Thanks to visit codestin.com
Credit goes to pentesterlab.com

Exercises

Exercise Avg. Time Difficulty Solved by Tier
H2 INIT Parameter RCE < 1 Hr. hard 7 PRO
SAML: Transform RCE
This exercise covers the exploitation of an RCE in SAML by leveraging a vulnerable version of xmlsec
< 1 Hr. medium 6 PRO
Web Fundamentals: WebDAV Introduction -- hard 50 PRO
Web Fundamentals: Browser Storage -- hard 50 PRO
Web Fundamentals: Proxy -- hard 49 PRO
Web Fundamentals: GraphQL -- hard 59 PRO
Web Fundamentals: CORS Introduction -- hard 57 PRO
Web Fundamentals: Same-Origin Policy Introduction -- hard 54 PRO
Web Fundamentals: WebSockets -- hard 60 PRO
Web Fundamentals: API -- hard 65 PRO
Web Fundamentals: Server-Side Code -- hard 73 PRO
Web Fundamentals: Client-Side Code -- hard 74 PRO
Web Fundamentals: Databases -- hard 68 PRO
Web Fundamentals: Sessions -- hard 65 PRO
JS Sandbox: static-eval Function Property Blocked
This exercise covers bypassing post-2.0 static-eval that blocks member access on functions, using anonymous function bodies.
< 1 Hr. medium 14 PRO
JS Sandbox: vm.runInNewContext Null Prototype
This exercise covers escaping vm.runInNewContext when the context is created with Object.create(null) so this.constructor is undefined.
< 1 Hr. medium 15 PRO
JS Sandbox: vm.runInNewContext Restricted Globals
This exercise covers escaping vm.runInNewContext when specific safe objects are provided but frozen, using Error objects or Promise callbacks.
< 1 Hr. medium 13 PRO
JS Sandbox: static-eval Destructuring Parameter Bypass
This exercise covers bypassing static-eval parameter validation using destructured parameters (ObjectPattern).
< 1 Hr. medium 10 PRO
JS Sandbox: static-eval Direct Constructor Access
This exercise covers exploiting the original unpatched static-eval with unrestricted property access on functions.
< 1 Hr. medium 14 PRO
CVE-2026-XX242
This challenge covers the review of a CVE in a python codebase and its patch
< 1 Hr. hard 38 PRO
CVE-2026-XX738
This challenge covers the review of a CVE in a python codebase and its patch
< 1 Hr. hard 35 PRO
Web Fundamentals: Introduction < 1 Hr. hard 130 PRO
JS Sandbox: vm.runInNewContext Empty Context
This exercise covers escaping Node.js vm.runInNewContext with an empty sandbox object via the constructor chain.
-- medium 16 PRO
JS Sandbox: Type Confusion Bypass
This exercise covers bypassing string sanitization by sending an object when the sanitizer expects a string.
-- medium 18 PRO
JS Sandbox: AST-Based Filtering
This exercise covers bypassing AST-based sandbox filtering using computed property access or Reflect.get().
-- medium 18 PRO
JS Sandbox: Regex Filter Bypass
This exercise covers bypassing regex filters with hex escapes, unicode escapes, or base64 decoding.
< 1 Hr. medium 22 PRO
CVE-2026-XX27
This challenge covers the review of a CVE in a javascript codebase and its patch
-- hard 36 PRO
CVE-2026-XX822
This challenge covers the review of a CVE in a typescript codebase and its patch
< 1 Hr. hard 39 PRO
CVE-2024-X7X95
This challenge covers the review of a CVE in a JavaScript codebase and its patch
< 1 Hr. hard 30 PRO
CVE-2025-XXXXX
This challenge covers the review of a CVE in a JavaScript codebase and its patch
< 1 Hr. hard 32 PRO
1 2 3 4 25
Showing 1–30 of 748 exercises