Lab 11 - Password reset poisoning via middleware Lab Objective: This lab is vulnerable to password reset poisoning. The user carlos will carelessly click on any links in emails that he receives...

Lab 10 - Offline password cracking Lab Objective: This lab stores the user’s password hash in a cookie. The lab also contains an XSS vulnerability in the comment functionality. To solve the lab...

Lab 9 - Brute-forcing a stay-logged-in cookie Lab Objective: This lab allows users to stay logged in even after they close their browser session. The cookie used to provide this functionality i...

Lab 8 - 2FA broken logic Lab Objective: This lab’s two-factor authentication is vulnerable due to its flawed logic. To solve the lab, access Carlos’s account page Your credentials: wiener:pet...

Lab 7 - Authentication - Username enumeration via account lock Lab Objective: This lab is vulnerable to username enumeration. It uses account locking, but this contains a logic flaw. To solve t...

Lab 6 - Authentication - Broken brute-force protection, IP block Lab Objective: This lab is vulnerable due to a logic flaw in its password brute-force protection. To solve the lab, brute-force ...

Lab 5 - Authentication - Username enumeration via Response timing Lab Objective: This lab is vulnerable to username enumeration using its response times. To solve the lab, enumerate a valid use...

Lab 4 - Authentication - Username enumeration via subtle different responses Lab Objective: This lab is subtly vulnerable to username enumeration and password brute-force attacks. It has an acc...

Lab 3 - Authentication - Password reset broken logic Lab Objective: This lab’s password reset functionality is vulnerable. To solve the lab, reset Carlos’s password then log in and access his “...

Lab 2 - Authentication - 2FA bypass Lab Objective: This lab’s two-factor authentication can be bypassed. You have already obtained a valid username and password, but do not have access to the u...