Skip to main content
Back to Labs
Hackviser Labs

Web Application Security

Injection, authentication, access control, upload, and client-side web security labs.

40 labs12 topics

Labs

Browse the labs in this category and open the one you want to practice.

Command Injection

Basic Command Injection

3 Points
FreeView lab
Command Injection

Command Injection Filter Bypass

3 Points
FreeView lab
Command Injection

Command Injection Improved Filter Bypass

3 Points
VIPView lab
Command Injection

Command Injection in Perl-Based Stock Control System

3 Points
VIPView lab
Command Injection

Command Injection via User-Agent Log Entries

4 Points
VIPView lab
File Inclusion

Basic Local File Inclusion

3 Points
FreeView lab
File Inclusion

Local File Inclusion Filter Bypass

3 Points
FreeView lab
File Inclusion

Basic Remote File Inclusion

3 Points
FreeView lab
SQL Injection

Union-Based SQL Injection

3 Points
FreeView lab
SQL Injection

Boolean-Based Blind SQL Injection

3 Points
FreeView lab
SQL Injection

Time-Based Blind SQL Injection

3 Points
VIPView lab
SQL Injection

Error-Based SQL Injection

3 Points
VIPView lab
Unrestricted File Upload

Basic Unrestricted File Upload

2 Points
FreeView lab
Unrestricted File Upload

MIME Type Filter Bypass

3 Points
FreeView lab
Unrestricted File Upload

File Signature Filter Bypass

3 Points
FreeView lab
Unrestricted File Upload

File Extension Filter Bypass

3 Points
FreeView lab
Unrestricted File Upload

File Extension Improved Filter Bypass

3 Points
VIPView lab
Authentication

Execution After Redirect (EAR)

3 Points
FreeView lab
Cross-Site Scripting

Reflected XSS via HTML Attribute Manipulation

2 Points
VIPView lab
Cross-Site Scripting

Stored XSS in Anchor Href Attribute HTML-Encoded

2 Points
VIPView lab
Cross-Site Scripting

Manipulating Images with the HTML Href Attribute

2 Points
VIPView lab
Cross-Site Scripting

Stored XSS via User Agent

2 Points
VIPView lab
Cross-Site Scripting

Stored XSS Vulnerability via Image Upload-Induced

2 Points
VIPView lab