About Security Labs Community Edition
Veracode Security Labs Community Edition is a free, lightweight version of Security Labs designed for individuals.
While the Enterprise Edition of Veracode Security Labs is geared toward professional development teams, the Community Edition offers selected topics and one-off labs for individuals who are looking to strengthen their security knowledge. The Community Edition is intended to help individuals to improve their secure coding skills. It lets you work with real applications, applying the latest tactics and security best practices with guidance, while exploring actual code on your own time.
To use the Community Edition, go to Security Labs Community Edition and create an account. Then, use the verification email you receive from Veracode to activate it.
You can use this interactive catalog to browse the current Community Edition courses. For the latest updates on these courses, see Training updates.
Basic Terminal Usage
Shell commands to navigate around directories and modify files. Common encoding patterns, cryptographic techniques, and command line tools.
Intro to Bash 1
Shell commands to navigate around directories and modify files.
Intro to Bash 2
Navigate files and folders more efficiently, and search for file contents.
Intro to Bash 3
Preview the contents of files; create new folders and move files around.
Encrypting, encoding and hashing
Common encoding patterns, cryptographic techniques, and command line tools.
Nano for text editing
Use Nano, a basic text editor, for creating and editing files.
Intro to bash scripting
Automate tasks by writing and running basic scripts in bash.
Common React Pitfalls
Vulnerabilities frequently encountered in ReactJS application development.
React string sanitization
Cause XSS through improper sanitization and poor variable handoff with React.
Sneaky links
Learn about a feature of HTML that can leave your React app open to XSS.
Dangerously set HTML links
React's dangerouslySetInnerHtml and markdown rendering craft a malicious href.
Juice Shop
A very vulnerable MEAN web app full of practice challenges.
Hidden Pages (Challenge)
Find carefully hidden pages.
Confidential Documents (Challenge)
Access unprotected confidential documents.
XSS Levels (Challenge)
Reflected and persistent XSS attacks of increasing difficulty.
Error Handling (Challenge)
Provoke an error that is not very gracefully handled.
Login Bypass (Challenge)
Log in with other users' accounts via SQL injection.
Credentials Dump (Challenge)
Retrieve a list of all user credentials via SQL injection.
Account Hijack (Challenge)
Access and modify another user's shopping cart.
Open Redirects (Challenge)
Redirect from the Juice Shop to external untrusted sites.
File Uploads (Challenge)
Improper input validation in user file uploads.