenge covers the review of a CVE in a Java codebase and its patch
< 1 Hr. diffculty icon 148 small pro icon
code review label CVE-2022-X51X3
This challenge covers the review of a CVE in a Java codebase and its patch
< 1 Hr. diffculty icon 140 small pro icon
code review label CVE-2007-546X
This challenge covers the review of a CVE in a Java codebase and its patch
< 1 Hr. diffculty icon 106 small pro icon
code review label CVE-2011-XX61
This challenge covers the review of a CVE in a Java codebase and its patch
< 1 Hr. diffculty icon 101 small pro icon
code review label CVE-2006-6X6X
This challenge covers the review of a CVE in a Java codebase and its patch
< 1 Hr. diffculty icon 110 small pro icon
basic beaker label Java Serialize 02
This exercise is one of our challenges to help you learn Java Serialisation exploitation
< 1 Hr. diffculty icon 118 small pro icon
basic beaker label Java Serialize 03
This exercise is one of our challenges to help you learn Java Serialisation exploitation
< 1 Hr. diffculty icon 94 small pro icon
code review label CVE-2014-7X09
This challenge covers the review of a CVE in a Java codebase and its patch
1-2 Hr. diffculty icon 167 small pro icon
code review label CVE-2020-9X8X
This challenge covers the review of a CVE in a Java codebase and its patch
< 1 Hr. diffculty icon 207 small pro icon
code review label CVE-2018-XX34
This challenge covers the review of a CVE in a Java codebase and its patch
< 1 Hr. diffculty icon 152 small pro icon
code review label CVE-2012-5XX3
This challenge covers the review of a CVE in a Java codebase and its patch
< 1 Hr. diffculty icon 110 small pro icon
code review label CVE-2022-X41X9
This challenge covers the review of a CVE in a Java codebase and its patch
< 1 Hr. diffculty icon 90 small pro icon
code review label CVE-2009-26X3
This challenge covers the review of a CVE in a Java codebase and its patch
< 1 Hr. diffculty icon 123 small pro icon
code review label CVE-2022-357X1
This challenge covers the review of a CVE in a Java codebase and its patch
< 1 Hr. diffculty icon 113 small pro icon
code review label CVE-2023-30XX1
This challenge covers the review of a CVE in a Java codebase and its patch
< 1 Hr. diffculty icon 129 small pro icon
code review label CVE-2023-2X8X1
This challenge covers the review of a CVE in a Java codebase and its patch
< 1 Hr. diffculty icon 127 small pro icon
http label SAML: PySAML2 SSRF
This exercise covers the exploitation of a SSRF in PySAML2
< 1 Hr. diffculty icon 103 small pro icon
code review label CVE-2022-378xx
This challenge covers the review of a CVE in a Java codebase and its patch
< 1 Hr. diffculty icon 315 small pro icon
code review label CVE-2022-x0x09
This challenge covers the review of a CVE in a Java codebase and its patch
< 1 Hr. diffculty icon 156 small pro icon
code review label CVE-2018-8x14
This challenge covers the review of a CVE in a Java codebase and its patch
2-4 Hr. diffculty icon 92 small pro icon
basic beaker label JWT Algorithm Confusion with ECDSA Public Key Recovery jwt
This exercise covers the exploitation of algorithm confusion when no public key is available with a ECDSA key
1-2 Hr. diffculty icon 22 small pro icon
code review label CVE-2014-X80X
This challenge covers the review of a CVE in a Java codebase and its patch
< 1 Hr. diffculty icon 127 small pro icon
code review label CVE-2015-3XX0
This challenge covers the review of a CVE in a Java codebase and its patch
< 1 Hr. diffculty icon 111 small pro icon
code review label CVE-2022-458X1
This challenge covers the review of a CVE in a Java codebase and its patch
< 1 Hr. diffculty icon 148 small pro icon
http label SAML: CVE-2021-21239
This exercise covers the exploitation of CVE-2021-21239 (PySAML2)
2-4 Hr. diffculty icon 59 small pro icon
code review label CVE-2022-393XX
This challenge covers the review of a CVE in a Java codebase and its patch
< 1 Hr. diffculty icon 120 small pro icon
code review label CVE-2023-2XX60
This challenge covers the review of a CVE in a Java codebase and its patch
< 1 Hr. diffculty icon 117 small pro icon
code review label CVE-2023-2XX61
This challenge covers the review of a CVE in a Java codebase and its patch
< 1 Hr. diffculty icon 126 small pro icon
basic beaker label SAML: Malicious IDP
This exercise covers the creation of a malicious IDP to forge an assertion
2-4 Hr. diffculty icon 28 small pro icon
basic beaker label DOMPDF RCE IV
This exercise covers the automation of the exploitation of a vulnerability in the DOMPDF library
> 4 Hr. diffculty icon 21 small pro icon
basic beaker label SAML: Signature Wrapping III
This exercise covers the exploitation of a Signature Wrapping Issue in passport-saml (CVE-2022-39299)
1-2 Hr. diffculty icon 84 small pro icon
basic beaker label XSL Java
This exercise covers the exploitation of a Java application using XSL
< 1 Hr. diffculty icon 101 small pro icon
basic beaker label DOMPDF RCE III
This exercise covers the exploitation of a vulnerability in the DOMPDF library
2-4 Hr. diffculty icon 45 small pro icon
basic beaker label XSL PHP V
This exercise covers the exploitation of a PHP application using XSL
< 1 Hr. diffculty icon 98 small pro icon
api label API Payments 07
This exercise covers a way to manipulate a shopping cart to lower the total amount
< 1 Hr. diffculty icon 753 small pro icon
http label CVE-2021-22204: Exiftool RCE II
This exercise covers how you can gain code execution when an application uses exiftool on user-controlled files
< 1 Hr. diffculty icon 71 small pro icon
basic beaker label XSL PHP IV
This exercise covers the exploitation of a PHP application using XSL
2-4 Hr. diffculty icon 129 small pro icon
api label API Payments 06
This exercise covers a simple payments bypass.
< 1 Hr. diffculty icon 786 small pro icon
http label CVE-2022-39224
This exercise covers the exploitation of CVE-2022-39224
2-4 Hr. diffculty icon 81 small pro icon
basic beaker label XSL PHP III
This exercise covers the exploitation of a PHP application using XSL
< 1 Hr. diffculty icon 152 small pro icon
basic beaker label DOMPDF RCE II
This exercise covers the exploitation of a vulnerability in the DOMPDF library
2-4 Hr. diffculty icon 60 small pro icon
basic beaker label DOMPDF RCE
This exercise covers the exploitation of a vulnerability in the DOMPDF library
< 1 Hr. diffculty icon 130 small pro icon
api label API Payments 05
This exercise covers how to abuse a shopping cart allowing users to apply a voucher.
< 1 Hr. diffculty icon 707 small pro icon
basic beaker label XSL PHP II
This exercise covers the exploitation of a PHP application using XSL
< 1 Hr. diffculty icon 214 small pro icon
api label API Payments 04
This exercise covers how to abuse a shopping cart allowing users to apply a voucher..
< 1 Hr. diffculty icon 962 small pro icon
basic beaker label XSL PHP
This exercise covers the exploitation of a PHP application using XSL
< 1 Hr. diffculty icon 250 small pro icon
api label API Payments 03
This exercise covers a simple payments bypass.
< 1 Hr. diffculty icon 1081 small pro icon
code review label Code Review 18
This exercise is one of our challenges to help you learn how to review real source code
1-2 Hr. diffculty icon 183 small pro icon
code review label CVE-2020-13xxx
This challenge covers the review of a CVE and its patch
< 1 Hr. diffculty icon 426 small pro icon
code review label CVE-2008-5x8x
This challenge covers the review of a CVE and its patch
< 1 Hr. diffculty icon 564 small pro icon
code review label CVE-2022-3x7x1
This challenge covers the review of a CVE and its patch
< 1 Hr. diffculty icon 535 small pro icon
code review label Python Snippet #02
This challenge covers the review of a snippet of code written in Python
< 1 Hr. diffculty icon 1554 small pro icon
code review label Java Snippet #10
This challenge covers the review of a snippet of code written in Java
< 1 Hr. diffculty icon 1146 small pro icon
code review label Java Snippet #11
This challenge covers the review of a snippet of code written in Java
< 1 Hr. diffculty icon 1033 small pro icon
code review label Java Snippet #12
This challenge covers the review of a snippet of code written in Java
< 1 Hr. diffculty icon 994 small pro icon
api label API Payments 02
This exercise covers a simple payments bypass.
< 1 Hr. diffculty icon 1240 small pro icon
basic beaker label GCM Nonce Reuse
This challenge covers the impact of nonce reuse on GCM
1-2 Hr. diffculty icon 154 small pro icon
code review label CVE-2019-5x2x
This challenge covers the review of a CVE and its patch
< 1 Hr. diffculty icon 373 small pro icon
code review label Java Snippet #07
This challenge covers the review of a snippet of code written in Java
< 1 Hr. diffculty icon 1351 small pro icon
code review label Java Snippet #08
This challenge covers the review of a snippet of code written in Java
< 1 Hr. diffculty icon 1388 small pro icon
code review label Java Snippet #09
This challenge covers the review of a snippet of code written in Java
< 1 Hr. diffculty icon 1015 small pro icon
api label API Payments 01 API
This exercise covers a simple payments bypass.
< 1 Hr. diffculty icon 1567 small pro icon
code review label CVE-2022-26xx9
This challenge covers a vulnerable snippet in a real Java application
< 1 Hr. diffculty icon 394 small pro icon
code review label Python Snippet #07
This challenge covers the review of a snippet of code written in Python
< 1 Hr. diffculty icon 1258 small pro icon
code review label Python Snippet #08
This challenge covers the review of a snippet of code written in Python
< 1 Hr. diffculty icon 1220 small pro icon
code review label Python Snippet #09
This challenge covers the review of a snippet of code written in Python
< 1 Hr. diffculty icon 1257 small pro icon
basic beaker label Mongo IDOR
This challenge covers how to exploit an IDOR when Mongo IDs are used
< 1 Hr. diffculty icon 922 small pro icon
code review label CVE-2008-5x8x_ii
This challenge covers the review of a CVE and its patch
< 1 Hr. diffculty icon 388 small pro icon
code review label CVE-2005-2x8x
This challenge covers the review of a CVE and its patch
< 1 Hr. diffculty icon 404 small pro icon
code review label Golang Snippet #01
This challenge covers the review of a snippet of code written in Golang
< 1 Hr. diffculty icon 1357 small pro icon
code review label Java Snippet #06
This challenge covers the review of a snippet of code written in Java
< 1 Hr. diffculty icon 1016 small pro icon
code review label Python Snippet #06
This challenge covers the review of a snippet of code written in Python
< 1 Hr. diffculty icon 1376 small pro icon
http label CVE-2022-21449 jwt
This exercise covers the exploitation of CVE-2022-21449 against a Java Application relying on JWT
< 1 Hr. diffculty icon 147 small pro icon
http label CVE-2021-33564 Argument Injection in Ruby Dragonfly
This exercise covers how you can get arbitrary file read using CVE-2021-33564 against Refinery CMS
< 1 Hr. diffculty icon 124 small pro icon
code review label CVE-2021-45xx9
This challenge covers a vulnerable snippet in a real Python application
< 1 Hr. diffculty icon 541 small pro icon
code review label PHP Snippet #07
This challenge covers the review of a snippet of code written in PHP
< 1 Hr. diffculty icon 1326 small pro icon
code review label PHP Snippet #08
This challenge covers the review of a snippet of code written in PHP
< 1 Hr. diffculty icon 1251 small pro icon
code review label PHP Snippet #09
This challenge covers the review of a snippet of code written in PHP
< 1 Hr. diffculty icon 1162 small pro icon
code review label Python Snippet #03
This challenge covers the review of a snippet of code written in Python
< 1 Hr. diffculty icon 1389 small pro icon
code review label Python Snippet #04
This challenge covers the review of a snippet of code written in Python
< 1 Hr. diffculty icon 1243 small pro icon
code review label Python Snippet #05
This challenge covers the review of a snippet of code written in Python
< 1 Hr. diffculty icon 1291 small pro icon
code review label CVE-2021-39x3x
This challenge covers the review of a CVE and its patch
< 1 Hr. diffculty icon 403 small pro icon
http label CVE-2022-21724: JDBC RCE PostgreSQL
This challenge covers how to gain code execution by leveraging a JDBC connection string with PostgreSQL
< 1 Hr. diffculty icon 149 small pro icon
code review label Java Snippet #04
This challenge covers the review of a snippet of code written in Java
< 1 Hr. diffculty icon 1207 small pro icon
code review label Java Snippet #05
This challenge covers the review of a snippet of code written in Java
< 1 Hr. diffculty icon 1107 small pro icon
basic beaker label Ox Remote Code Execution II
This exercise covers how you can gain code execution when an application is using Ox to deserialize data and is running on Ruby 2.7
2-4 Hr. diffculty icon 31 small pro icon
code review label CVE-2009-3x8x
This challenge covers the review of a CVE and its patch
< 1 Hr. diffculty icon 532 small pro icon
http label HTTP 41
This challenge covers how to send specific HTTP requests
< 1 Hr. diffculty icon 2335 small pro icon
http label HTTP 42
This challenge covers how to send specific HTTP requests
< 1 Hr. diffculty icon 2356 small pro icon
http label HTTP 43
This challenge covers how to send specific HTTP requests
< 1 Hr. diffculty icon 2280 small pro icon
code review label CVE-2021-381xx
This challenge covers the review of a CVE and its patch
< 1 Hr. diffculty icon 435 small pro icon
basic beaker label H2 RCE
This challenge covers how to gain code execution by leveraging an H2 database in a Java application
< 1 Hr. diffculty icon 113 small pro icon
code review label TypeScript Snippet #04
This challenge covers the review of a snippet of code written in TypeScript
< 1 Hr. diffculty icon 882 small pro icon
code review label TypeScript Snippet #05
This challenge covers the review of a snippet of code written in TypeScript
< 1 Hr. diffculty icon 904 small pro icon
code review label TypeScript Snippet #06
This challenge covers the review of a snippet of code written in TypeScript
< 1 Hr. diffculty icon 790 small pro icon
code review label TypeScript Snippet #07
This challenge covers the review of a snippet of code written in TypeScript
< 1 Hr. diffculty icon 741 small pro icon
code review label TypeScript Snippet #08
This challenge covers the review of a snippet of code written in TypeScript
< 1 Hr. diffculty icon 798 small pro icon
code review label TypeScript Snippet #09
This challenge covers the review of a snippet of code written in TypeScript
< 1 Hr. diffculty icon 830 small pro icon
code review label CVE-2008-4x9x
This challenge covers the review of a CVE and its patch
< 1 Hr. diffculty icon 475 small pro icon
basic beaker label Log4j RCE II
This exercise is one of our challenges to help you learn Java Serialisation exploitation
1-2 Hr. diffculty icon 159 small pro icon
basic beaker label Log4j RCE
This challenge covers the latest RCE in Log4j
1-2 Hr. diffculty icon 283 small pro icon
code review label CVE-2021-4379x
This challenge covers the review of a CVE and its patch
< 1 Hr. diffculty icon 514 small pro icon
api label API 08
This exercise covers how one can inspect HTTP responses to identify information leaks.
< 1 Hr. diffculty icon 1404 small pro icon
basic beaker label JDBC RCE
This exercise is one of our challenges to help you learn Java Serialisation exploitation
2-4 Hr. diffculty icon 58 small pro icon
code review label CVE-2008-1x3x
This challenge covers the review of a CVE and its patch
< 1 Hr. diffculty icon 694 small pro icon
code review label Golang Snippet #12
This challenge covers the review of a snippet of code written in Golang
< 1 Hr. diffculty icon 759 small pro icon
code review label TypeScript Snippet #01
This challenge covers the review of a snippet of code written in TypeScript
< 1 Hr. diffculty icon 1086 small pro icon
code review label TypeScript Snippet #02
This challenge covers the review of a snippet of code written in TypeScript
< 1 Hr. diffculty icon 1033 small pro icon
code review label TypeScript Snippet #03
This challenge covers the review of a snippet of code written in TypeScript
< 1 Hr. diffculty icon 959 small pro icon
api label API 07 API Angular
This exercise covers how one can inspect JavaScript code to identify information leak.
< 1 Hr. diffculty icon 1474 small pro icon
http label CVE-2021-40438
This challenge covers how to trigger a Server-Side Request Forgery by leveraging CVE-2021-40438
< 1 Hr. diffculty icon 314 small pro icon
http label CVE-2021-41773
This challenge covers how to read arbitrary files by leveraging CVE-2021-41773
< 1 Hr. diffculty icon 514 small pro icon
http label CVE-2021-41773 II
This challenge covers how to gain code execution by leveraging CVE-2021-41773
1-2 Hr. diffculty icon 187 small pro icon
http label HTTP 36
This challenge covers how to send specific HTTP requests
< 1 Hr. diffculty icon 2533 small pro icon
http label HTTP 37
This challenge covers how to send specific HTTP requests
< 1 Hr. diffculty icon 2510 small pro icon
http label HTTP 38
This challenge covers how to send specific HTTP requests
< 1 Hr. diffculty icon 2561 small pro icon
http label HTTP 39
This challenge covers how to send specific HTTP requests
< 1 Hr. diffculty icon 2544 small pro icon
http label HTTP 40
This challenge covers how to send specific HTTP requests
< 1 Hr. diffculty icon 2559 small pro icon
code review label CVE-2006-4xxx
This challenge covers the review of a CVE and its patch
< 1 Hr. diffculty icon 520 small pro icon
code review label CVE-2006-4xxx_ii
This challenge covers the review of a CVE and its patch
< 1 Hr. diffculty icon 416 small pro icon
code review label PHP Snippet #04
This challenge covers the review of a snippet of code written in PHP
< 1 Hr. diffculty icon 1458 small pro icon
code review label PHP Snippet #05
This challenge covers the review of a snippet of code written in PHP
< 1 Hr. diffculty icon 1368 small pro icon
code review label PHP Snippet #06
This challenge covers the review of a snippet of code written in PHP
< 1 Hr. diffculty icon 1451 small pro icon
api label API 06 API Angular
This exercise covers how one can inspect JavaScript code to identify unused endpoints.
< 1 Hr. diffculty icon 1628 small pro icon
code review label CVE-2021-37xxx
This challenge covers the review of a CVE and its patch
< 1 Hr. diffculty icon 483 small pro icon
code review label PHP Snippet #01
This challenge covers the review of a snippet of code written in PHP
< 1 Hr. diffculty icon 2048 small pro icon
code review label PHP Snippet #02
This challenge covers the review of a snippet of code written in PHP
< 1 Hr. diffculty icon 1769 small pro icon
code review label PHP Snippet #03
This challenge covers the review of a snippet of code written in PHP
< 1 Hr. diffculty icon 1540 small pro icon
http label HTTP 31
This challenge covers how to send specific HTTP requests
< 1 Hr. diffculty icon 2680 small pro icon
http label HTTP 32
This challenge covers how to send specific HTTP requests
< 1 Hr. diffculty icon 2614 small pro icon
http label HTTP 35
This challenge covers how to send specific HTTP requests
< 1 Hr. diffculty icon 2611 small pro icon
http label HTTP 34
This challenge covers how to send specific HTTP requests
< 1 Hr. diffculty icon 2573 small pro icon
http label HTTP 33
This challenge covers how to send specific HTTP requests
< 1 Hr. diffculty icon 2606 small pro icon
api label API 05 API Angular
This exercise covers how one can inspect JavaScript code to identify unused endpoints.
< 1 Hr. diffculty icon 1920 small pro icon
api label API 04 API Angular
This exercise covers how one can inspect JavaScript code to identify unused endpoints.
< 1 Hr. diffculty icon 2086 small pro icon
code review label Golang Snippet #02
This challenge covers the review of a snippet of code written in Golang
< 1 Hr. diffculty icon 1099 small pro icon
code review label Golang Snippet #03
This challenge covers the review of a snippet of code written in Golang
< 1 Hr. diffculty icon 909 small pro icon
code review label Golang Snippet #04
This challenge covers the review of a snippet of code written in Golang
< 1 Hr. diffculty icon 1099 small pro icon
code review label Golang Snippet #05
This challenge covers the review of a snippet of code written in Golang
< 1 Hr. diffculty icon 981 small pro icon
code review label Golang Snippet #06
This challenge covers the review of a snippet of code written in Golang
< 1 Hr. diffculty icon 865 small pro icon
code review label Golang Snippet #07
This challenge covers the review of a snippet of code written in Golang
< 1 Hr. diffculty icon 898 small pro icon
code review label Golang Snippet #08
This challenge covers the review of a snippet of code written in Golang
< 1 Hr. diffculty icon 824 small pro icon
code review label Golang Snippet #09
This challenge covers the review of a snippet of code written in Golang
< 1 Hr. diffculty icon 775 small pro icon
code review label Golang Snippet #10
This challenge covers the review of a snippet of code written in Golang
< 1 Hr. diffculty icon 879 small pro icon
code review label Golang Snippet #11
This challenge covers the review of a snippet of code written in Golang
< 1 Hr. diffculty icon 867 small pro icon
code review label Javascript Snippet #01
This challenge covers the review of a snippet of code written in JavaScript
< 1 Hr. diffculty icon 1741 small pro icon
code review label Javascript Snippet #02
This challenge covers the review of a snippet of code written in JavaScript
< 1 Hr. diffculty icon 1422 small pro icon
code review label Javascript Snippet #03
This challenge covers the review of a snippet of code written in JavaScript
< 1 Hr. diffculty icon 1440 small pro icon
code review label Javascript Snippet #04
This challenge covers the review of a snippet of code written in JavaScript
< 1 Hr. diffculty icon 1330 small pro icon
code review label Javascript Snippet #05
This challenge covers the review of a snippet of code written in JavaScript
< 1 Hr. diffculty icon 1402 small pro icon
code review label Javascript Snippet #06
This challenge covers the review of a snippet of code written in JavaScript
< 1 Hr. diffculty icon 1280 small pro icon
code review label Javascript Snippet #07
This challenge covers the review of a snippet of code written in JavaScript
< 1 Hr. diffculty icon 1247 small pro icon
code review label Python Snippet #01
This challenge covers the review of a snippet of code written in Python
< 1 Hr. diffculty icon 1707 small pro icon
code review label Ruby Snippet #01
This challenge covers the review of a snippet of code written in Ruby
< 1 Hr. diffculty icon 702 small pro icon
code review label Ruby Snippet #02
This challenge covers the review of a snippet of code written in Ruby
< 1 Hr. diffculty icon 654 small pro icon
code review label Ruby Snippet #03
This challenge covers the review of a snippet of code written in Ruby
< 1 Hr. diffculty icon 690 small pro icon
code review label Ruby Snippet #04
This challenge covers the review of a snippet of code written in Ruby
< 1 Hr. diffculty icon 621 small pro icon
code review label Ruby Snippet #05
This challenge covers the review of a snippet of code written in Ruby
< 1 Hr. diffculty icon 713 small pro icon
code review label Ruby Snippet #06
This challenge covers the review of a snippet of code written in Ruby
< 1 Hr. diffculty icon 693 small pro icon
code review label Ruby Snippet #07
This challenge covers the review of a snippet of code written in Ruby
< 1 Hr. diffculty icon 554 small pro icon
code review label Ruby Snippet #08
This challenge covers the review of a snippet of code written in Ruby
< 1 Hr. diffculty icon 602 small pro icon
code review label Ruby Snippet #09
This challenge covers the review of a snippet of code written in Ruby
< 1 Hr. diffculty icon 556 small pro icon
http label HTTP 26
This challenge covers how to send specific HTTP requests
< 1 Hr. diffculty icon 2874 small pro icon
http label HTTP 27
This challenge covers how to send specific HTTP requests
< 1 Hr. diffculty icon 2800 small pro icon
http label HTTP 28
This challenge covers how to send specific HTTP requests
< 1 Hr. diffculty icon 2798 small pro icon
http label HTTP 29
This challenge covers how to send specific HTTP requests
< 1 Hr. diffculty icon 2709 small pro icon
http label HTTP 30
This challenge covers how to send specific HTTP requests
< 1 Hr. diffculty icon 2754 small pro icon
code review label CVE-2020-17xx7
This challenge covers the review of a CVE and its patch
< 1 Hr. diffculty icon 941 small pro icon
basic beaker label Ox Remote Code Execution
This exercise covers how you can gain code execution when an application is using Ox to deserialize data and is running on Ruby 2.3
2-4 Hr. diffculty icon 76 small pro icon
code review label CVE-2020-9x9x
This challenge covers the review of a CVE and its patch
< 1 Hr. diffculty icon 715 small pro icon
http label HTTP 21
This challenge covers how to send specific HTTP requests
< 1 Hr. diffculty icon 3016 small pro icon
http label HTTP 22
This challenge covers how to send specific HTTP requests
< 1 Hr. diffculty icon 2981 small pro icon
http label HTTP 23
This challenge covers how to send specific HTTP requests
< 1 Hr. diffculty icon 2892 small pro icon
http label HTTP 24
This challenge covers how to send specific HTTP requests
< 1 Hr. diffculty icon 2895 small pro icon
http label HTTP 25
This challenge covers how to send specific HTTP requests
< 1 Hr. diffculty icon 2931 small pro icon
http label HTTP 16
This challenge covers how to send specific HTTP requests
< 1 Hr. diffculty icon 3108 small pro icon
http label HTTP 20
This challenge covers how to send specific HTTP requests
< 1 Hr. diffculty icon 3027 small pro icon
http label HTTP 18
This challenge covers how to send specific HTTP requests
< 1 Hr. diffculty icon 3073 small pro icon
http label HTTP 19
This challenge covers how to send specific HTTP requests
< 1 Hr. diffculty icon 3069 small pro icon
http label HTTP 17
This challenge covers how to send specific HTTP requests
< 1 Hr. diffculty icon 3086 small pro icon
code review label CVE-2020-17xx8
This challenge covers the review of a CVE and its patch
< 1 Hr. diffculty icon 510 small pro icon
http label CVE-2021-22204: Exiftool RCE
This exercise covers how you can gain code execution when an application uses exiftool on user-controlled files
1-2 Hr. diffculty icon 164 small pro icon
http label SSRF via FFMPEG II
This exercise covers how you can read arbitrary files when an application uses ffmpeg to render videos from a video you provide
< 1 Hr. diffculty icon 115 small pro icon
api label API 03 API
This exercise is the API version of an exercise you already solved in another badge. You should use it to get more confident with discovering vulnerabilities without any hint on what to look for.
< 1 Hr. diffculty icon 2062 small pro icon
code review label CVE-2020-11xxx
This challenge covers the review of a CVE and its patch
< 1 Hr. diffculty icon 520 small pro icon
csrf label OAuth2: Authorization Server XSS II
This exercise covers the exploitation of an XSS in an OAuth2 Authorization Server
< 1 Hr. diffculty icon 249 small pro icon
http label HTTP 11
This challenge covers how to send specific HTTP requests
< 1 Hr. diffculty icon 3355 small pro icon
http label HTTP 15
This challenge covers how to send specific HTTP requests
< 1 Hr. diffculty icon 3226 small pro icon
http label HTTP 12
This challenge covers how to send specific HTTP requests
< 1 Hr. diffculty icon 3315 small pro icon
http label HTTP 13
This challenge covers how to send specific HTTP requests
< 1 Hr. diffculty icon 3234 small pro icon
http label HTTP 14
This challenge covers how to send specific HTTP requests
< 1 Hr. diffculty icon 3247 small pro icon
api label API 02 API
This exercise is the API version of an exercise you already solved in another badge. You should use it to get more confident with discovering vulnerabilities without any hint on what to look for.
< 1 Hr. diffculty icon 2648 small pro icon
basic beaker label Express Local File Read
This exercise covers how an insecure call to render can be used to gain local files read with Express
< 1 Hr. diffculty icon 377 small pro icon
csrf label OAuth2: Authorization Server XSS
This exercise covers the exploitation of an XSS in an OAuth2 Authorization Server
< 1 Hr. diffculty icon 330 small pro icon
http label HTTP 10
This challenge covers how to send specific HTTP requests
< 1 Hr. diffculty icon 3425 small pro icon
http label HTTP 09
This challenge covers how to send specific HTTP requests
< 1 Hr. diffculty icon 3527 small pro icon
http label HTTP 07
This challenge covers how to send specific HTTP requests
< 1 Hr. diffculty icon 3609 small pro icon
http label HTTP 06
This challenge covers how to send specific HTTP requests
< 1 Hr. diffculty icon 3690 small pro icon
http label HTTP 08
This challenge covers how to send specific HTTP requests
< 1 Hr. diffculty icon 3529 small pro icon
http label HTTP 03
This challenge covers how to send specific HTTP requests
< 1 Hr. diffculty icon 4013 small pro icon
http label HTTP 04
This challenge covers how to send specific HTTP requests
< 1 Hr. diffculty icon 3866 small pro icon
http label HTTP 05
This challenge covers how to send specific HTTP requests
< 1 Hr. diffculty icon 3792 small pro icon
http label HTTP 02
This challenge covers how to send specific HTTP requests
< 1 Hr. diffculty icon 4228 small pro icon
http label HTTP 01
This challenge covers how to send specific HTTP requests
< 1 Hr. diffculty icon 4452 small pro icon
api label API 01 API
This exercise is the API version of an exercise you already solved in the Essential Badge. You should use it to get more confident with discovering vulnerabilities without any hint on what to look for.
< 1 Hr. diffculty icon 3144 small pro icon
basic beaker label JWT Algorithm Confusion with RSA Public Key Recovery jwt
This exercise covers the exploitation of algorithm confusion when no public key is available
< 1 Hr. diffculty icon 170 small pro icon
basic beaker label SAML: Comment Injection II
This exercise covers the exploitation of a comment injection vulnerability in SAML
< 1 Hr. diffculty icon 536 small pro icon
recon label Recon 24
In this challenge, you need to look for a file named key.txt in the place used to serve the assets for the main website
< 1 Hr. diffculty icon 4444 small free icon
recon label Recon 25
In this challenge, you need to look for a file named key2.txt in the place used to serve the assets for the main website
1-2 Hr. diffculty icon 2768 small free icon
recon label Recon 26
In this challenge, you need to look for a key in the JavaScript used by the website
< 1 Hr. diffculty icon 4214 small free icon
http label SSRF via FFMPEG
This exercise covers how you can read arbitrary files when an application uses ffmpeg to render videos from a video you provide
< 1 Hr. diffculty icon 227 small pro icon
basic beaker label SAML: Signature Wrapping II
This exercise covers how to use Signature Wrapping to become an arbitrary user
< 1 Hr. diffculty icon 402 small pro icon
basic beaker label RCE via argument injection
This exercise covers a remote command execution vulnerability via argument injection
2-4 Hr. diffculty icon 49 small pro icon
code review label Code Review 16
This exercise is one of our challenges to help you learn how to review real source code
< 1 Hr. diffculty icon 301 small pro icon
basic beaker label SAML: Signature Wrapping
This exercise covers how to use Signature Wrapping to become an arbitrary user
< 1 Hr. diffculty icon 497 small pro icon
recon label Recon 20
In this challenge, you need to look at the branches in repo3
< 1 Hr. diffculty icon 4519 small free icon
recon label Recon 21
In this challenge, you need to look at the information in the branches for repo4
< 1 Hr. diffculty icon 4417 small free icon
recon label Recon 22
In this challenge, you need to look in repo9 for deleted files
< 1 Hr. diffculty icon 4223 small free icon
recon label Recon 23
In this challenge, you need to look for sensitive information in commit messages
< 1 Hr. diffculty icon 4226 small free icon
basic beaker label SAML: SAMLResponse forwarding
This exercise covers how to pass the SAMLResponse from one Service Provider to another
< 1 Hr. diffculty icon 448 small pro icon
basic beaker label CGI and Signature
This exercise covers the exploitation of a vulnerable CGI.
< 1 Hr. diffculty icon 214 small pro icon
recon label Recon 17
In this challenge, you need to look at the name of the developer used in the repository test1
< 1 Hr. diffculty icon 4808 small free icon
recon label Recon 18
In this challenge, you need to look at the public repository of the developers in the organisation
< 1 Hr. diffculty icon 4557 small free icon
recon label Recon 19
In this challenge, you need to look at the email addresses used for commits in the repository repo7
< 1 Hr. diffculty icon 4272 small free icon
code review label Code Review 15
This exercise is one of our challenges to help you learn how to review real source code
< 1 Hr. diffculty icon 289 small pro icon
code review label Code Review 14
This exercise is one of our challenges to help you learn how to review real source code
< 1 Hr. diffculty icon 311 small pro icon
http label CVE-2020-14343: PyYAML unsafe loader
This exercise covers how you can gain code execution when an application use a vulnerable version of PyYAML and relies on load()
< 1 Hr. diffculty icon 297 small pro icon
basic beaker label OAuth2: State Fixation
This exercise covers the exploitation of a state fixation in an OAuth2 Client
1-2 Hr. diffculty icon 368 small pro icon
code review label Code Review 13
This exercise is one of our challenges to help you learn how to review real source code
2-4 Hr. diffculty icon 214 small pro icon
http label CVE-2020-7115: Aruba Clearpass RCE
This exercise covers a remote command execution issue on Aruba Clearpass RCE
< 1 Hr. diffculty icon 202 small pro icon
code review label Code Review 12
This exercise is one of our challenges to help you learn how to review real source code
< 1 Hr. diffculty icon 340 small pro icon
basic beaker label OAuth2: Predictable State II
This exercise covers the exploitation of a predictable state in an OAuth2 Client
1-2 Hr. diffculty icon 248 small pro icon
recon label Recon 13
In this challenge, you need to find the TXT record linked to key.z.hackycorp.com
< 1 Hr. diffculty icon 5614 small free icon
recon label Recon 14
In this challenge, you need to find a TXT record by doing a zone transfer on z.hackycorp.com
< 1 Hr. diffculty icon 5061 small free icon
recon label Recon 15
In this challenge, you need to find a TXT record by doing a zone transfer on the internal zone "int"
< 1 Hr. diffculty icon 4544 small free icon
recon label Recon 16
In this challenge, you need to find the version of Bind used
< 1 Hr. diffculty icon 4723 small free icon
basic beaker label EDDSA vulnerability in Monocypher Crypto
This exercise covers the exploitation of a vulnerability impacting Monocypher.
1-2 Hr. diffculty icon 169 small pro icon
code review label Code Review 11
This exercise is one of our challenges to help you learn how to review real source code
2-4 Hr. diffculty icon 168 small pro icon
basic beaker label OAuth2: Predictable State
This exercise covers the exploitation of a predictable state in an OAuth2 Client
2-4 Hr. diffculty icon 267 small pro icon
code review label Code Review 10
This exercise is one of our challenges to help you learn how to review real source code
< 1 Hr. diffculty icon 272 small pro icon
recon label Recon 11
< 1 Hr. diffculty icon 5104 small free icon
recon label Recon 12
< 1 Hr. diffculty icon 5615 small free icon
basic beaker label Unicode and NFKC
This exercise covers how to leverage unicode to exploit a directory traversal
< 1 Hr. diffculty icon 291 small pro icon
basic beaker label SAML: Trusted Embedded Key
This exercise covers the exploitation of a Service Provider (SP) that doesn't check the certificate provided in the SAMLResponse
< 1 Hr. diffculty icon 461 small pro icon
recon label Recon 06
This exercise covers default vhost
< 1 Hr. diffculty icon 9974 small free icon
recon label Recon 07
This exercise covers default TLS vhost
< 1 Hr. diffculty icon 9024 small free icon
recon label Recon 08
This exercise covers aliases in TLS certificates
< 1 Hr. diffculty icon 8174 small free icon
http label CVE-2020-8163: Rails local name RCE
This exercise details the exploitation of CVE-2020-8163 to gain code execution
1-2 Hr. diffculty icon 214 small pro icon
basic beaker label SAML: Known Key
This exercise covers the exploitation of a known key in SAML
1-2 Hr. diffculty icon 483 small pro icon
code review label Code Review 09
This exercise is one of our challenges to help you learn how to review real source code
1-2 Hr. diffculty icon 208 small pro icon
recon label Recon 04
This exercise covers common interesting directories
< 1 Hr. diffculty icon 13773 small free icon
recon label Recon 05
This exercise covers simple directory bruteforcing
< 1 Hr. diffculty icon 10195 small free icon
recon label Recon 01
This exercise covers 404 error pages
< 1 Hr. diffculty icon 18197 small free icon
csrf label OAuth2: Client Server XSS
This exercise covers the exploitation of a Cross-Site Scripting in an OAuth2 Client and Server
1-2 Hr. diffculty icon 342 small pro icon
basic beaker label Zip symlink
This exercise covers how you can create a malicious Zip file and use it to gain access to sensitive files.
< 1 Hr. diffculty icon 557 small pro icon
code review label Code Review 08
This exercise is one of our challenges to help you learn how to review real source code
1-2 Hr. diffculty icon 306 small pro icon
basic beaker label SAML: Comment Injection
This exercise covers the exploitation of a comment injection vulnerability in SAML
< 1 Hr. diffculty icon 1505 small pro icon
basic beaker label Unicode and Downcase
This exercise covers how you can use unicode to gain access to an admin account.
< 1 Hr. diffculty icon 570 small pro icon
code review label Code Review 07
This exercise is one of our challenges to help you learn how to review real source code
1-2 Hr. diffculty icon 237 small pro icon
basic beaker label Java Serialize 01
This exercise is one of our challenges to help you learn Java Serialisation exploitation
< 1 Hr. diffculty icon 370 small pro icon
basic beaker label Unicode and Uppercase
This exercise covers how you can use unicode to gain access to an admin account.
< 1 Hr. diffculty icon 638 small pro icon
code review label Code Review 06
This exercise is one of our challenges to help you learn how to review real source code
2-4 Hr. diffculty icon 182 small pro icon
basic beaker label Cross-Site Leak
This exercise covers how to use Cross-Site Leak to recover sensitive information
2-4 Hr. diffculty icon 546 small pro icon
sqli label From SQL injection to Shell III: PostgreSQL Edition SQL Injection
This exercise covers how to gain access to an administration interface using a SQL injection, and how to get command execution using Ghostscript
2-4 Hr. diffculty icon 237 small pro icon
csrf label OAuth2: Client CSRF II
This exercise covers the exploitation of a CSRF in an OAuth2 Client
2-4 Hr. diffculty icon 461 small pro icon
csrf label XSS Include XSS
This exercise covers how to use Cross-Site-Scripting Include to leak information
< 1 Hr. diffculty icon 1250 small pro icon
csrf label OAuth2: Client CSRF
This exercise covers the exploitation of a CSRF in an OAuth2 Client
< 1 Hr. diffculty icon 911 small pro icon
code review label Code Review 05
This exercise is one of our challenges to help you learn how to review real source code
2-4 Hr. diffculty icon 214 small pro icon
code review label Code Review 04
This exercise is one of our challenges to help you learn how to review real source code
1-2 Hr. diffculty icon 327 small pro icon
basic beaker label JS Prototype Pollution
This exercise covers how to exploit Prototype Pollution against a JavaScript application
< 1 Hr. diffculty icon 871 small pro icon
csrf label OAuth2: Authorization Server CSRF
This exercise covers the exploitation of a CSRF in an OAuth2 Authorization Server
1-2 Hr. diffculty icon 1057 small pro icon
code review label Code Review 03
This exercise is one of our challenges to help you learn how to review real source code
2-4 Hr. diffculty icon 245 small pro icon
http label SSRF in PDF generation
This exercise covers how you can read arbitrary files when an application generates pdfs from provided links
< 1 Hr. diffculty icon 841 small pro icon
basic beaker label OAuth2: Github HTTP HEAD
This exercise covers the exploitation of the HTTP HEAD issue impacting Github in 2019
< 1 Hr. diffculty icon 432 small pro icon
csrf label SVG XSS
This exercise covers how to use an SVG to trigger a Cross-Site-Scripting
< 1 Hr. diffculty icon 1709 small pro icon
http label Apache Pluto RCE
This exercise covers how to gain code execution on Apache Pluto 3.0.0 due to a flaw in the authorization logic
< 1 Hr. diffculty icon 521 small pro icon
csrf label JSON Cross-Site Request Forgery
This exercise details the exploitation of a Cross-Site Request Forgery when JSON is used
< 1 Hr. diffculty icon 1403 small pro icon
csrf label Cross-Site Request Forgery
This exercise details the exploitation of a Cross-Site Request Forgery to gain access to sensitive data
< 1 Hr. diffculty icon 1481 small pro icon
code review label Code Review 02
This exercise is one of our challenges to help you learn how to review real source code
1-2 Hr. diffculty icon 400 small pro icon
basic beaker label postMessage() IV
This exercise covers how insecure calls to the JavaScript function postMessage() can be used to leak sensitive information when a listener does not filter the Origin and X-Frame-Options is used
< 1 Hr. diffculty icon 913 small pro icon
basic beaker label Spring Actuators
This exercise covers how you can gain code execution using Spring Actuators when Spring Cloud is used.
1-2 Hr. diffculty icon 278 small pro icon
basic beaker label postMessage() III
This exercise covers how insecure calls to the JavaScript function postMessage() can be used to trigger a Cross-Site Scripting
1-2 Hr. diffculty icon 928 small pro icon
basic beaker label postMessage() II
This exercise covers how insecure calls to the JavaScript function postMessage() can be used to leak sensitive information when a listener does not filter the Origin
< 1 Hr. diffculty icon 1029 small pro icon
basic beaker label PHP phar://
This exercise covers how the PHP phar:// handler can be used to gain code execution using PHP unserialize.
< 1 Hr. diffculty icon 337 small pro icon
basic beaker label Signing Oracle
This exercise covers how a signing oracle can be used to bypass authorization in place
< 1 Hr. diffculty icon 794 small pro icon
basic beaker label Length Extension Attack
This exercise covers how to use a length extension attack to exploit a directory traversal vulnerability
1-2 Hr. diffculty icon 706 small pro icon
basic beaker label JSON Web Encryption
This exercise covers how you can create your own JWE if you have access to the public key used by the server
< 1 Hr. diffculty icon 508 small pro icon
basic beaker label postMessage()
This exercise covers how insecure calls to the JavaScript function postMessage() can be used to leak sensitive information
< 1 Hr. diffculty icon 1171 small pro icon
http label CVE-2019-5418
This exercise details the exploitation of CVE-2019-5418 to get code execution
1-2 Hr. diffculty icon 474 small pro icon
basic beaker label Cross-Site WebSocket Hijacking
This exercise covers Cross-Site WebSocket Hijacking and how it can be used to gain access to sensitive information
< 1 Hr. diffculty icon 1051 small pro icon
basic beaker label JWT XII jwt
This exercise covers how to use the x5u header to bypass an authentication based on JWT.
1-2 Hr. diffculty icon 644 small pro icon
basic beaker label Cross-Origin Resource Sharing II
This exercise covers Cross-Origin Resource Sharing and how it can be used to get access to sensitive data.
< 1 Hr. diffculty icon 996 small pro icon
basic beaker label JWT XI jwt
This exercise covers how to use the jku header to bypass an authentication based on JWT.
1-2 Hr. diffculty icon 642 small pro icon
http label cve-2019-5420 II
This exercise details the exploitation of CVE-2019-5420 to gain code execution
1-2 Hr. diffculty icon 532 small pro icon
basic beaker label OAuth2: Client OpenRedirect
This exercise covers the exploitation of an OpenRedirect in an OAuth2 Client
< 1 Hr. diffculty icon 787 small pro icon
http label CVE-2019-5420
This exercise details the exploitation of CVE-2019-5420 to forge a session as another user
2-4 Hr. diffculty icon 837 small pro icon
basic beaker label JWT X jwt
This exercise covers how to use the jku header to bypass an authentication based on JWT.
< 1 Hr. diffculty icon 727 small pro icon
basic beaker label GraphQL: SQL Injection
This exercise covers how to use introspection and a SQL injection to get access to additional information in GraphQL.
1-2 Hr. diffculty icon 1353 small pro icon
basic beaker label OAuth2: Authorization Server OpenRedirect
This exercise covers the exploitation of an OpenRedirect in an OAuth2 Authorization Server
< 1 Hr. diffculty icon 899 small pro icon
basic beaker label JWT IX jwt
This exercise covers how to use the jku header to bypass an authentication based on JWT.
< 1 Hr. diffculty icon 847 small pro icon
http label Gogs RCE II
This exercise covers how to get code execution against the Git self hosted tool: Gogs.
< 1 Hr. diffculty icon 568 small pro icon
basic beaker label JWT VIII jwt
This exercise covers how to use the jku header to bypass an authentication based on JWT.
1-2 Hr. diffculty icon 916 small pro icon
basic beaker label SAML: Signature Stripping
This exercise covers the exploitation of a signature stripping vulnerability in SAML
< 1 Hr. diffculty icon 1884 small pro icon
basic beaker label GraphQL Introspection
This exercise covers how to use introspection to get access to additional information in GraphQL.
< 1 Hr. diffculty icon 2193 small pro icon
http label Gogs RCE
This exercise covers how to get code execution against the Git self hosted tool: Gogs.
1-2 Hr. diffculty icon 633 small pro icon
basic beaker label Android 07
This exercise will guide you through the process of reversing a simple obfuscated Android code to recover the encrypted data
1-2 Hr. diffculty icon 1341 small pro icon
basic beaker label Android 06
This exercise will guide you through the process of reversing a simple obfuscated Android code to recover the encrypted data
< 1 Hr. diffculty icon 1573 small pro icon
basic beaker label Android 05
This exercise will guide you through the process of reversing a simple obfuscated Android code to recover the encrypted data
1-2 Hr. diffculty icon 1862 small pro icon
basic beaker label Ruby 2.x Universal RCE Deserialization Gadget Chain
This exercise covers how to get code execution by using a Ruby Universal Gadget when an attacker controls the data passed to Marshal.load()
< 1 Hr. diffculty icon 1331 small pro icon
http label CVE-2018-10933: LibSSH auth bypass
This exercise covers how to bypass authentication on an SSH server based on libssh to gain a shell on the affected system
-- diffculty icon 0 small free icon
basic beaker label Android 04
This exercise will guide you through the process of reversing a simple Android code
< 1 Hr. diffculty icon 2372 small pro icon
basic beaker label Android 03
This exercise will guide you through the process of extracting simple information from an APK
< 1 Hr. diffculty icon 3171 small pro icon
sqli label From SQL injection to Shell III SQL Injection
This exercise covers how to gain access to an administration interface using SQL injection followed by how to get command execution using ImageTragick
1-2 Hr. diffculty icon 1068 small pro icon
basic beaker label Android 02
This exercise will guide you through the process of extracting data from a simple database used by an Android app
< 1 Hr. diffculty icon 3451 small pro icon
basic beaker label IDOR to Shell
This exercise covers how to get code execution by chaining vulnerabilities in a Ruby-on-Rails application
1-2 Hr. diffculty icon 995 small pro icon
basic beaker label Android 01
This exercise will guide you through the process of extracting simple information from an APK
< 1 Hr. diffculty icon 3749 small pro icon
basic beaker label Introduction to CSP
This exercise details the exploitation of a XSS in a simple web application that uses Content Security Policy
< 1 Hr. diffculty icon 2370 small pro icon
http label CVE-2018-11235: Git Submodule RCE
This exercise details the exploitation of a vulnerability in Git Sub module that can be used to get command execution
2-4 Hr. diffculty icon 494 small pro icon
basic beaker label Git Information Leak II
This exercise details how to retrieve information from an exposed .git directory on a web server, provided directory listing is disabled
< 1 Hr. diffculty icon 2488 small pro icon
basic beaker label Git Information Leak
This exercise details how to retrieve information from an exposed .git directory on a web server
< 1 Hr. diffculty icon 3367 small pro icon
basic beaker label JWT VII jwt
This exercise covers the exploitation of a website using JWT for session without verifying the signature
< 1 Hr. diffculty icon 3211 small pro icon
http label CVE-2016-5386: HTTPoxy/Golang HTTProxy namespace conflict
This exercise covers the exploitation of HTTPoxy against an old version of Golang
< 1 Hr. diffculty icon 888 small pro icon
basic beaker label Unix 31
This exercise is one of our challenges to help you learn more about Unix/Linux
< 1 Hr. diffculty icon 13681 small pro icon
basic beaker label Unix 30
This exercise is one of our challenges to help you learn more about Unix/Linux
< 1 Hr. diffculty icon 13712 small pro icon
basic beaker label Unix 25
This exercise is one of our challenges to help you learn more about Unix/Linux
< 1 Hr. diffculty icon 14366 small pro icon
basic beaker label Unix 32
This exercise is one of our challenges to help you learn more about Unix/Linux
< 1 Hr. diffculty icon 13658 small pro icon
basic beaker label Unix 34
This exercise is one of our challenges to help you learn more about Unix/Linux
< 1 Hr. diffculty icon 13590 small pro icon
basic beaker label Unix 33
This exercise is one of our challenges to help you learn more about Unix/Linux
< 1 Hr. diffculty icon 13627 small pro icon
basic beaker label Unix 27
This exercise is one of our challenges to help you learn more about Unix/Linux
< 1 Hr. diffculty icon 14188 small pro icon
basic beaker label Unix 29
This exercise is one of our challenges to help you learn more about Unix/Linux
< 1 Hr. diffculty icon 14112 small pro icon
basic beaker label Unix 28
This exercise is one of our challenges to help you learn more about Unix/Linux
< 1 Hr. diffculty icon 14135 small pro icon
basic beaker label Unix 26
This exercise is one of our challenges to help you learn more about Unix/Linux
< 1 Hr. diffculty icon 14273 small pro icon
basic beaker label CBC-MAC II Crypto
This exercise covers the exploitation of an application using CBC-MAC when an attacker has control over the IV
1-2 Hr. diffculty icon 1663 small pro icon
basic beaker label JWT VI jwt
This exercise covers the exploitation of an injection in the kid element of a JWT. This injection can be used to bypass the signature mechanism
< 1 Hr. diffculty icon 2444 small pro icon
http label CVE-2018-6574: go get RCE
This exercise covers a remote command execution in Golang's go get command.
< 1 Hr. diffculty icon 851 small pro icon
basic beaker label Unix 11
This exercise is one of our challenges to help you learn more about Unix/Linux
< 1 Hr. diffculty icon 19194 small pro icon
basic beaker label Unix 12
This exercise is one of our challenges to help you learn more about Unix/Linux
< 1 Hr. diffculty icon 18682 small pro icon
basic beaker label Unix 13
This exercise is one of our challenges to help you learn more about Unix/Linux
< 1 Hr. diffculty icon 17829 small pro icon
basic beaker label Unix 14
This exercise is one of our challenges to help you learn more about Unix/Linux
< 1 Hr. diffculty icon 17400 small pro icon
basic beaker label Unix 15
This exercise is one of our challenges to help you learn more about Unix/Linux
< 1 Hr. diffculty icon 15881 small pro icon
basic beaker label Unix 16
This exercise is one of our challenges to help you learn more about Unix/Linux
< 1 Hr. diffculty icon 15518 small pro icon
basic beaker label Unix 17
This exercise is one of our challenges to help you learn more about Unix/Linux
< 1 Hr. diffculty icon 15750 small pro icon
basic beaker label Unix 18
This exercise is one of our challenges to help you learn more about Unix/Linux
< 1 Hr. diffculty icon 15674 small pro icon
basic beaker label Unix 19
This exercise is one of our challenges to help you learn more about Unix/Linux
< 1 Hr. diffculty icon 15580 small pro icon
basic beaker label Unix 20
This exercise is one of our challenges to help you learn more about Unix/Linux
< 1 Hr. diffculty icon 14627 small pro icon
basic beaker label Unix 21
This exercise is one of our challenges to help you learn more about Unix/Linux
< 1 Hr. diffculty icon 14815 small pro icon
basic beaker label Unix 22
This exercise is one of our challenges to help you learn more about Unix/Linux
< 1 Hr. diffculty icon 14685 small pro icon
basic beaker label Unix 23
This exercise is one of our challenges to help you learn more about Unix/Linux
< 1 Hr. diffculty icon 14456 small pro icon
basic beaker label Unix 24
This exercise is one of our challenges to help you learn more about Unix/Linux
< 1 Hr. diffculty icon 14371 small pro icon
basic beaker label JWT V jwt
This exercise covers the exploitation of a trivial secret used to sign JWT tokens.
< 1 Hr. diffculty icon 2917 small pro icon
http label CVE-2018-0114 jwt
This exercise details the exploitation of a vulnerability in Cisco's node-jose, a JavaScript library created to manage JWT
2-4 Hr. diffculty icon 1779 small pro icon
basic beaker label JWT IV jwt
This exercise covers the exploitation of a vulnerability similar to the recent CVE-2017-17405 impacting Ruby Net::FTP
< 1 Hr. diffculty icon 2593 small pro icon
basic beaker label CBC-MAC Crypto
This exercise covers the exploitation of signature of non-fixed size messages with CBC-MAC
1-2 Hr. diffculty icon 1624 small pro icon
basic beaker label JWT kid Injection jwt
This exercise covers the exploitation of an issue in the usage of JWT token
1-2 Hr. diffculty icon 2800 small pro icon
basic beaker label Code Execution 09
This exercise is one of our challenges on Code Execution
< 1 Hr. diffculty icon 10457 small pro icon
basic beaker label Server Side Template Injection 02
This exercise is one of our challenges on Server-Side Template Injection
< 1 Hr. diffculty icon 8237 small pro icon
basic beaker label MongoDB Injection 02
This exercise is one of our challenges on vulnerabilities related to MongoDB
1-2 Hr. diffculty icon 8244 small pro icon
basic beaker label Authorization 06
This exercise is one of our challenges on Authorisation issues
< 1 Hr. diffculty icon 14301 small pro icon
basic beaker label Code Execution 08
This exercise is one of our challenges on Code Execution
< 1 Hr. diffculty icon 10554 small pro icon
basic beaker label Authorization 04
This exercise is one of our challenges on Authorisation issues
< 1 Hr. diffculty icon 15457 small pro icon
basic beaker label Authorization 05
This exercise is one of our challenges on Authorisation issues
< 1 Hr. diffculty icon 14906 small pro icon
basic beaker label Command Execution 03
This exercise is one of our challenges on Command Execution
< 1 Hr. diffculty icon 10903 small pro icon
basic beaker label Server Side Template Injection 01
This exercise is one of our challenges on Server-Side Template Injection
< 1 Hr. diffculty icon 8226 small pro icon
basic beaker label Code Execution 05
This exercise is one of our challenges on Code Execution
< 1 Hr. diffculty icon 12033 small pro icon
basic beaker label Code Execution 06
This exercise is one of our challenges on Code Execution
< 1 Hr. diffculty icon 11778 small pro icon
basic beaker label Code Execution 07
This exercise is one of our challenges on Code Execution
< 1 Hr. diffculty icon 11525 small pro icon
basic beaker label Introduction to code review
This exercise covers the different ways to perform code review. It also contains a simple application to review to help you get started.
-- diffculty icon 0 small free icon
basic beaker label S2-052
This exercise covers the exploitation of the Struts S2-052 vulnerability
< 1 Hr. diffculty icon 2461 small free icon
sqli label SQL Injection 06 SQL Injection
This exercise is one of our challenges on SQL Injections
< 1 Hr. diffculty icon 9031 small pro icon
basic beaker label XML Attacks 01
This exercise is one of our challenges on vulnerabilities related to XML processing
< 1 Hr. diffculty icon 8740 small pro icon
basic beaker label XML Attacks 02
This exercise is one of our challenges on vulnerabilities related to XML processing
< 1 Hr. diffculty icon 8271 small pro icon
sqli label SQL Injection 04 SQL Injection
This exercise is one of our challenges on SQL Injections
< 1 Hr. diffculty icon 9578 small pro icon
sqli label SQL Injection 05 SQL Injection
This exercise is one of our challenges on SQL Injections
< 1 Hr. diffculty icon 9483 small pro icon
sqli label SQL Injection 01 SQL Injection
This exercise is one of our challenges on SQL Injections
< 1 Hr. diffculty icon 10931 small pro icon
sqli label SQL Injection 02 SQL Injection
This exercise is one of our challenges on SQL Injections
< 1 Hr. diffculty icon 10452 small pro icon
sqli label SQL Injection 03 SQL Injection
This exercise is one of our challenges on SQL Injections
< 1 Hr. diffculty icon 10144 small pro icon
basic beaker label Code Execution 02
This exercise is one of our challenges on Code Execution
< 1 Hr. diffculty icon 13335 small pro icon
basic beaker label Authorization 03
This exercise is one of our challenges on Authorisation issues
< 1 Hr. diffculty icon 16436 small pro icon
basic beaker label Command Execution 01
This exercise is one of our challenges on Command Execution
< 1 Hr. diffculty icon 11377 small pro icon
basic beaker label Command Execution 02
This exercise is one of our challenges on Command Execution
< 1 Hr. diffculty icon 11028 small pro icon
http label Server Side Request Forgery 04
This exercise is one of our challenges on Server-Side Request Forgery
< 1 Hr. diffculty icon 9371 small pro icon
basic beaker label Open Redirect 01
This exercise is one of our challenges on Open Redirect
< 1 Hr. diffculty icon 9675 small pro icon
basic beaker label Open Redirect 02
This exercise is one of our challenges on Open Redirect
< 1 Hr. diffculty icon 9364 small pro icon
basic beaker label MongoDB Injection 01
This exercise is one of our challenges on vulnerabilities related to MongoDB
< 1 Hr. diffculty icon 9772 small pro icon
basic beaker label SAML: Introduction
This exercise covers the exploitation of a signature stripping vulnerability in SAML
< 1 Hr. diffculty icon 2621 small pro icon
http label Server Side Request Forgery 02
This exercise is one of our challenges on Server-Side Request Forgery
< 1 Hr. diffculty icon 9720 small pro icon
http label Server Side Request Forgery 03
This exercise is one of our challenges on Server-Side Request Forgery
< 1 Hr. diffculty icon 9681 small pro icon
http label Server Side Request Forgery 01
This exercise is one of our challenges on Server-Side Request Forgery
< 1 Hr. diffculty icon 9896 small pro icon
csrf label XSS 09 XSS
This exercise is one of our challenges on Cross-Site Scripting
< 1 Hr. diffculty icon 8794 small pro icon
csrf label XSS 10 XSS
This exercise is one of our challenges on Cross-Site Scripting
< 1 Hr. diffculty icon 8155 small pro icon
basic beaker label Directory Traversal 01
This exercise is one of our challenges on Directory Traversal
< 1 Hr. diffculty icon 11612 small pro icon
basic beaker label Directory Traversal 02
This exercise is one of our challenges on Directory Traversal
< 1 Hr. diffculty icon 11391 small pro icon
basic beaker label Directory Traversal 03
This exercise is one of our challenges on Directory Traversal
< 1 Hr. diffculty icon 11251 small pro icon
csrf label XSS 02 XSS
This exercise is one of our challenges on Cross-Site Scripting
< 1 Hr. diffculty icon 10363 small pro icon
csrf label XSS 03 XSS
This exercise is one of our challenges on Cross-Site Scripting
< 1 Hr. diffculty icon 9991 small pro icon
csrf label XSS 04 XSS
This exercise is one of our challenges on Cross-Site Scripting
< 1 Hr. diffculty icon 9512 small pro icon
csrf label XSS 05 XSS
This exercise is one of our challenges on Cross-Site Scripting
< 1 Hr. diffculty icon 9226 small pro icon
csrf label XSS 06 XSS
This exercise is one of our challenges on Cross-Site Scripting
< 1 Hr. diffculty icon 9180 small pro icon
csrf label XSS 07 XSS
This exercise is one of our challenges on Cross-Site Scripting
< 1 Hr. diffculty icon 9025 small pro icon
csrf label XSS 08 XSS
This exercise is one of our challenges on Cross-Site Scripting
< 1 Hr. diffculty icon 8892 small pro icon
basic beaker label File Upload 01
This exercise is one of our challenges on Upload vulnerabilities
< 1 Hr. diffculty icon 8990 small pro icon
basic beaker label File Upload 02
This exercise is one of our challenges on Upload vulnerabilities
< 1 Hr. diffculty icon 8873 small pro icon
csrf label XSS 01 XSS
This exercise is one of our challenges on Cross-Site Scripting
< 1 Hr. diffculty icon 10790 small pro icon
basic beaker label Authentication 05
This exercise is one of our challenges on Authentication issues
< 1 Hr. diffculty icon 16871 small pro icon
basic beaker label Code Execution 03
This exercise is one of our challenges on Code Execution
< 1 Hr. diffculty icon 12658 small pro icon
basic beaker label Code Execution 04
This exercise is one of our challenges on Code Execution
< 1 Hr. diffculty icon 12418 small pro icon
basic beaker label File Include 01
This exercise is one of our challenges on File Include vulnerabilities
< 1 Hr. diffculty icon 10717 small pro icon
basic beaker label File Include 02
This exercise is one of our challenges on File Include vulnerabilities
< 1 Hr. diffculty icon 10450 small pro icon
basic beaker label LDAP 01
This exercise is one of our challenges on vulnerabilities related to LDAP
< 1 Hr. diffculty icon 10389 small pro icon
basic beaker label LDAP 02
This exercise is one of our challenges on vulnerabilities related to LDAP
< 1 Hr. diffculty icon 9936 small pro icon
basic beaker label Authentication 04
This exercise is one of our challenges on Authentication issues
< 1 Hr. diffculty icon 17643 small pro icon
basic beaker label Authentication 01
This exercise is one of our challenges on Authentication issues
< 1 Hr. diffculty icon 19172 small pro icon
basic beaker label Authentication 02
This exercise is one of our challenges on Authentication issues
< 1 Hr. diffculty icon 18515 small pro icon
basic beaker label Authentication 03
This exercise is one of our challenges on Authentication issues
< 1 Hr. diffculty icon 17974 small pro icon
basic beaker label Authorization 01
This exercise is one of our challenges on Authorisation issues
< 1 Hr. diffculty icon 17007 small pro icon
basic beaker label Authorization 02
This exercise is one of our challenges on Authorisation issues
< 1 Hr. diffculty icon 16686 small pro icon
basic beaker label Code Execution 01
This exercise is one of our challenges on Code Execution
< 1 Hr. diffculty icon 14164 small pro icon
http label CVE-2016-10033: PHPMailer RCE
This exercise covers a remote code execution vulnerability in PHPMailer
< 1 Hr. diffculty icon 3645 small pro icon
basic beaker label Cipher block chaining Crypto
This exercise details how to tamper with data encrypted using CBC
1-2 Hr. diffculty icon 2846 small pro icon
basic beaker label Struts s2-045
This exercise covers a Remote Code Execution in Struts 2.
< 1 Hr. diffculty icon 2697 small pro icon
http label CVE-2016-2098
This exercise covers a remote code execution vulnerability in Ruby-on-Rails when using render on user-supplied data
< 1 Hr. diffculty icon 3558 small pro icon
http label CVE-2014-4511: Gitlist RCE
This exercise explains how you can exploit a vulnerability published in 2014 in Gitlist.
< 1 Hr. diffculty icon 9 small free icon
basic beaker label ECDSA Crypto
This exercise covers the exploitation of a weakness in the usage of ECDSA
2-4 Hr. diffculty icon 343 small pro icon
basic beaker label Werkzeug DEBUG
This challenge was written for Ruxcon CTF 2015 and cover the Debug mode of Werkzeug/Flask
< 1 Hr. diffculty icon 1573 small pro icon
basic beaker label Padding Oracle
This exercise covers an attack against CBC mode. This attack can be used to decrypt data and re-encrypt arbitrary data
1-2 Hr. diffculty icon 820 small free icon
basic beaker label Unickle
This challenge was written for Ruxcon CTF 2015. It's an SQL injection mixed with a remote code execution.
1-2 Hr. diffculty icon 659 small pro icon
http label CVE-2015-3224
This exercise is a challenge written for Nullcon CTF in 2015
< 1 Hr. diffculty icon 1586 small pro icon
basic beaker label Luhn
This challenge was written for Ruxcon CTF 2015. It's an SQL injection with a twist
2-4 Hr. diffculty icon 605 small pro icon
http label CVE-2013-0156: Rails Object Injection
This exercise covers the exploitation of a code execution in Ruby-on-Rails using XML and YAML.
< 1 Hr. diffculty icon 3912 small pro icon
basic beaker label JWT Algorithm Confusion jwt
This exercise covers the exploitation of an issue with some implementations of JWT
1-2 Hr. diffculty icon 3655 small pro icon
http label CVE-2016-0792
This exercise covers the exploitation of an Xstream vulnerability in Jenkins
< 1 Hr. diffculty icon 4682 small pro icon
basic beaker label ObjectInputStream
This exercise covers the exploitation of a call to readObject in a Spring application
< 1 Hr. diffculty icon 4204 small pro icon
basic beaker label XMLDecoder
This exercise covers the exploitation of an application using XMLDecoder
< 1 Hr. diffculty icon 5241 small pro icon
basic beaker label CVE-2014-1266
This exercise covers how to intercept an HTTPs connection
1-2 Hr. diffculty icon 1054 small pro icon
basic beaker label CVE-2011-0228
This exercise covers how to intercept an HTTPs connection
1-2 Hr. diffculty icon 1207 small pro icon
basic beaker label Intercept 03
This exercise covers how to intercept an HTTPs connection with hostname verification.
< 1 Hr. diffculty icon 1485 small pro icon
basic beaker label Intercept 02
This exercise covers how to intercept an HTTPs connection.
< 1 Hr. diffculty icon 1639 small pro icon
basic beaker label Intercept 01
This exercise covers how to intercept an HTTP connection.
1-2 Hr. diffculty icon 1810 small pro icon
basic beaker label Struts devMode
This exercise covers how to get code execution when a Struts application is running in devMode
-- diffculty icon 0 small pro icon
basic beaker label JSON Web Token None Algorithm jwt
This exercise covers the exploitation of a signature weakness in a JWT library.
< 1 Hr. diffculty icon 9791 small pro icon
basic beaker label Cross-Origin Resource Sharing
This exercise covers Cross-Origin Resource Sharing and how it can be used to bypass CSRF protection if it's misconfigured
-- diffculty icon 0 small pro icon
api label API to Shell API
This exercise covers the exploitation of PHP type confusion to bypass a signature and the exploitation of unserialize.
2-4 Hr. diffculty icon 3388 small pro icon
basic beaker label Pickle Code Execution
This exercise covers the exploitation of Python's pickle when used to deserialize untrusted data
< 1 Hr. diffculty icon 6259 small pro icon
basic beaker label Play XML Entities
This exercise covers the exploitation of XML entities in the Play framework
1-2 Hr. diffculty icon 2196 small free icon
http label CVE-2014-6271/Shellshock
This exercise covers the exploitation of a Bash vulnerability through a CGI.
< 1 Hr. diffculty icon 8732 small free icon
basic beaker label Play Session Injection
This exercise covers the exploitation of a session injection in the Play framework. This issue can be used to tamper with the content of the session while bypassing the signing mechanism
< 1 Hr. diffculty icon 2821 small free icon
http label CVE-2007-1860: mod_jk double-decoding
This exercise covers the exploitation of CVE-2007-1860. This vulnerability allows an attacker to gain access to inaccessible pages using crafted requests. This is a common trick that a lot of testers miss.
1-2 Hr. diffculty icon 5962 small free icon
sqli label XSS and MySQL FILE XSS
This exercise explains how to exploit a Cross-Site Scripting vulnerability to obtain an administrator's cookies, and how you can use their session to gain access to the administration panel, and find a SQL injection to gain code execution
-- diffculty icon 0 small free icon
basic beaker label Electronic Code Book Crypto
This exercise explains how you can tamper with encrypted cookies to access another user's account
1-2 Hr. diffculty icon 5718 small free icon
basic beaker label Web for Pentester II
This exercise is a set of the most common web vulnerabilities.
-- diffculty icon 0 small free icon
sqli label From SQL Injection to Shell II SQL Injection
This exercise explains how you can, from a blind SQL injection, gain access to the administration console. Then once in the administration console, how you can run commands on the system.
1-2 Hr. diffculty icon 33 small free icon
http label CVE-2012-6081: MoinMoin code execution
This exercise explains how you can exploit CVE-2012-6081 to gain code execution. This vulnerability was exploited to compromise Debian's wiki and Python documentation website
-- diffculty icon 0 small free icon
basic beaker label Web for Pentester
This exercise is a set of the most common web vulnerabilities.
-- diffculty icon 0 small free icon
basic beaker label Axis2 Web service and Tomcat Manager
This exercise explains the interactions between Tomcat and Apache, then it shows how to call and attack an Axis2 Web service. Using information retrieved from this attack, you will be able to gain access to the Tomcat Manager and deploy a WebShell to gain command execution.
-- diffculty icon 0 small free icon
http label CVE-2008-1930: WordPress Cookie Integrity Flaw
This exercise explains how you can exploit CVE-2008-1930 to gain access to the administration interface of a Wordpress installation.
< 1 Hr. diffculty icon 17 small free icon
sqli label From SQL Injection to Shell: PostgreSQL edition SQL Injection
This exercise explains how you can from a SQL injection gain access to the administration console, and from there, how you can run commands on the underlying system
< 1 Hr. diffculty icon 10 small free icon
basic beaker label Rack Cookies and Commands injection
After a short brute force introduction, this exercise explains the tampering of rack cookies and how you can even manage to modify a signed cookie (if the secret is trivial). Using this issue, you will be able to escalate your privileges and gain command execution
-- diffculty icon 0 small free icon
basic beaker label Linux Host Review
This exercise explains how to perform a Linux host review, what and how you can check the configuration of a Linux server to ensure it is securely configured. The reviewed system is a traditional Linux-Apache-Mysql-PHP (LAMP) server used to host a blog.
-- diffculty icon 0 small free icon
http label CVE-2012-2661: ActiveRecord SQL injection
This exercise explains how you can exploit CVE-2012-2661 to retrieve information from a database
-- diffculty icon 0 small free icon
http label CVE-2012-1823: PHP CGI
This exercise explains how you can exploit CVE-2012-1823 to retrieve the source code of an application and gain code execution.
-- diffculty icon 0 small free icon
basic beaker label PHP Include And Post Exploitation
This exercise describes the exploitation of a local file include with limited access. Once code execution is gained, you will see some post exploitation tricks.
-- diffculty icon 0 small free icon
sqli label From SQL Injection to Shell SQL Injection
This exercise demonstrates how to leverage a SQL injection to gain access to the admin console, and from there, how to execute commands on the underlying system
< 1 Hr. diffculty icon 7982 small free icon
basic beaker label Introduction 01
This exercise will guide through the process of scoring an exercise to mark it as completed
< 1 Hr. diffculty icon 29045 small pro icon
basic beaker label Introduction 02
This exercise will guide through the process of scoring an exercise to mark it as completed. Finding the key is just a little bit harder than the previous exercise.
< 1 Hr. diffculty icon 28675 small pro icon
basic beaker label Introduction 03
This exercise will guide through the process of scoring an exercise to mark it as completed. However, this time, you will run commands on the underlying operating system. You will need to run the score command with your UUID.
< 1 Hr. diffculty icon 28022 small pro icon
basic beaker label Introduction 00
This exercise will guide you through the process of scoring on an exercise to get it marked as completed
< 1 Hr. diffculty icon 30041 small pro icon
basic beaker label Unix 00
This exercise is one of our challenges to help you learn more about Unix/Linux
< 1 Hr. diffculty icon 25125 small pro icon
basic beaker label Unix 01
This exercise is one of our challenges to help you learn more about Unix/Linux
< 1 Hr. diffculty icon 24507 small pro icon
basic beaker label Unix 02
This exercise is one of our challenges to help you learn more about Unix/Linux
< 1 Hr. diffculty icon 24213 small pro icon
basic beaker label Unix 03
This exercise is one of our challenges to help you learn more about Unix/Linux
< 1 Hr. diffculty icon 23890 small pro icon
basic beaker label Unix 04
This exercise is one of our challenges to help you learn more about Unix/Linux
< 1 Hr. diffculty icon 23561 small pro icon
basic beaker label Unix 05
This exercise is one of our challenges to help you learn more about Unix/Linux
< 1 Hr. diffculty icon 22398 small pro icon
basic beaker label Unix 06
This exercise is one of our challenges to help you learn more about Unix/Linux
< 1 Hr. diffculty icon 21475 small pro icon
basic beaker label Unix 07
This exercise is one of our challenges to help you learn more about Unix/Linux
< 1 Hr. diffculty icon 21100 small pro icon
basic beaker label Unix 08
This exercise is one of our challenges to help you learn more about Unix/Linux
< 1 Hr. diffculty icon 20757 small pro icon
basic beaker label Unix 09
This exercise is one of our challenges to help you learn more about Unix/Linux
< 1 Hr. diffculty icon 20109 small pro icon
basic beaker label Unix 10
This exercise is one of our challenges to help you learn more about Unix/Linux
< 1 Hr. diffculty icon 19573 small pro icon
basic beaker label PCAP 01
This exercise is one of our challenges to help you learn how to analyze PCAP files
< 1 Hr. diffculty icon 7494 small pro icon
basic beaker label PCAP 02
This exercise is one of our challenges to help you learn how to analyze PCAP files
< 1 Hr. diffculty icon 7311 small pro icon
basic beaker label PCAP 03
This exercise is one of our challenges to help you learn how to analyze PCAP files
< 1 Hr. diffculty icon 7217 small pro icon
basic beaker label PCAP 04
This exercise is one of our challenges to help you learn how to analyze PCAP files
< 1 Hr. diffculty icon 6955 small pro icon
basic beaker label PCAP 05
This exercise is one of our challenges to help you learn how to analyze PCAP files
< 1 Hr. diffculty icon 6834 small pro icon
basic beaker label PCAP 06
This exercise is one of our challenges to help you learn how to analyze PCAP files
< 1 Hr. diffculty icon 6731 small pro icon
basic beaker label PCAP 07
This exercise is one of our challenges to help you learn how to analyze PCAP files
< 1 Hr. diffculty icon 6670 small pro icon
basic beaker label PCAP 08
This exercise is one of our challenges to help you learn how to analyze PCAP files
< 1 Hr. diffculty icon 6609 small pro icon
basic beaker label PCAP 09
This exercise is one of our challenges to help you learn how to analyze PCAP files
< 1 Hr. diffculty icon 6574 small pro icon
basic beaker label PCAP 10
This exercise is one of our challenges to help you learn how to analyze PCAP files
< 1 Hr. diffculty icon 6247 small pro icon
basic beaker label PCAP 11
This exercise is one of our challenges to help you learn how to analyze PCAP files
< 1 Hr. diffculty icon 6243 small pro icon
basic beaker label PCAP 12
This exercise is one of our challenges to help you learn how to analyze PCAP files
< 1 Hr. diffculty icon 6225 small pro icon
basic beaker label PCAP 13
This exercise is one of our challenges to help you learn how to analyze PCAP files
< 1 Hr. diffculty icon 6269 small pro icon
basic beaker label PCAP 14
This exercise is one of our challenges to help you learn how to analyze PCAP files
< 1 Hr. diffculty icon 6243 small pro icon
basic beaker label PCAP 15
This exercise is one of our challenges to help you learn how to analyze PCAP files
< 1 Hr. diffculty icon 6226 small pro icon
basic beaker label PCAP 16
This exercise is one of our challenges to help you learn how to analyze PCAP files
< 1 Hr. diffculty icon 6200 small pro icon
basic beaker label PCAP 17
This exercise is one of our challenges to help you learn how to analyze PCAP files
< 1 Hr. diffculty icon 6144 small pro icon
basic beaker label PCAP 18
This exercise is one of our challenges to help you learn how to analyze PCAP files
< 1 Hr. diffculty icon 6138 small pro icon
basic beaker label PCAP 19
This exercise is one of our challenges to help you learn how to analyze PCAP files
< 1 Hr. diffculty icon 6115 small pro icon
basic beaker label PCAP 20
This exercise is one of our challenges to help you learn how to analyze PCAP files
< 1 Hr. diffculty icon 5992 small pro icon
basic beaker label PCAP 21
This exercise is one of our challenges to help you learn how to analyze PCAP files
< 1 Hr. diffculty icon 5932 small pro icon
basic beaker label PCAP 22
This exercise is one of our challenges to help you learn how to analyze PCAP files
< 1 Hr. diffculty icon 5923 small pro icon
basic beaker label PCAP 23
This exercise is one of our challenges to help you learn how to analyze PCAP files
< 1 Hr. diffculty icon 5911 small pro icon
basic beaker label PCAP 24
This exercise is one of our challenges to help you learn how to analyze PCAP files
< 1 Hr. diffculty icon 5899 small pro icon
basic beaker label PCAP 25
This exercise is one of our challenges to help you learn how to analyze PCAP files
< 1 Hr. diffculty icon 5899 small pro icon
basic beaker label PCAP 26
This exercise is one of our challenges to help you learn how to analyze PCAP files
< 1 Hr. diffculty icon 5893 small pro icon
basic beaker label PCAP 27
This exercise is one of our challenges to help you learn how to analyze PCAP files
< 1 Hr. diffculty icon 5840 small pro icon
basic beaker label PCAP 28
This exercise is one of our challenges to help you learn how to analyze PCAP files
< 1 Hr. diffculty icon 5813 small pro icon
basic beaker label PCAP 29
This exercise is one of our challenges to help you learn how to analyze PCAP files
< 1 Hr. diffculty icon 5797 small pro icon
basic beaker label PCAP 30
This exercise is one of our challenges to help you learn how to analyze PCAP files
< 1 Hr. diffculty icon 5770 small pro icon
basic beaker label PCAP 31
This exercise is one of our challenges to help you learn how to analyze PCAP files
< 1 Hr. diffculty icon 5748 small pro icon
basic beaker label PCAP 32
This exercise is one of our challenges to help you learn how to analyze PCAP files
< 1 Hr. diffculty icon 5668 small pro icon
basic beaker label PCAP 33
This exercise is one of our challenges to help you learn how to analyze PCAP files
< 1 Hr. diffculty icon 5564 small pro icon
basic beaker label PCAP 34
This exercise is one of our challenges to help you learn how to analyze PCAP files
< 1 Hr. diffculty icon 5633 small pro icon
basic beaker label PCAP 35
This exercise is one of our challenges to help you learn how to analyze PCAP files
< 1 Hr. diffculty icon 5709 small pro icon
basic beaker label Android 08
This exercise will guide you through the process of reversing a simple obfuscated Android code to recover the encrypted data
1-2 Hr. diffculty icon 1269 small pro icon
code review label Code Review 01
This exercise is one of our challenges to help you learn how to review real source code
1-2 Hr. diffculty icon 645 small pro icon
recon label Recon 00
This exercise covers the robots.txt file
< 1 Hr. diffculty icon 18261 small free icon
recon label Recon 02
This exercise covers the security.txt file
< 1 Hr. diffculty icon 15219 small free icon
recon label Recon 03
This exercise covers directory listing
< 1 Hr. diffculty icon 13562 small free icon
recon label Recon 10
This exercise covers visual content discovery
< 1 Hr. diffculty icon 5675 small free icon
recon label Recon 09
< 1 Hr. diffculty icon 8749 small free icon
code review label Code Review 17
This exercise is one of our challenges to help you learn how to review real source code
1-2 Hr. diffculty icon 196 small pro icon
code review label Java Snippet #01
This challenge covers the review of a snippet of code written in Java
< 1 Hr. diffculty icon 1427 small pro icon
code review label Java Snippet #02
This challenge covers the review of a snippet of code written in Java
< 1 Hr. diffculty icon 1385 small pro icon
code review label Java Snippet #03
This challenge covers the review of a snippet of code written in Java
< 1 Hr. diffculty icon 1233 small pro icon
code review label CVE-2021-4xx50
This challenge covers the review of a CVE and its patch
< 1 Hr. diffculty icon 603 small pro icon
No search results found...