The Guess Me lab is designed to explore a vulnerability in the loading of pages within a WebView in an Android application, which can lead to Remote Code Execution (RCE).

The Flipcoin Wallet lab aims to explore a vulnerability known as SQL Injection (SQLi) within an iOS application to demonstrate how sensitive data, such as recovery phrases, can be compromised.

The Food Store lab aims to explore a SQL Injection (SQLi) vulnerability in order to elevate our privileges within an Android application.

The Config Editor lab aims to achieve remote code execution (RCE) by exploiting a vulnerability in a third-party library.

The Document Viewer lab aims to achieve remote code execution (RCE) from a document viewing application by exploiting a combination of a path traversal vulnerability with dynamic code loading and execution.