All Labs
Explore all available hands-on labs to practice identifying and fixing Salesforce security vulnerabilities.
Latest Labs
MCP Remote Server Security Misconfigurations
Learn to pentest remote MCP endpoints for auth, transport, session, and misconfiguration risks.
Start Lab →Insecure Use of High Privilege Methods
Understand how privileged method misuse can lead to escalation and unauthorized actions.
Start Lab →Cross-site Scripting (XSS)
Learn to identify and prevent XSS vulnerabilities in Salesforce applications.
Start Lab →SOQL Injection
Practice detecting and fixing SOQL injection vulnerabilities in Apex code.
Start Lab →CRUD/FLS
Master CRUD and Field-Level Security enforcement in Salesforce.
Start Lab →Sharing Violation
Understand and fix sharing rule violations and data access issues.
Start Lab →Featured Labs
Insecure Secrets Management
Learn secure practices for managing API keys, passwords, and sensitive data.
Start Lab →Insecure PII Storage
Identify and remediate insecure storage of personally identifiable information.
Start Lab →Cross-site Request Forgery (CSRF)
Practice implementing CSRF protection in Salesforce applications.
Start Lab →Open Redirect
Learn to prevent open redirect vulnerabilities in Salesforce.
Start Lab →