enumeration & brute force - free https://tryhackme.com/r/room/enumerationbruteforce
session management - subscribers https://tryhackme.com/r/room/sessionmanagement
JWT - subscribers https://tryhackme.com/r/room/jwtsecurity
OAuth vulnerabilities - subscribers https://tryhackme.com/r/room/oauthvulnerabilities
multi-factor authentication - subscribers https://tryhackme.com/r/room/multifactorauthentications
Hammer CTF - subscribers https://tryhackme.com/r/room/hammer

advanced SQL injection - free https://tryhackme.com/r/room/advancedsqlinjection
NoSQL injection - free https://tryhackme.com/r/room/nosqlinjectiontutorial
XXE injection - subscribers https://tryhackme.com/r/room/xxeinjection
server side template injection - subscribers https://tryhackme.com/r/room/serversidetemplateinjection
LDAP injection - subscribers https://tryhackme.com/r/room/ldapinjection
ORM injection - subscribers https://tryhackme.com/r/room/orminjection
injectics CTF - subscribers. https://tryhackme.com/r/room/injectics

insecure deserialization - free https://tryhackme.com/r/room/insecuredeserialisation
SSRF - free ✅ https://tryhackme.com/r/room/ssrfhr
file inclusion path traversal - subscribers https://tryhackme.com/r/room/filepathtraversal
race conditions - subscribers https://tryhackme.com/r/room/raceconditionsattacks
prototype pollution - subscribers https://tryhackme.com/r/room/prototypepollution
Include CTF - subscribers https://tryhackme.com/r/room/include

HTTP request smuggling - free https://tryhackme.com/r/room/httprequestsmuggling
HTTP/2 request smuggling - free. https://tryhackme.com/r/room/http2requestsmuggling
request smuggling: websockets - subscribers https://tryhackme.com/r/room/wsrequestsmuggling
HTTP browser desync - subscribers https://tryhackme.com/r/room/requestsmugglingbrowserdesync
El Bandito CTF - subscribers https://tryhackme.com/r/room/elbandito

Provide feedback

Saved searches