The range
Challenges
Six labs spanning the most common vulnerability classes. Each one is a self-contained, sandboxed model — start with the live lab and the rest will open as the range is commissioned.
Live now
Coming soon
Memory Corruption● Live
Buffer Overflow
Write past the end of a fixed-size buffer and watch the bytes spill into adjacent memory, byte by byte.
Intro · 100 ptsOpen lab →
InjectionLocked
SQL Injection
Slip syntax into a query string and bend a database to return rows it was never meant to give up.
Easy · 150 ptsComing soon
Client-SideLocked
Cross-Site Scripting
Get the browser to run your script by smuggling it through unescaped, reflected input.
Easy · 150 ptsComing soon
Access ControlLocked
Path Traversal
Walk out of the intended directory with ../ and reach files the app meant to keep off-limits.
Medium · 200 ptsComing soon
AuthenticationLocked
Auth Bypass
Find the logic gap that lets a request reach a protected route without ever proving who it is.
Medium · 200 ptsComing soon
CryptographyLocked
Weak Hashing
See why an unsalted, fast hash folds quickly against a dictionary — and what should replace it.
Hard · 250 ptsComing soon