This section contains labs of the WAP Challenges course on Pentester Academy. We would highly recommend following the course and then attempting the labs below to better understand the objective of this section. 

User Avatar

Section Introduction and Challenge 1

Premium
User Avatar

Challenge 2: HTTP Form Attacks Reloaded

Premium
User Avatar

HTTP Basic Authentication Attack (Easy)

Premium
User Avatar

Basic Authentication and Form Bruteforcing ...

Premium
User Avatar

Challenge 5: Digest Authentication Attack

Premium
User Avatar

Challenge 6: Digest Authentication Reloaded

Premium
User Avatar

Challenge 8: Broken Authentication

Premium
User Avatar

Challenge 9: Session ID Analysis Solution

Premium
User Avatar

Challenge 10: Session ID Analysis II

Premium
User Avatar

Challenge 11: Session ID Analysis III

Premium
User Avatar

Challenge 12: Decrypting SSL Traffic

Premium
User Avatar

Challenge 13: HTTP Forensics

Premium
User Avatar

Challenge 14: HTTP Traffic File Carving

Premium
User Avatar

Challenge 15: HTTP Traffic File Carving II

Premium
User Avatar

Challenge 16: HTML Injection

Premium
User Avatar

Challenge 17: HTML Injection II

Premium
User Avatar

Challenge 18: HTML Injection III

Premium
User Avatar

Challenge 20: XSS

Premium
User Avatar

Challenge 21: XSS II

Premium
User Avatar

Challenge 22: XSS III

Premium
User Avatar

Challenge 23: XSS IV

Premium
User Avatar

Challenge 24: XSS V

Premium
User Avatar

Challenge 25: XSS VI

Premium
User Avatar

Challenge 26: XSS VII

Premium
User Avatar

Challenge 27: XSS VIII

Premium
User Avatar

Challenge 28: XSS IX

Premium
User Avatar

Challenge 29: XSS X

Premium
User Avatar

Challenge 30: XSS XI

Premium
User Avatar

Challenge 31: XSS XII

Premium
User Avatar

Challenge 32: XSS XIII

Premium
User Avatar

Challenge 35: XSS 16

Premium
User Avatar

Challenge 36: XSS 17

Premium
User Avatar

Unvalidated Redirects: As Easy as it Gets

Premium
User Avatar

Unvalidated Redirects: Decode Me!

Premium
User Avatar

Unvalidated Redirects: Daisy Chains!

Premium
User Avatar

Unvalidated Redirects: Hashing

Premium
User Avatar

Unvalidated Redirects: Hash with a ...

Premium
User Avatar

Unvalidated Redirects: No Hints this Time!

Premium
User Avatar

Unvalidated Redirects: Salt is included ...

Premium
User Avatar

Unvalidated Redirects: Security through ...

Premium
User Avatar

CSRF: If only all Pentests were this Easy!

Premium
User Avatar

CSRF: Not All Links are Clickable

Premium
User Avatar

CSRF: No he won't click your links!

Premium
User Avatar

CSRF: How about a POST?

Premium
User Avatar

CSRF: Would hate a predictable life!

Premium
User Avatar

CSRF: Mutual Exclusivity is Important for ...

Premium
User Avatar

CSRF: Wow! This just got hard!

Premium
User Avatar

CSRF: We only hire after Reference Checks!

Premium
User Avatar

CSRF: What's in a Name?

Premium
User Avatar

CSRF: Custom Code is Always a Target!

Premium
User Avatar

CSRF: O! Token Where do you hide?

Premium
User Avatar

CSRF: The Web is Cross Domain :)

Premium