Stylarox
App - Script
Points /15
- x Bash - System 1
- x sudo - weak configuration
- x Bash - System 2
- x Perl - Command injection
- x Bash - cron
- x Python - input()
- x Python - pickle
- x SSH Agent Hijacking
- x Python - PyJail 1
- x Bash/Awk - netstat parsing
- x Python - PyJail 2
- x Python - Jail - Exec
- x Javascript - Jail
- x Python - Jail - Garbage collector
- x Restricted shells
0%
App - Sistema
Points /65
- x ELF x86 - Stack buffer overflow basic 1
- x ELF x86 - Stack buffer overflow basic 2
- x ELF x86 - Format string bug basic 1
- x ELF x64 - Stack buffer overflow - basic
- x ELF x86 - Format string bug basic 2
- x ELF x86 - Race condition
- x ELF ARM - Stack buffer overflow - basic
- x ELF MIPS - Stack buffer overflow - No NX
- x ELF x86 - Stack buffer overflow basic 3
- x ELF ARM - Stack Spraying
- x ELF x86 - BSS buffer overflow
- x ELF x86 - Stack buffer overflow basic 4
- x ELF x86 - Stack buffer overflow basic 6
- x ELF x86 - Format String Bug Basic 3
- x ELF ARM - Basic ROP
- x ELF MIPS - Basic ROP
- x ELF x86 - Stack buffer overflow - C++ vtables
- x ELF x64 - Logic bug
- x ELF x86 - Bug Hunting - Several issues
- x ELF x86 - Stack buffer and integer overflow
- x ELF x86 - Stack buffer overflow basic 5
- x ELF x64 - Stack buffer overflow - advanced
- x ELF MIPS - Format String Glitch
- x ELF x86 - Information leakage with Stack Smashing Protector
- x ELF ARM - Race condition
- x ELF x64 - Browser exploit - Intro
- x ELF x86 - Out of bounds attack - French Paradox
- x ELF x86 - Remote BSS buffer overflow
- x ELF x86 - Remote Format String bug
- x ELF x64 - Remote heap buffer overflow - fastbin
- x ELF x86 - Blind remote format string bug
- x LinKern ARM - vulnerable syscall
- x LinKern x86 - Buffer overflow basic 1
- x LinKern x86 - Null pointer dereference
- x LinKern x64 - Race condition
- x ELF ARM - Alphanumeric shellcode
- x ELF MIPS - URLEncoded Format String bug
- x ELF x86 - Hardened binary 1
- x ELF x86 - Hardened binary 2
- x ELF x86 - Hardened binary 3
- x ELF x86 - Hardened binary 4
- x LinKern MIPSel - Vulnerable ioctl
- x LinKern x64 - reentrant code
- x ELF ARM - Heap format string bug
- x ELF x64 - Sigreturn Oriented Programming
- x LinKern x86 - basic ROP
- x ELF ARM - Format String bug
- x ELF ARM - Use After Free
- x ELF x64 - Heap feng-shui
- x ELF x64 - Off-by-one bug
- x ELF x86 - Hardened binary 5
- x LinKern ARM - Stack Overflow
- x ELF ARM - Heap Off-by-One
- x ELF x64 - Remote Heap buffer overflow 1
- x ELF x86 - Hardened binary 6
- x ELF x86 - Hardened binary 7
- x ELF x86 - Remote stack buffer overflow - Hardened
- x ELF ARM - Heap buffer overflow - Wilderness
- x ELF ARM - Heap Overflow
- x ELF x64 - Seccomp Whitelist
- x ELF x86 - Blind ROP
- x Linkern x64 - Memory exploration
- x ELF x64 - Remote Heap buffer overflow 2
- x ELF x64 - Blind ROP
- x ELF x64 - Browser exploit - BitString
0%
Cracking
Points /32
- x ELF - 0 protection
- x ELF - x86 Basic
- x PE - 0 protection
- x ELF C++ - 0 protection
- x PE DotNet - 0 protection
- x ELF - Fake Instructions
- x ELF - Ptrace
- x ELF MIPS - Basic Crackme
- x ELF x64 - Golang basic
- x ELF ARM - Basic Crackme
- x PYC - ByteCode
- x ELF - No software breakpoints
- x MachO x64 - keygenme or not
- x ELF - CrackPass
- x ELF - ExploitMe
- x ELF - Random Crackme
- x ELF ARM - crackme 1337
- x GB - Basic GameBoy crackme
- x PDF - Javascript
- x Crackme automating
- x ELF ARM - Crypted
- x PE - SEHVEH
- x APK - Anti-debug
- x ELF - Anti-debug
- x ELF x64 - Nanomites - Introduction
- x PE - AutoPE
- x ELF - KeygenMe
- x ELF x64 - Anti-debug and equations
- x ELF - Packed
- x ELF x64 - Nanomites
- x PE - RunPE
- x ELF - VM
0%
Criptoanálisis
15 Points 3/43
- o Encoding - ASCII
- o Encoding - UU
- o Hash - Message Digest 5
- x Hash - SHA-2
- x Shift cipher
- x Pixel Madness
- x ELF64 - PID encryption
- x File - PKZIP
- x Monoalphabetic substitution - Caesar
- x Known plaintext - XOR
- x Code - Pseudo Random Number Generator
- x File - Insecure storage 1
- x Polyalphabetic substitution - Vigenère
- x System - Android lock pattern
- x Transposition - Rail Fence
- x AES - CBC - Bit-Flipping Attack
- x AES - ECB
- x LFSR - Known plaintext
- x RSA - Factorisation
- x RSA - Decipher Oracle
- x Service - Timing attack
- x Monoalphabetic substitution - Polybe
- x Initialisation Vector
- x GEDEFU
- x RSA - Corrupted key V1
- x RSA - Continued fractions
- x RSA - Common modulus
- x Service - Hash length extension attack
- x AES - 4 Rounds
- x RSA - Padding
- x AES128 - CTR
- x Discrete logarithm problem
- x RSA - Corrupted key V2
- x RSA - Multiple recipients
- x AES - Fault attack #1
- x Enigma Machine
- x ECDHE
- x Service - CBC Padding
- x Polyalphabetic substitution - One Time Pad
- x White-Box Cryptography
- x AES - Weaker variant
- x Hash - SHA-3
- x AES - Fault attack #2
7%
Forense
Points /23
- x Command & Control - level 2
- x Logs analysis - web attack
- x Command & Control - level 5
- x Find the cat
- x Ugly Duckling
- x Active Directory - GPO
- x Command & Control - level 3
- x DNS exfiltration
- x Command & Control - level 4
- x Job interview
- x Homemade keylogger
- x Malicious Word macro
- x Ransomware Android
- x Insomni’Droid
- x Multi-devices
- x Root My Droid
- x Rootkit - Cold case
- x Command & Control - level 6
- x Find me
- x Second job interview
- x Find me again
- x Zeus Bot
- x Try again
0%
Programación
Points /11
- x Go back to college
- x Encoded string
- x The Roman’s wheel
- x Uncompress me
- x CAPTCHA me if you can
- x Arithmetic progression
- x ELF x64 - Shellcoding - Sheep warmup
- x ELF x64 - Shellcoding - Polymorphism
- x Quick Response Code
- x ELF x64 - Sandbox shellcoding
- x ELF x86 - Shellcoding - Alphanumeric
0%
Realista
Points /27
- x It happens, sometimes
- x P0wn3d
- x The h@ckers l4b
- x Neonazi inside
- x PyRat Auction
- x Root them
- x IPBX - call me maybe
- x Marabout
- x Root-We
- x Starbug Bounty
- x Ultra Upload
- x Imagick
- x MALab
- x Web TV
- x SamBox v2
- x SamCMS
- x SamBox v1
- x SAP Pentest 007
- x Crypto Secure
- x Bozobe Hospital
- x Red Pills
- x SamBox v3
- x ARM FTP Box
- x SAP Pentest 000
- x Bluebox 2 - Pentest
- x Bluebox - Pentest
- x Highway to shell
0%
Redes
Points /17
- x FTP - authentication
- x TELNET - authentication
- x ETHERNET - frame
- x Twitter authentication
- x CISCO - password
- x DNS - zone transfert
- x IP - Time To Live
- x LDAP - null bind
- x SIP - authentication
- x ETHERNET - Patched transmission
- x Global System Traffic for Mobile communication
- x SSL - HTTP exchange
- x Netfilter - common mistakes
- x SNMP - Authentification
- x Wired Equivalent Privacy
- x ICMP payload
- x XMPP - authentication
0%
Esteganografía
Points /17
- x Gunnm
- x Squared
- x Dot and next line
- x Steganomobile
- x Twitter Secret Messages
- x Some noise
- x George and Alfred
- x Audio stegano
- x Base Jumper
- x PDF Object
- x We need to go deeper
- x Angecryption
- x Kitty spy
- x LSB - Uncle Scrooge
- x Pixel Indicator Technique
- x Pixel Value Differencing
- x Crypt-art
0%
Web - Cliente
155 Points 10/19
- o HTML - disabled buttons
- o Javascript - Authentication
- o Javascript - Source
- o Javascript - Authentication 2
- o Javascript - Obfuscation 1
- o Javascript - Obfuscation 2
- o Javascript - Native code
- o Javascript - Obfuscation 3
- o XSS - Stored 1
- o CSRF - 0 protection
- x Flash - Authentication
- x CSRF - token bypass
- x XSS - Reflected
- x Javascript - Obfuscation 4
- x XSS - Stored 2
- x HTTP Response Splitting
- x Javascript - Obfuscation 5
- x XSS - Stored - filter bypass
- x XSS - DOM Based
53%
Web - Servidor
45 Points 4/57
- o HTML
- x HTTP - Open redirect
- x Command injection
- o Weak password
- x User-agent
- x Backup file
- x HTTP - POST
- o HTTP directory indexing
- x HTTP Headers
- x HTTP verb tampering
- x Install files
- o Improper redirect
- x CRLF
- x File upload - double extensions
- x File upload - MIME type
- x HTTP cookies
- x Directory traversal
- x File upload - null byte
- x PHP assert()
- x PHP filters
- x PHP register globals
- x File upload - ZIP
- x Command injection - Filter bypass
- x Local File Inclusion
- x Local File Inclusion - Double encoding
- x PHP - Loose Comparison
- x PHP preg_replace()
- x PHP type juggling
- x Remote File Inclusion
- x Server-side Template Injection
- x SQL injection - authentication
- x SQL injection - authentication - GBK
- x SQL injection - string
- x XSLT - Code execution
- x LDAP injection - authentication
- x NoSQL injection - authentication
- x Path Truncation
- x PHP Serialization
- x SQL injection - numeric
- x SQL Injection - Routed
- x SQL Truncation
- x XML External Entity
- x XPath injection - authentication
- x Java - Spring Boot
- x Local File Inclusion - Wrappers
- x PHP - Eval
- x SQL injection - Error
- x SQL injection - Insert
- x SQL injection - file reading
- x XPath injection - string
- x NoSQL injection - blind
- x SQL injection - Time based
- x Server Side Request Forgery
- x SQL injection - blind
- x LDAP injection - blind
- x XPath injection - blind
- x SQL injection - filter bypass
7%