J04nw1ck Online
Master
Live Ranking
#15
Best: #14
Total Points
738
Total Earned
Labs Completed
50
50 User • 13 Root
Modules
13
Validated
First Bloods
0
First to Complete
Best Streak
7
Days
Skills Acquired
Technical skills practiced through completed labs
MYSQLIRCEWeb EnumerationWeb SecurityAuthenticationPrivilege EscalationLinuxIDOR ExploitationZip Slip VulnerabilityServer-Side Template InjectionInternal Service DiscoveryBackup Service ExploitationSudo Vim ExploitationSQL InjectionAuthentication BypassSSHLinux Privilege EscalationFile PermissionsWeb Application SecuritySSTIFlask SecuritySSH Brute ForceDatabase EnumerationHash CrackingJWT ManipulationSSH ExploitationLog InjectionLinux SecurityCommand InjectionLinux CapabilitiesReverse ShellSystem EnumerationNetwork ReconnaissanceBrute ForceSudoPenetration TestingLocal File InclusionFile Upload BypassPHP SecurityDirectory TraversalWeb Shell ExploitationLog AnalysisHTMLBrowser DevToolsClient-Side SecuritySource Code AnalysisLearning PathFTPPassword CrackingJohn the RipperhashcatCryptographyWindows SecurityNTLMHashcatHash AnalysisOffice SecurityHash ExtractionFile DiscoveryReconnaissanceInformation GatheringGitVersion ControlPHPType JugglingSSRFURL ManipulationInternal Network AccessProtocol BypassHTTP ProtocolRequest SmugglingNetwork ForensicsTraffic AnalysisPacket AnalysisDatabase SecurityInput ValidationJavaScriptDeobfuscationCode AnalysisEmail ForensicsHeader AnalysisPhishing DetectionBase64 DecodingOSINTDigital InvestigationSteganographyClassical CiphersImage AnalysisPolyalphabetic CiphersPassword AnalysisSecurity ToolsJinja2 ExploitationRemote Code ExecutionSUID BinariesBinary ExploitationDNS AnalysisData ExfiltrationNoSQL InjectionMongoDBDocument DatabasesFrequency AnalysisPattern RecognitionLDAP InjectionDirectory ServicesEnterprise SecurityApache TomcatWAR DeploymentDefault CredentialsWeb ShellsGITGit ForensicsVersion Control SecurityRepository AnalysisSecret RecoveryWeb ExploitationService DiscoveryNetwork SecurityIncident ResponseCommand Line ToolsForensicsAttack DetectionSecurity AssessmentZIP Password CrackingfcrackzipDictionary AttacksArchive SecurityFTP ExploitationBackdoor DetectionNetwork ServicesRemote ShellSystem ExploitationIP SPOOFINGPath TraversalCGIFile AccessPDF SecurityDigital ForensicsDocument SecurityBrute Force AttacksVisibility ControlsAccess Control BypassSecurity TestingOperator ExploitationXSSCross-Site ScriptingStored XSSSession HijackingDOM ManipulationLFIWEBTELNETNetworkingCommand LineWeb ServicesWeb
Completed Modules
Educational modules successfully validated
Nmap Mastery: Dominate Network Scanning
4 modulesInstalling Nmap
Advanced Techniques
Introduction to Nmap
Essential Nmap Scanning
Password Cracking: Advanced Techniques for Security Assessment
1 modulesPDF Password Cracking and Document Security
Web Application Security: Exploitation and Defense
5 modulesCross-Site Request Forgery
Local and Remote File Inclusion
Server-Side Template Injection
Cross-Site Scripting
SQL Injection
Remote Code Execution (RCE)
3 modulesShellshock (CVE-2014-6271)
RCE: Introduction
RCE in PHP
Completed Labs & Challenges
Hands-on cybersecurity challenges successfully completed
Query Quake
Medium
MYSQLIRCE
Hidden CMS Breach
Medium
Web EnumerationWeb SecurityAuthenticationRCEPrivilege EscalationLinux
Broken Chain
Hard
IDOR ExploitationZip Slip VulnerabilityServer-Side Template InjectionInternal Service DiscoveryBackup Service ExploitationPrivilege EscalationSudo Vim Exploitation
Alpwned
Medium
SQL InjectionAuthentication BypassSSHLinux Privilege EscalationFile PermissionsWeb Application Security
FortiPy
Hard
Web Application SecuritySSTIFlask SecuritySSH Brute ForceDatabase EnumerationHash CrackingPrivilege Escalation
Infiltrator
Easy
JWT ManipulationSSH ExploitationLog InjectionPrivilege EscalationWeb SecurityLinux Security
Internal
Hard
Command InjectionLinux CapabilitiesPrivilege EscalationReverse ShellWeb Application SecuritySystem EnumerationNetwork Reconnaissance
Matsudo
Medium
SSHBrute ForcePrivilege EscalationLinuxSudoNetwork ReconnaissancePenetration Testing
FiPloit
Easy
Local File InclusionFile Upload BypassPHP SecurityDirectory TraversalWeb Shell ExploitationPrivilege EscalationLog Analysis
Secrets in Source 2
Very Easy
Web SecurityHTMLBrowser DevToolsClient-Side SecuritySource Code AnalysisLearning Path
Anonymous
Easy
FTP
Shadow Cracker
Challenge
Password CrackingLinux SecurityJohn the RipperhashcatCryptography
Windows Password Cracker
Challenge
Password CrackingWindows SecurityNTLMHashcatJohn the RipperHash Analysis
Office Password Cracker
Challenge
Password CrackingOffice SecurityHash ExtractionJohn the RipperHashcat
Backup Hunter
Challenge
Web EnumerationFile DiscoveryReconnaissanceInformation Gathering
Git Exposed
Challenge
GitVersion ControlSource Code AnalysisReconnaissanceWeb Security
Type Juggling Bypass
Challenge
Web SecurityPHPType JugglingAuthentication BypassHash Analysis
SSRF Validator
Challenge
SSRFWeb SecurityURL ManipulationInternal Network AccessProtocol Bypass
HTTP Smuggling
Challenge
HTTP ProtocolRequest SmugglingNetwork ForensicsTraffic AnalysisWeb SecurityPacket Analysis
SQL Injection Test
Challenge
SQL InjectionWeb SecurityDatabase SecurityAuthentication BypassInput ValidationPenetration Testing
Hack This Site
Challenge
JavaScriptDeobfuscationClient-Side SecurityBrowser DevToolsCode AnalysisAuthentication Bypass
Email Header Forensics
Challenge
Email ForensicsHeader AnalysisPhishing DetectionBase64 DecodingOSINTDigital Investigation
Vigenere Stego Hunt
Challenge
CryptographySteganographyClassical CiphersImage AnalysisPolyalphabetic Ciphers
Crack SHA1 Hash
Challenge
CryptographyHash CrackingPassword AnalysisSecurity Tools
Template Injector
Challenge
Server-Side Template InjectionFlask SecurityJinja2 ExploitationRemote Code ExecutionWeb Security
SUID Privilege Hunter
Challenge
SUID BinariesPrivilege EscalationCommand InjectionLinux SecurityBinary Exploitation
DNS Tunneling Detective
Challenge
Network ForensicsDNS AnalysisData ExfiltrationTraffic Analysis
MongoDB Injector
Challenge
NoSQL InjectionMongoDBAuthentication BypassDocument DatabasesWeb Security
Caesar Shift Decoder
Challenge
CryptographyClassical CiphersFrequency AnalysisPattern Recognition
LDAP Injector
Challenge
LDAP InjectionAuthentication BypassDirectory ServicesEnterprise SecurityWeb Security
Compromised 1
Medium
Apache TomcatWeb Application SecurityWAR DeploymentDefault CredentialsPrivilege EscalationLinuxSudoWeb Shells
Traversed
Medium
GIT
Git Secrets Hunter
Challenge
Git ForensicsVersion Control SecurityRepository AnalysisPenetration TestingSecret RecoveryOSINT
Auth Bypass
Challenge
SQL InjectionAuthentication BypassWeb SecurityDatabase Security
Ping Pwn
Challenge
Command InjectionWeb ExploitationService DiscoveryNetwork Security
Log Hunter
Challenge
Log AnalysisWeb SecurityIncident ResponsePattern RecognitionFile DiscoveryCommand Line ToolsForensicsHTTP ProtocolAttack DetectionSecurity Assessment
ZIP Cracker
Challenge
ZIP Password CrackingJohn the RipperfcrackzipDictionary AttacksBrute ForceArchive Security
Anonymous 2
Easy
FTP ExploitationBackdoor DetectionNetwork ServicesRemote ShellSystem Exploitation
Cronpocalypse
Easy
SSH
Spoof!
Easy
IP SPOOFING
Path Traversal
Challenge
Path TraversalCGIWeb SecurityFile AccessDirectory TraversalInput Validation
PDF Password Cracker
Challenge
PDF SecurityPassword CrackingDictionary AttacksDigital ForensicsDocument SecurityBrute Force Attacks
NoSQL Injection
Challenge
NoSQL InjectionMongoDBVisibility ControlsAccess Control BypassSecurity TestingOperator Exploitation
XSS Playground
Challenge
XSSCross-Site ScriptingStored XSSSession HijackingJavaScriptWeb SecurityClient-Side SecurityDOM Manipulation
Include me
Easy
PHPLFI
Hack the Cookie
Very Easy
WEBLearning Path
Nmap Lab 102
Very Easy
TELNETLearning Path
Onboarding Lab: Access and Flags
Very Easy
NetworkingReconnaissanceCommand LineWeb ServicesLearning Path
Secrets in Source
Very Easy
HTMLLearning Path
Hack the Login
Very Easy
WebAuthenticationClient-Side SecurityLearning Path
Courses Progress
Your learning paths and modules