iamwei
Grandmaster
Live Ranking
#14
Best: #4
Total Points
548
Total Earned
Labs Completed
63
65 User • 8 Root
Modules
23
Validated
First Bloods
14
First to Complete
Best Streak
2
Days
Skills Acquired
Technical skills practiced through completed labs
Email ForensicsHeader AnalysisPhishing DetectionBase64 DecodingOSINTDigital InvestigationRace ConditionsTiming AttacksConcurrent ExploitationWeb Application SecurityJavaScriptBrowser DevToolsDOM ManipulationClient-Side SecurityNetwork ForensicsDNS AnalysisData ExfiltrationTraffic AnalysisCryptographyClassical CiphersFrequency AnalysisPattern RecognitionCommand InjectionLinux CapabilitiesPrivilege EscalationReverse ShellSystem EnumerationNetwork ReconnaissanceWeb SecurityHTTP HeadersIP SpoofingAccess Control BypassInformation GatheringWireless SecurityWEP CrackingRC4 AnalysisPacket AnalysisCryptographic AttacksLegacy Protocol ExploitationDigital ForensicsWindows RegistryPersistence AnalysisIncident ResponseMalware AnalysisCryptanalysisClassical CryptoData EncodingSession ManagementAuthenticationPHPMemory ForensicsBinary AnalysisTool UsageData RecoveryROT13 EncodingAPI SecurityWeb HackingLogic FlawsToken ManipulationBase64 EncodingAuthorization BypassMD5 CrackingSource Code AnalysisPassword AttacksAuthentication BypassGit ForensicsVersion Control SecurityRepository AnalysisPenetration TestingSecret RecoveryBase64Web InspectionHTML AnalysisNetwork AnalysisPacket CaptureWiresharkProtocol AnalysisSteganographyImage AnalysisWebCTF BasicsShell CommandsSystem AdministrationHTTP Parameter ManipulationSecurity AssessmentServer-Side Template InjectionJinja2Flask SecurityWeb Application TestingCode InjectionPDF SecurityPassword CrackingDictionary AttacksDocument SecurityBrute Force AttacksXSSCross-Site ScriptingStored XSSSession HijackingLocal File InclusionUser-Agent Log PoisoningRemote Code ExecutionDirectory TraversalApache SecurityLog AnalysisNoSQL InjectionMongoDBVisibility ControlsSecurity TestingOperator ExploitationSSRFServer-Side Request ForgeryAWS MetadataCloud SecurityIAM CredentialsNetwork SecurityAWS EC2SQL InjectionDatabase SecurityBlind SQLiTime-based SQLiBoolean-based SQLiDatabase EnumerationVulnerability AssessmentXXEXML SecurityFile DisclosureExternal EntityJWTToken AuthenticationWeb ExploitationService DiscoveryFile DiscoveryCommand Line ToolsForensicsHTTP ProtocolAttack DetectionPath TraversalCGIFile AccessInput ValidationFlaskDebug ModePythonMemory AnalysisTransposition CipherRail FenceAudio AnalysisLSBPDF ForensicsFile AnalysisMetadataHidden DataForensic ToolsBlockchain AnalysisBitcoinOP_RETURNHex DecodingData ExtractionForensic AnalysisLFIPath ManipulationFile InclusionDNSJenkinsCI/CDDevOpsPentestAutomationDatabase ForensicsCLI UsageHex EncodingRedisQR Code AnalysisHex EditorsData StructuresReverse EngineeringMD5Rainbow TablesWeb DevelopmentHexadecimalSSHNetworkingReconnaissanceCommand LineWeb ServicesLearning PathWEBJSTELNETWPAdvanced ReconnaissanceAndroid Reverse EngineeringSCADA ExploitationCVE ExploitationGITBrute ForceLinuxSudoApache TomcatWAR DeploymentDefault CredentialsWeb ShellsFTP ExploitationBackdoor DetectionNetwork ServicesRemote ShellSystem ExploitationIP SPOOFINGRCEFTPHTML
Completed Modules
Educational modules successfully validated
Nmap Mastery: Dominate Network Scanning
4 modulesInstalling Nmap
Advanced Techniques
Introduction to Nmap
Essential Nmap Scanning
HTTP Header Manipulation: IP Spoofing
3 modulesRemediate
Techniques for IP Spoofing in HTTP Headers
Manipulating Headers
HDNA Ethical Hacking Course
5 modules1. Legal & Compliance
2. Network Protocols and Security
4. Network Scanning
3. Reconnaissance
Course Summary
Web Application Security: Exploitation and Defense
5 modulesCross-Site Request Forgery
Server-Side Request Forgery
Course Introduction
Cross-Site Scripting
SQL Injection
JWT Ethical Hacking: Token Takeover Tactics
3 modulesIntroduction to JWT Tokens
Secret Key Brute Forcing
Algorithm Confusion Exploits
Remote Code Execution (RCE)
3 modulesShellshock (CVE-2014-6271)
RCE: Introduction
RCE in PHP
Completed Labs & Challenges
Hands-on cybersecurity challenges successfully completed
Email Header Forensics
Challenge
Email ForensicsHeader AnalysisPhishing DetectionBase64 DecodingOSINTDigital Investigation
Race Condition Hunter
Challenge
Race ConditionsTiming AttacksConcurrent ExploitationWeb Application Security
Button Activator
Challenge
JavaScriptBrowser DevToolsDOM ManipulationClient-Side Security
DNS Tunneling Detective
Challenge
Network ForensicsDNS AnalysisData ExfiltrationTraffic Analysis
Caesar Shift Decoder
Challenge
CryptographyClassical CiphersFrequency AnalysisPattern Recognition
Internal
Hard
Command InjectionLinux CapabilitiesPrivilege EscalationReverse ShellWeb Application SecuritySystem EnumerationNetwork Reconnaissance
IP Spoofing Admin
Challenge
Web SecurityHTTP HeadersIP SpoofingAccess Control BypassInformation Gathering
WEP Cracker
Challenge
Wireless SecurityWEP CrackingRC4 AnalysisPacket AnalysisCryptographic AttacksLegacy Protocol Exploitation
Registry Hunter
Challenge
Digital ForensicsWindows RegistryPersistence AnalysisBase64 DecodingIncident ResponseMalware Analysis
Crypto Cipher
Challenge
CryptanalysisClassical CryptoPattern RecognitionData Encoding
Session Switch
Challenge
Web SecuritySession ManagementAuthenticationPrivilege EscalationPHP
Memory Forensics
Challenge
Memory ForensicsBinary AnalysisDigital ForensicsPattern RecognitionIncident ResponseTool UsageData RecoveryROT13 Encoding
API Breaker
Challenge
API SecurityWeb HackingLogic FlawsPrivilege EscalationToken ManipulationBase64 EncodingAuthorization Bypass
Admin Portal Breach
Challenge
Client-Side SecurityMD5 CrackingSource Code AnalysisWeb Application SecurityPassword AttacksAuthentication Bypass
Git Secrets Hunter
Challenge
Git ForensicsVersion Control SecurityRepository AnalysisPenetration TestingSecret RecoveryOSINT
Base64 Detective
Challenge
Base64Web InspectionBrowser DevToolsData EncodingHTML Analysis
Packet Pursuit
Challenge
Network AnalysisPacket CaptureWiresharkProtocol Analysis
Stego Hunt
Challenge
SteganographyImage AnalysisWebCTF Basics
Shell Command Scanner
Challenge
Command InjectionWeb SecurityShell CommandsSystem AdministrationHTTP Parameter ManipulationSecurity Assessment
Template Injection
Challenge
Server-Side Template InjectionJinja2Flask SecurityWeb Application TestingCode InjectionPrivilege Escalation
PDF Password Cracker
Challenge
PDF SecurityPassword CrackingDictionary AttacksDigital ForensicsDocument SecurityBrute Force Attacks
XSS Playground
Challenge
XSSCross-Site ScriptingStored XSSSession HijackingJavaScriptWeb SecurityClient-Side SecurityDOM Manipulation
LFI Log Poison
Challenge
Local File InclusionUser-Agent Log PoisoningRemote Code ExecutionDirectory TraversalWeb SecurityApache SecuritySystem AdministrationLog Analysis
NoSQL Injection
Challenge
NoSQL InjectionMongoDBVisibility ControlsAccess Control BypassSecurity TestingOperator Exploitation
URL Scanner
Challenge
SSRFServer-Side Request ForgeryAWS MetadataCloud SecurityIAM CredentialsNetwork SecurityWeb SecurityAWS EC2
SQL Injection
Challenge
SQL InjectionDatabase SecurityWeb SecurityBlind SQLiTime-based SQLiBoolean-based SQLiDatabase EnumerationVulnerability Assessment
XXE Exposed
Challenge
XXEXML SecurityFile DisclosureExternal EntityWeb SecurityVulnerability Assessment
JWT Bypass
Challenge
JWTWeb SecurityToken AuthenticationCryptography
Auth Bypass
Challenge
SQL InjectionAuthentication BypassWeb SecurityDatabase Security
Ping Pwn
Challenge
Command InjectionWeb ExploitationService DiscoveryNetwork Security
Log Hunter
Challenge
Log AnalysisWeb SecurityIncident ResponsePattern RecognitionFile DiscoveryCommand Line ToolsForensicsHTTP ProtocolAttack DetectionSecurity Assessment
Path Traversal
Challenge
Path TraversalCGIWeb SecurityFile AccessDirectory TraversalInput Validation
Flask Error
Challenge
FlaskDebug ModePythonWeb SecurityMemory Analysis
Rail Fence
Challenge
CryptographyTransposition CipherRail FencePattern RecognitionPython
Sonic Cipher
Challenge
SteganographyAudio AnalysisLSBForensicsPython
Pixel Puzzler
Challenge
SteganographyImage AnalysisLSBForensicsPython
PDF Trap
Challenge
PDF ForensicsFile AnalysisMetadataHidden DataForensic Tools
Blockchain Secrets
Challenge
Blockchain AnalysisBitcoinOP_RETURNHex DecodingData ExtractionForensic Analysis
Corporate Breach 2
Challenge
Web SecurityPHPLFIPath ManipulationFile Inclusion
Corporate Breach
Challenge
Web SecurityPHPLFIPassword CrackingAuthentication BypassDirectory Traversal
DNS Exfil
Challenge
Network AnalysisDNSPacket AnalysisData ExfiltrationBase64 Decoding
Snapchat Exposed
Challenge
JenkinsCI/CDDevOpsWeb SecurityPentestAutomation
Red is Dead
Challenge
Network ReconnaissanceService DiscoveryDatabase ForensicsData EncodingCLI UsageData RecoveryIncident ResponseBase64Hex EncodingRedis
QR Code Quest
Challenge
QR Code AnalysisImage AnalysisData ExtractionSteganographyDigital Forensics
Binary Secrets
Challenge
Binary AnalysisHex EditorsData StructuresReverse EngineeringFile Analysis
Get the Password
Challenge
JavaScriptMD5Rainbow TablesWeb DevelopmentBrowser DevTools
Hex Hunt
Challenge
JavaScriptWeb DevelopmentHexadecimalBrowser DevTools
Cronpocalypse
Easy
SSH
Learning Lab 101
Very Easy
NetworkingReconnaissanceCommand LineWeb ServicesLearning Path
Hack the Cookie
Very Easy
WEBLearning Path
Hack the Login
Very Easy
JSLearning Path
Nmap Lab 102
Very Easy
TELNETLearning Path
WP Ultimate
Hard
WP
Compromised 2
Hard
Advanced ReconnaissanceAndroid Reverse EngineeringSCADA ExploitationCVE ExploitationAuthentication BypassPrivilege Escalation
Traversed
Medium
GIT
Matsudo
Medium
SSHBrute ForcePrivilege EscalationLinuxSudoNetwork ReconnaissancePenetration Testing
Compromised 1
Medium
Apache TomcatWeb Application SecurityWAR DeploymentDefault CredentialsPrivilege EscalationLinuxSudoWeb Shells
Anonymous 2
Easy
FTP ExploitationBackdoor DetectionNetwork ServicesRemote ShellSystem Exploitation
Spoof!
Easy
IP SPOOFING
Beyond Echo
Medium
PHPRCE
Anonymous
Easy
FTP
Include me
Easy
PHPLFI
Secrets in Source
Very Easy
HTMLLearning Path
Courses Progress
Your learning paths and modules