|
[WHA-S] Background: SQL DML
Describes the SQL DML syntax.
|
2,516 people
|
60 minutes
|
Medium
|
FREE
|
|
Exploit Tech: Meet-in-the-middle Attack
Learn how the meet-in-the-middle attack works.
|
904 people
|
60 minutes
|
Very easy
|
FREE
|
|
FAT32 and NTFS File Systems
FAT32 and NTFS file systems
|
303 people
|
60 minutes
|
Easy
|
FREE
|
|
Exploit Tech: Length Eextension Attack
Learn how to compute another hash value from one hash value using a length extension attack on the MD5 hash function.
|
130 people
|
60 minutes
|
Easy
|
FREE
|
|
Exploit Tech: Format String Bug
Practice format string attacks using example code with format string bug vulnerability.
|
1,637 people
|
60 minutes
|
Easy
|
FREE
|
|
Exploit Tech: _IO_FILE Arbitrary Address Write
Learn an exploit that uses _IO_FILE to write a value to an arbitrary memory address.
|
537 people
|
90 minutes
|
Difficult
|
FREE
|
|
Number Theory 2
You will study Fermat's little theorem, Euler's theorem, and practice with soem integer classes in SageMath.
|
369 people
|
60 minutes
|
Easy
|
FREE
|
|
Web Hacking 101
Learn Web Hacking 101.
|
3,276 people
|
30 minutes
|
Very easy
|
FREE
|
|
Exercise: Blind SQL Injection
Improve your understanding of blind SQL injection by solving a wargame challenge.
|
4,430 people
|
120 minutes
|
Easy
|
FREE
|
|
Background: Web
In this lecture, you'll learn about the web and its components.
|
18,216 people
|
60 minutes
|
Easy
|
FREE
|
|
Background: Cookie & Session
Explain cookies and sessions.
|
11,282 people
|
60 minutes
|
Very easy
|
FREE
|
|
Block ciphers and modes of operation
Learn the different modes of operation for block ciphers, including ECB, CBC, and CTR.
|
172 people
|
30 minutes
|
Very easy
|
FREE
|
|
Background: HTTP/HTTPS
Learn about HTTP and HTTPS, the protocols used for web communication.
|
18,269 people
|
60 minutes
|
Easy
|
FREE
|
|
Sender
Learn the characteristics of keywords related to sender used in Solidity contracts and the vulnerabilities associated with them.
|
|
30 minutes
|
Easy
|
ENTERPRISE
|
|
Background: Web Browser
Learn about the concepts and roles of web browsers.
|
12,963 people
|
60 minutes
|
Easy
|
FREE
|
|
[WHA-C] Exercise: CSP Bypass
Let's solve CSP Bypass together.
|
952 people
|
90 minutes
|
Easy
|
FREE
|
|
Exercise: Command Injection
Executes the desired command via command injection.
|
1,908 people
|
30 minutes
|
Very easy
|
FREE
|
|
Background: Relational DBMS
In this lecture, you'll learn about relational database management systems and SQL.
|
5,274 people
|
60 minutes
|
Easy
|
FREE
|
|
ServerSide: Command Injection
Learn command injection, a server-side attack.
|
4,135 people
|
60 minutes
|
Very easy
|
FREE
|
|
ClientSide: XSS
Learn XSS, a common client-side attack.
|
8,334 people
|
90 minutes
|
Easy
|
FREE
|
|
ServerSide: SSRF
Learn about SSRF, a server-side attack.
|
3,369 people
|
60 minutes
|
Very easy
|
FREE
|
|
ClientSide: CSRF
Learn CSRF, a client-side attack.
|
6,385 people
|
60 minutes
|
Easy
|
FREE
|
|
Background: Linux Memory Layout
Describes the memory structure of a Linux process.
|
9,116 people
|
30 minutes
|
Very easy
|
FREE
|
|
ServerSide: SQL Injection
Learn about SQL Injection, a server-side attack.
|
5,355 people
|
90 minutes
|
Easy
|
FREE
|
|
Tool: Environment Setup⚙️
Describe how to use virtualization software to create the environment needed for roadmap
|
4,242 people
|
15 minutes
|
Very easy
|
FREE
|
|
Memory Corruption: Stack Buffer Overflow
We will examine the concept of stack buffer overflow and learn about the security threats that can arise from it.
|
3,727 people
|
60 minutes
|
Easy
|
FREE
|
|
Mitigation: Stack Canary
Learn about Stack Canary, which protects the return address from stack buffer overflow.
|
3,042 people
|
30 minutes
|
Very easy
|
FREE
|
|
Classical Ciphers
Learn the types of classic ciphers and how to attack them simply.
|
1,088 people
|
30 minutes
|
Very easy
|
FREE
|
|
Coding
Learn the basics of coding.
|
3,696 people
|
120 minutes
|
Easy
|
FREE
|
|
Background: Computer Architecture
Describes computer architecture, instruction set architecture, and x86-64 architecture.
|
9,971 people
|
30 minutes
|
Very easy
|
FREE
|
|
Exploit Tech: Return Address Overwrite
Learn the principles and methods of return address overwrite attacks through a simple example.
|
3,707 people
|
120 minutes
|
Easy
|
FREE
|
|
Exploit Tech: Return to Shellcode
Learn attack techniques for bypassing canary and hijacking execution flow to shellcode.
|
2,779 people
|
90 minutes
|
Easy
|
FREE
|
|
Memory Corruption: Double Free Bug
We will learn the causes and effects of the Double Free Bug and protection techniques to prevent it.
|
1,356 people
|
30 minutes
|
Very easy
|
FREE
|
|
x86 Assembly🤖: Essential Part(1)
Learn the fundamental assembly language for system hacking.
|
7,642 people
|
60 minutes
|
Very easy
|
FREE
|
|
Exploit Tech: Return to Library
Learn the principles and methods of attack techniques used for bypassing canaries and exploiting code in libraries.
|
2,437 people
|
90 minutes
|
Easy
|
FREE
|
|
Exploit Tech: Shellcode
Learn what shellcode is, how to write it, and how to debug it.
|
5,528 people
|
90 minutes
|
Easy
|
FREE
|
|
Background: Computer Architecture
Describes computer structure and instruction set structure, and the x86-64 architecture.
|
6,397 people
|
60 minutes
|
Easy
|
FREE
|
|
Background: Library - Static Link vs. Dynamic Link
Learn the concepts of libraries and links, PLT and GOT in Linux.
|
2,350 people
|
60 minutes
|
Easy
|
FREE
|
|
Background: ptmalloc2
Describes the main objects and memory management mechanisms of ptmalloc2.
|
754 people
|
90 minutes
|
Easy
|
FREE
|
|
x86 Assembly🤖: Essential Part(1)
Learn the necessary assembly language to learn reverse engineering.
|
5,218 people
|
60 minutes
|
Very easy
|
FREE
|
|
Introduction
Learn about the goals and objectives of the cryptography roadmap and the topics it covers.
|
1,637 people
|
15 minutes
|
Very easy
|
FREE
|
|
Hash Functions
Learn the role and types of hash algorithms and the Message Authentication Code (MAC) using them.
|
171 people
|
60 minutes
|
Very easy
|
FREE
|
|
Exploit Tech: Hook Overwrite
Describe hook overwrite attack techniques and practice with examples.
|
1,884 people
|
60 minutes
|
Very easy
|
FREE
|
|
Logical Bug: Type Error
Learn the bugs that can occur due to incorrect usage of data types.
|
1,111 people
|
60 minutes
|
Easy
|
FREE
|
|
Background: Binary
Describes what a binary is and the compilation process.
|
9,203 people
|
30 minutes
|
Very easy
|
FREE
|
|
Memory Corruption: Out of Bounds
Learn about the types of code with OOB vulnerability, and how OOB can be leveraged in attacks.
|
1,715 people
|
30 minutes
|
Very easy
|
FREE
|
|
Logical Bug: Command Injection
Let's learn about command injection vulnerabilities, which occurs by misusing functions that execute system commands.
|
1,180 people
|
30 minutes
|
Very easy
|
FREE
|
|
Background: Static Analysis vs. Dynamic Analysis
Describe the two branches of software analysis techniques, static and dynamic analysis, and the differences between the two.
|
3,016 people
|
15 minutes
|
Very easy
|
FREE
|
|
Reentrancy
Learn about re-entry attacks in smart contracts.
|
|
30 minutes
|
Easy
|
ENTERPRISE
|
|
Logical Bug: Path Traversal
Learn about path traversal vulnerabilities and how to leverage it in attacks.
|
1,157 people
|
30 minutes
|
Very easy
|
FREE
|