All Labs
Explore all available hands-on labs to practice identifying and fixing Salesforce security vulnerabilities.
Latest Labs
Misconfiguration Abuse in Apex Callout Proxy
Learn how dynamic Apex callout relays can become exploitable outbound proxies.
Start Lab →Unauthorized Outbound Access via Remote Site Settings Misconfiguration
Learn how overly dynamic endpoint selection can enable outbound callout abuse and data leakage.
Start Lab →Unauthorized Record Access via Inherited Sharing Call Chains
Learn how mixed sharing contexts create unexpected data access through inherited call paths.
Start Lab →Session Token Leakage in Outbound Messages
Understand how session tokens leak through outbound flows and how replay abuse happens.
Start Lab →Featured Labs
Insecure Secrets Management
Learn secure practices for managing API keys, passwords, and sensitive data.
Start Lab →Insecure PII Storage
Identify and remediate insecure storage of personally identifiable information.
Start Lab →Cross-site Request Forgery (CSRF)
Practice implementing CSRF protection in Salesforce applications.
Start Lab →Open Redirect
Learn to prevent open redirect vulnerabilities in Salesforce.
Start Lab →