Hard
OrbitDesk
Password reset token forgery -> GraphQL object authorization bug -> documents key leak -> signed link path traversal -> JWT forgery -> SSRF into internal ops -> diagnostics comm…
What you’ll practice in OrbitDesk
OrbitDesk is a realistic web hacking lab you can run locally in a controlled environment. You’ll practice mapping attack surface, testing authentication and authorization boundaries, and chaining weaknesses into impact — without spoilers.
- • Difficulty: Hard
- • Format: Local-first lab environment (recommended: Docker)
- • Focus areas: Web exploitation fundamentals