diff --git a/.gitignore b/.gitignore
index bfb842bbb..f08dbb7f1 100644
--- a/.gitignore
+++ b/.gitignore
@@ -2,6 +2,7 @@
 *.pyc
 env
 pygoat/db.sqlite3
+venv
 *.sqlite3
 *db.sqlite3
 */app.log
diff --git a/pygoat/db.sqlite3 b/pygoat/db.sqlite3
index 5104abc20..61d823227 100644
Binary files a/pygoat/db.sqlite3 and b/pygoat/db.sqlite3 differ
diff --git a/pygoat/introduction/__pycache__/views.cpython-38.pyc b/pygoat/introduction/__pycache__/views.cpython-38.pyc
index 044825e69..af70d8933 100644
Binary files a/pygoat/introduction/__pycache__/views.cpython-38.pyc and b/pygoat/introduction/__pycache__/views.cpython-38.pyc differ
diff --git a/pygoat/introduction/mitre.py b/pygoat/introduction/mitre.py
index dfc0d4821..419bfb8c9 100644
--- a/pygoat/introduction/mitre.py
+++ b/pygoat/introduction/mitre.py
@@ -4,6 +4,8 @@
 from hashlib import md5
 import jwt
 import datetime
+import re
+import subprocess
 from .models import CSRF_user_tbl
 from django.views.decorators.csrf import csrf_exempt
 # import os
@@ -218,4 +220,25 @@ def mitre_lab_25_api(request):
 
 @authentication_decorator
 def mitre_lab_25(request):
-    return render(request, 'mitre/mitre_lab_25.html')
\ No newline at end of file
+    return render(request, 'mitre/mitre_lab_25.html')
+
+@authentication_decorator
+def mitre_lab_17(request):
+    return render(request, 'mitre/mitre_lab_17.html')
+
+def command_out(command):
+    process = subprocess.Popen(command, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+    return process.communicate()
+    
+
+@csrf_exempt
+def mitre_lab_17_api(request):
+    if request.method == "POST":
+        ip = request.POST.get('ip')
+        command = "nmap " + ip 
+        res, err = command_out(command)
+        res = res.decode()
+        err = err.decode()
+        pattern = "STATE SERVICE.*\\n\\n"
+        ports = re.findall(pattern, res,re.DOTALL)[0][14:-2].split('\n')
+        return JsonResponse({'raw_res': str(res), 'raw_err': str(err), 'ports': ports})
\ No newline at end of file
diff --git a/pygoat/introduction/templates/mitre/mitre_lab_17.html b/pygoat/introduction/templates/mitre/mitre_lab_17.html
new file mode 100644
index 000000000..733d6c34e
--- /dev/null
+++ b/pygoat/introduction/templates/mitre/mitre_lab_17.html
@@ -0,0 +1,51 @@
+{% extends "introduction/base.html" %}
+{% load static %}
+{% block content %}
+{% block title %}
+<title> Code Injection </title>
+{% endblock %}
+<div class="jumbotron">
+    <h4 style="text-align:center"> PORT SCANNING SERVICE </h4>
+    <div class="login" style="display: flex;justify-content: center;flex-direction: column;">
+        <div>
+            <input type="textarea" id="input" style="width: 400px;height: 50px;">
+            <button id="btn" style="width: 100px;height: 50px;" onclick="apicall()"> SCAN </button>
+        </div><br>
+        <div id="output" style="width: 40%; border: 2px solid #777; border-radius: 5px; padding: 7px;">
+            output<br>
+        </div>
+    </div>
+    <div style= "position : fixed ; right : 7px; bottom : 7px"> <button class="btn btn-info" type="button" onclick="window.location.href='/mitre/17'">Back to Lab
+        Details</button></div>
+    
+    <script>
+        var ports = [];
+        function apicall(){
+            var input = document.getElementById("input").value;
+            var output = document.getElementById("output");
+            var headers = new Headers();
+            var formdata = new FormData();
+            formdata.append("ip", input);
+            var requestOption = {
+                method: "POST",
+                body: formdata,
+                redirect: "follow",
+                headers: headers
+            };
+            output.innerHTML = "";
+            fetch("/mitre/17/lab/api",requestOption)
+                .then(response => response.text())
+                .then(result => {
+                    var data = JSON.parse(result);
+                    ports = data.ports;
+                    for (p in data.ports){
+                        output.innerHTML += "<span>" + ports[p] + "</span><br>";}
+                })
+                .catch(
+                    error => {console.log("error", error);
+                    output.innerHTML = "error";}
+                    );
+        }
+
+    </script>
+{% endblock %}
\ No newline at end of file
diff --git a/pygoat/introduction/templates/mitre/mitre_lab_25.html b/pygoat/introduction/templates/mitre/mitre_lab_25.html
index b4bb5ddd5..39e7350b7 100644
--- a/pygoat/introduction/templates/mitre/mitre_lab_25.html
+++ b/pygoat/introduction/templates/mitre/mitre_lab_25.html
@@ -6,7 +6,7 @@
 {% endblock %}
     <div class="jumbotron">
         <h4 style="text-align:center"> Calculator </h4>
-        <div class="login" style="display: flex;justify-content: center;flex-direction: column;}">
+        <div class="login" style="display: flex;justify-content: center;flex-direction: column;">
             <div>
                 <input type="textarea" id="input" style="width: 400px;height: 50px;">
                 <button id="btn" style="width: 100px;height: 50px;" onclick="calculate()"> Calculate </button>
diff --git a/pygoat/introduction/templates/mitre/mitre_top17.html b/pygoat/introduction/templates/mitre/mitre_top17.html
index 8108e7f88..1e6d31bd0 100644
--- a/pygoat/introduction/templates/mitre/mitre_top17.html
+++ b/pygoat/introduction/templates/mitre/mitre_top17.html
@@ -19,6 +19,15 @@ <h2 style="font-size:2.7rem">CWE-77: <span>Command Injection</span></h2>
         </ul>
         Many protocols and products have their own custom command language. While OS or shell command strings are frequently discovered and targeted, developers may not realize that these other command languages might also be vulnerable to attacks.
         Command injection is a common problem with wrapper programs.
+    </div><br>
+    <button class="coll btn btn-info">Lab 1 Details</button>
+    <div class="lab">
+        <p class="bp">
+        This is a web utility for scanning IP address for open ports.<br> 
+        Can you use this utility for something other than scanning ports?
+        <br>
+        <div align="right"> <button class="btn btn-info" type="button" onclick="window.location.href='/mitre/17/lab '">Access
+            Lab</button></div>
     </div>
 
 {% endblock %}
\ No newline at end of file
diff --git a/pygoat/introduction/templates/mitre/mitre_top21.html b/pygoat/introduction/templates/mitre/mitre_top21.html
index af65c455d..1e8746427 100644
--- a/pygoat/introduction/templates/mitre/mitre_top21.html
+++ b/pygoat/introduction/templates/mitre/mitre_top21.html
@@ -21,5 +21,33 @@ <h2 style="font-size: 2.7rem">
   internal networks, use other URLs such as that can access documents on the
   system (using file://), or use other protocols such as gopher:// or tftp://,
   which may provide greater control over the contents of requests.
+</div><br><br>
+<button class="coll btn btn-info">Lab 1 Details</button>
+<div class="lab">
+    <p class="bp">
+    This lab helps you to get an idea of how SSRF can result in major Security flaw.
+
+    The next pages shows some blog, but can you figure out how the blogs are presented?
+    
+    <br>
+    <div align="right"> <button class="btn btn-info" type="button" onclick="window.location.href='/ssrf_lab'">Access
+        Lab</button></div>
+</div>
+<button class="coll btn btn-info">Lab 2 Details</button>
+<div class="lab">
+    <p class="bp">
+      This website sends a request to the given url and displays the page withing the page.
+      now there is a page at <a href="/ssrf_target">/ssrf_target</a> which only allowes request from localhost ( ie 127.0.0.1 )
+      <br>
+      now start the server using <code>python manage.py runserver 0:8000</code><br>
+      get your network ip using <code>ifconfig</code> or <code>ipcofig</code>(in windows) <br>
+      now go to http://[your ip]/ssrf_target
+      <br>
+      Now you can't access the page because it is not from localhost.
+      Try to get access to this page content now using the utility.
+    </p>
+    <br>
+    <div align="right"> <button class="btn btn-info" type="button" onclick="window.location.href='/ssrf_lab2'">Access
+        Lab</button></div>
 </div>
 {% endblock %}
diff --git a/pygoat/introduction/urls.py b/pygoat/introduction/urls.py
index afd1418df..8a89d2df8 100644
--- a/pygoat/introduction/urls.py
+++ b/pygoat/introduction/urls.py
@@ -114,4 +114,6 @@
     path("mitre/9/lab/api/<str:recipent>/<int:amount>",mitre.csrf_transfer_monei_api,name="csrf_lab_login_api"),
     path("mitre/25/lab/api", mitre.mitre_lab_25_api, name="mitre_lab_25_api"),
     path("mitre/25/lab", mitre.mitre_lab_25, name="mitre_lab_25"),
+    path("mitre/17/lab", mitre.mitre_lab_17, name="mitre_lab_17"),
+    path("mitre/17/lab/api",mitre.mitre_lab_17_api,name="mitre_lab_17_api"),
 ]