skalvin

✦ Legend ✦

¯\_(ツ)_/¯ Mess with the best, die like the rest

#5 Live Ranking

16084 Total XP

123 Labs Completed 1 First Bloods 3 Streak 27 Best

+10 this week +800 this month

Activity

209 active days in the last year

Less More

Rank Progress

✦ Legend ✦

Max Rank

Achievements

First Blood

Streak Starter

Streak Master

Lab Rat

Lab Expert

Lab Master

Scholar

Top 10

Web Application SecurityMass AssignmentCommand InjectionHash CrackingPassword ReuseLinux Privilege EscalationLinux CapabilitiesPenetration TestingHost Header InjectionPassword Reset PoisoningPrivilege EscalationHTTP HeadersWeb ExploitationHeadless CMSAPI EnumerationInformation DisclosureRevision HistoryToken AbusePythonPickle DeserializationRCELinuxIDORAPI SecurityPath TraversalAccess ControlOAuth 2.0JWTWeb ReconConfiguration ExploitsUnicodeSteganographyWeb ForensicsText AnalysisCSSMedia QueriesSource AnalysisDevToolsCommand LineFile System NavigationHidden FilesgrepfindAdvanced ReconnaissanceAndroid Reverse EngineeringSCADA ExploitationCVE ExploitationAuthentication BypassJavaScriptWeb DevelopmentHexadecimalBrowser DevToolsImage AnalysisWebCTF BasicsNetwork AnalysisPacket CaptureWiresharkProtocol AnalysisBinary AnalysisHex EditorsData StructuresReverse EngineeringFile AnalysisWeb HackingLogic FlawsToken ManipulationBase64 EncodingAuthorization BypassMemory ForensicsDigital ForensicsPattern RecognitionIncident ResponseTool UsageData RecoveryROT13 EncodingWeb SecuritySession ManagementAuthenticationPHPFile UploadBypass TechniquesWeb ShellsInput ValidationSocial EngineeringPost ExploitationAudio AnalysisLSBForensicsKeePass 4.x SecurityDirect Brute ForcePassword Manager AssessmentModern CryptographySecurity Tool LimitationsAlgorithm ConfusionRS256HS256Token ForgeryLogic FlawParameter ManipulationMD5Rainbow TablesDirectory FuzzingX-Forwarded-For SpoofingBruteforceffufNewline InjectionLinux EnumerationSUID ExploitationBuffer OverflowARM64 ROPStatic Binary AnalysisBinary ExploitationpwntoolsropperGDBWeb EnumerationWPClient-Side SecuritySecurity Through ObscurityView SourceBroken Access ControlHTMLIDOR ExploitationZip Slip VulnerabilityServer-Side Template InjectionInternal Service DiscoveryBackup Service ExploitationSudo Vim ExploitationPassword CrackingLinux SecurityJohn the RipperhashcatCryptographySSHWindows SecurityNTLMHashcatHash AnalysisOffice SecurityHash ExtractionSQL InjectionRegex BypassSQLiteUNION-Based SQLiGitVersion ControlSource Code AnalysisReconnaissanceFile DiscoveryInformation GatheringType JugglingPassword AnalysisSecurity ToolsDatabase SecurityDeobfuscationCode AnalysisHTTP ProtocolRequest SmugglingNetwork ForensicsTraffic AnalysisPacket AnalysisEmail ForensicsHeader AnalysisPhishing DetectionBase64 DecodingOSINTDigital InvestigationSSRFURL ManipulationInternal Network AccessProtocol BypassSSTIFlask SecuritySSH Brute ForceDatabase EnumerationClassical CiphersPolyalphabetic CiphersDirectory TraversalPath InjectionFile System SecurityPath ManipulationFile AccessYAML DeserializationPyYAML ExploitationConfiguration InjectionPython SecurityUnsafe DeserializationRemote Code ExecutionFile Processing SecurityWebDAV ExploitationRemote File AccessHTTP MethodsWeb Server SecurityFile System EnumerationPrototype PollutionNode.js SecurityJavaScript ExploitationObject ManipulationInput Validation BypassModern Web VulnerabilitiesRace ConditionsTiming AttacksConcurrent ExploitationSecurity BypassClient-Side ManipulationDirectory EnumerationWeb ReconnaissanceAdministrative Panel DiscoverySecurity AssessmentLocal File InclusionFilter BypassApache AuthenticationCookie ManipulationDOM ManipulationFilter EvasionGraphQLSchema IntrospectionInjectionDNS AnalysisData ExfiltrationFrequency AnalysisDocker Registry APIContainer SecurityAPI ManipulationRegistry ExploitationSUID BinariesNoSQL InjectionMongoDBDocument DatabasesCRLF InjectionRedis Command InjectionCache PoisoningProtocol ManipulationLDAP InjectionDirectory ServicesEnterprise SecurityJWT ManipulationSSH ExploitationLog InjectionPython PickleEnterprise DeserializationCorporate Backup SystemsDisaster Recovery ExploitationConfiguration Import AttacksIP SpoofingAccess Control BypassJinja2 ExploitationWiFi SecurityWPA CrackingDictionary AttacksWireless Penetration TestingNetwork SecurityWireless SecurityWEP CrackingRC4 AnalysisCryptographic AttacksLegacy Protocol ExploitationWindows RegistryPersistence AnalysisMalware AnalysisHistorical CryptanalysisMD5 CrackingPassword AttacksGit ForensicsVersion Control SecurityRepository AnalysisSecret RecoveryZIP Password CrackingfcrackzipBrute ForceArchive SecurityJinja2Web Application TestingCode InjectionPDF SecurityDocument SecurityBrute Force AttacksShell CommandsSystem AdministrationHTTP Parameter ManipulationUser-Agent Log PoisoningApache SecurityLog AnalysisVisibility ControlsSecurity TestingOperator ExploitationReverse ShellSystem EnumerationNetwork ReconnaissanceServer-Side Request ForgeryAWS MetadataCloud SecurityIAM CredentialsAWS EC2File PermissionsCSRFCross-Site Request ForgerySession SecurityForm SecurityHTTP SecurityState ManagementXSSCross-Site ScriptingStored XSSSession HijackingCGIClaims ManipulationTime-Based AttacksSignature CrackingBlind SQLiTime-based SQLiBoolean-based SQLiVulnerability AssessmentXXEXML SecurityFile DisclosureExternal EntityToken AuthenticationService DiscoveryCommand Line ToolsAttack DetectionFlaskDebug ModeMemory AnalysisTransposition CipherRail FencePDF ForensicsMetadataHidden DataForensic ToolsBlockchain AnalysisBitcoinOP_RETURNHex DecodingData ExtractionForensic AnalysisLFIFile InclusionDNSCryptanalysisClassical CryptoData EncodingJenkinsCI/CDDevOpsPentestAutomationDatabase ForensicsCLI UsageBase64Hex EncodingRedisQR Code AnalysisMYSQLIWeb InspectionHTML AnalysisWEBFile Upload BypassPHP SecurityWeb Shell ExploitationApache TomcatWAR DeploymentDefault CredentialsSudoGITView Source CodeNmapNmap CommandsTelnetPort ScanningFTP ExploitationBackdoor DetectionNetwork ServicesRemote ShellSystem ExploitationFTPCapture The FlagCTFFlag SubmissionUUIDGetting StartedCyber Security FundamentalsIP SPOOFINGCookie PoisoningSession TamperingBroken AuthenticationDeveloper ToolsLearning Path

Pwnify - Web Application Penetration Testing Hard

700 XP Jun 07, 2026

Host Hijack Medium

400 XP Apr 24, 2026

Mythos Leak - Headless CMS Draft Exposure Medium

400 XP Apr 24, 2026

Pickle Jar Medium

400 XP Apr 23, 2026

ClearDesk Medium

400 XP Apr 23, 2026

Token Trust Challenge

50 XP Feb 20, 2026

Phantom Text Challenge

50 XP Feb 12, 2026

Fine Print Challenge

50 XP Feb 10, 2026

Linux Fundamentals Practice Challenge

50 XP Jan 04, 2026

Compromised 2 Hard

700 XP Dec 31, 2025

Hex Hunt Challenge

50 XP Dec 31, 2025

Stego Hunt Challenge

50 XP Dec 31, 2025

Packet Pursuit Challenge

50 XP Dec 31, 2025

Binary Secrets Challenge

50 XP Dec 31, 2025

API Breaker Challenge

50 XP Dec 31, 2025

Memory Forensics Challenge

50 XP Dec 31, 2025

Session Switch Challenge

50 XP Dec 31, 2025

File Upload Bypass Challenge

50 XP Dec 31, 2025

Sonic Cipher Challenge

50 XP Dec 31, 2025

KeePass Breaker Challenge

50 XP Dec 31, 2025

JWT Algo Confusion Challenge

50 XP Dec 31, 2025

API Logic Flaw Challenge

50 XP Dec 31, 2025

Get the Password Challenge

50 XP Dec 31, 2025

Hack the Box Hard

700 XP Dec 16, 2025

Hidden CMS Breach Medium

400 XP Dec 02, 2025

WP Ultimate Hard

700 XP Nov 17, 2025

Secrets in Source 2: Bypass Security Through Obscurity Very Easy

50 XP Nov 17, 2025

Broken Chain Hard

700 XP Nov 16, 2025

Shadow Cracker Challenge

50 XP Nov 12, 2025

TechNova Infiltration Medium

400 XP Nov 10, 2025

Windows Password Cracker Challenge

50 XP Nov 05, 2025

Office Password Cracker Challenge

50 XP Oct 30, 2025

Regex Bypass to SQLi Challenge

50 XP Oct 27, 2025

Git Exposed Challenge

50 XP Oct 22, 2025

Backup Hunter Challenge

50 XP Oct 18, 2025

Type Juggling Bypass Challenge

50 XP Oct 14, 2025

Crack SHA1 Hash Challenge

50 XP Oct 09, 2025

SQL Injection Test Challenge

50 XP Oct 08, 2025

Hack This Site Challenge

50 XP Oct 07, 2025

HTTP Smuggling Challenge

50 XP Oct 07, 2025

Email Header Forensics Challenge

50 XP Oct 03, 2025

SSRF Validator Challenge

50 XP Oct 03, 2025

FortiPy Hard

700 XP Oct 01, 2025

Vigenere Stego Hunt Challenge

50 XP Sep 30, 2025

Simple Directory Traversal Challenge

50 XP Sep 29, 2025

YAML Bomb Challenge

50 XP Sep 26, 2025

WebDAV Explorer Challenge

50 XP Sep 25, 2025

Prototype Pollution Hunter Challenge

50 XP Sep 24, 2025

Race Condition Hunter Challenge

50 XP Sep 23, 2025

IDOR Explorer Challenge

50 XP Sep 22, 2025

Header Hijacker Challenge

50 XP Sep 19, 2025

Corporate Directory Hunt Challenge

50 XP Sep 18, 2025

File Include Bypass Challenge

50 XP Sep 17, 2025

Cookie Forge Challenge

50 XP Sep 16, 2025

Button Activator Challenge

50 XP Sep 15, 2025

RCE Playground Medium

200 XP Sep 12, 2025

GraphQL Gateway Challenge

50 XP Sep 12, 2025

DNS Tunneling Detective Challenge

50 XP Sep 11, 2025

Caesar Shift Decoder Challenge

50 XP Sep 10, 2025

Registry Hijacker Challenge

50 XP Sep 09, 2025

SUID Privilege Hunter Challenge

50 XP Sep 08, 2025

MongoDB Injector Challenge

50 XP Sep 05, 2025

Redis Cache Poisoner Challenge

50 XP Sep 04, 2025

LDAP Injector Challenge

50 XP Sep 03, 2025

Infiltrator Easy

200 XP Sep 01, 2025

Corporate Backup Deserializer Challenge

50 XP Sep 01, 2025

IP Spoofing Admin Challenge

50 XP Sep 01, 2025

Template Injector Challenge

50 XP Sep 01, 2025

WiFi Password Cracker Challenge

50 XP Aug 27, 2025

WEP Cracker Challenge

50 XP Aug 27, 2025

Registry Hunter Challenge

50 XP Aug 26, 2025

Book Cipher Challenge Challenge

50 XP Aug 23, 2025

Admin Portal Breach Challenge

50 XP Aug 21, 2025

Git Secrets Hunter Challenge

50 XP Aug 20, 2025

ZIP Cracker Challenge

50 XP Aug 19, 2025

Template Injection Challenge

50 XP Aug 14, 2025

PDF Password Cracker Challenge

50 XP Aug 13, 2025

Shell Command Scanner Challenge

50 XP Aug 12, 2025

LFI Log Poison Challenge

50 XP Aug 11, 2025

NoSQL Injection Challenge

50 XP Aug 08, 2025

Internal Hard

700 XP Aug 06, 2025

URL Scanner Challenge

50 XP Aug 06, 2025

Alpwned Medium

400 XP Aug 05, 2025

CSRF Bank Transfer Challenge

50 XP Aug 05, 2025

XSS Playground Challenge

50 XP Aug 04, 2025

Path Traversal Challenge

50 XP Aug 02, 2025

JWT Claims Manipulation Challenge

50 XP Jul 31, 2025

SQL Injection Challenge

50 XP Jul 30, 2025

XXE Exposed Challenge

50 XP Jul 29, 2025

JWT Bypass Challenge

50 XP Jul 25, 2025

Auth Bypass Challenge

50 XP Jul 24, 2025

Ping Pwn Challenge

50 XP Jul 23, 2025

Log Hunter Challenge

50 XP Jul 22, 2025

Flask Error Challenge

50 XP Jul 17, 2025

Rail Fence Challenge

50 XP Jul 16, 2025

Pixel Puzzler Challenge

50 XP Jul 14, 2025

PDF Trap Challenge

50 XP Jul 11, 2025

Blockchain Secrets Challenge

50 XP Jul 10, 2025

Corporate Breach 2 Challenge

50 XP Jul 09, 2025

Corporate Breach Challenge

50 XP Jul 08, 2025

DNS Exfil Challenge

50 XP Jul 07, 2025

Crypto Cipher Challenge

50 XP Jul 04, 2025

Snapchat Exposed Challenge

50 XP Jul 02, 2025

Red is Dead Challenge

50 XP Jun 30, 2025

QR Code Quest Challenge

50 XP Jun 25, 2025

Query Quake Medium

400 XP Jun 25, 2025

Base64 Detective Challenge

50 XP Jun 24, 2025

AlVault Medium

400 XP Jun 06, 2025

FiPloit Easy

200 XP Jun 02, 2025

Compromised 1 Medium

400 XP May 29, 2025

Traversed Medium

400 XP May 29, 2025

Matsudo Medium

400 XP May 29, 2025

Beyond Echo Medium

200 XP May 29, 2025

Cronpocalypse Easy

200 XP May 29, 2025

Secrets in Source: View Source Code to Find the Flag Very Easy

50 XP May 29, 2025

Nmap Commands Lab: Port Scanning to Privilege Escalation Very Easy

100 XP May 29, 2025

Include me Easy

100 XP May 29, 2025

Anonymous 2 Easy

100 XP May 29, 2025

Anonymous Easy

100 XP May 29, 2025

Capture the Flag 101: Find and Submit Your First Flag Very Easy

50 XP May 29, 2025

Spoof! Easy

100 XP May 28, 2025

Hack the Cookie: Cookie Poisoning Attack Very Easy

50 XP May 28, 2025

Hack the Login Very Easy

50 XP May 28, 2025

Nmap Mastery: Dominate Network Scanning 4

Installing Nmap 1 XP Dec 24, 2025

Advanced Techniques 1 XP Dec 24, 2025

Introduction to Nmap 1 XP May 29, 2025

Essential Nmap Scanning 1 XP Dec 24, 2025

HTTP Header Manipulation: IP Spoofing 3

Remediate 1 XP Dec 24, 2025

Techniques for IP Spoofing in HTTP Headers 1 XP Dec 24, 2025

Manipulating Headers 1 XP May 29, 2025

Network Pentesting 10

Active reconnaissance 1 XP Dec 31, 2025

Post-exploitation 1 XP Dec 31, 2025

Pivoting 1 XP Dec 31, 2025

Service exploitation 1 XP Dec 31, 2025

Pentest reporting 1 XP Dec 31, 2025

Password attacks 1 XP Dec 31, 2025

MITM attacks 1 XP Dec 31, 2025

Vulnerability scanning 1 XP Dec 31, 2025

Network fundamentals 1 XP Dec 24, 2025

Service enumeration 1 XP Dec 31, 2025

HDNA Ethical Hacking Course 5

1. Legal & Compliance 1 XP Dec 24, 2025

2. Network Protocols and Security 1 XP Dec 24, 2025

4. Network Scanning 1 XP Dec 24, 2025

3. Reconnaissance 1 XP Dec 24, 2025

Course Summary 1 XP May 29, 2025

Hacking 101 2

Encoding is not encryption 1 XP Jun 14, 2026

The hacker mindset 1 XP Jun 10, 2026

Password Cracking 10

Rainbow tables 1 XP Dec 24, 2025

Wireless cracking 1 XP Dec 24, 2025

PDF cracking 1 XP Dec 31, 2025

Linux hash cracking 1 XP Dec 24, 2025

Office Documents cracking 1 XP Dec 24, 2025

ZIP cracking 1 XP Dec 31, 2025

Brute force attacks 1 XP Aug 28, 2025

Password fundamentals 1 XP Aug 21, 2025

Dictionary attacks 1 XP Aug 22, 2025

Windows hash cracking 1 XP Dec 24, 2025

Security Cheat Sheets 10

Hydra Cheat Sheet 1 XP Jan 04, 2026

Nikto Cheat Sheet 1 XP Jan 07, 2026

John the Ripper Cheat Sheet 1 XP Jan 15, 2026

SQLMap Cheat Sheet 1 XP Jan 07, 2026

Wireshark Cheat Sheet 1 XP Jan 15, 2026

Burp Suite Cheat Sheet 1 XP Jan 04, 2026

Gobuster Cheat Sheet 1 XP Jan 07, 2026

Nmap Cheat Sheet 1 XP Jan 01, 2026

Hashcat Cheat Sheet 1 XP Jan 15, 2026

Metasploit Cheat Sheet 1 XP Jan 04, 2026

Web App Attacks 12

CSRF Attacks 1 XP Dec 24, 2025

XXE Injection 1 XP Dec 24, 2025

SSRF 1 XP Dec 24, 2025

File Inclusion 1 XP Dec 24, 2025

Web Security Intro 1 XP Dec 24, 2025

SSTI 1 XP Aug 14, 2025

Deserialization 1 XP Aug 16, 2025

File Upload Attacks 1 XP Dec 24, 2025

XSS Attacks 1 XP Dec 24, 2025

Auth Bypass 1 XP Dec 24, 2025

SQL Injection 1 XP Dec 24, 2025

Command Injection 1 XP Aug 13, 2025

Bug Bounty 10

Quick wins 1 XP Feb 12, 2026

Hunting setup 1 XP Feb 12, 2026

Automation 1 XP Feb 12, 2026

Bug bounty basics 1 XP Feb 12, 2026

Hunting methodology 1 XP Feb 12, 2026

Avoiding duplicates 1 XP Feb 12, 2026

Bug bounty career 1 XP Feb 12, 2026

Recon fundamentals 1 XP Feb 12, 2026

Report writing 1 XP Feb 12, 2026

Program selection 1 XP Feb 12, 2026

JWT Attacks 4

JWT Basics 1 XP Aug 13, 2025

JWT Tampering 1 XP Dec 24, 2025

JWT Cracking 1 XP Dec 24, 2025

Algorithm Confusion 1 XP Dec 24, 2025

Remote Code Execution (RCE) 3

Shellshock (CVE-2014-6271) 1 XP Dec 24, 2025

RCE: Introduction 1 XP May 29, 2025

RCE in PHP 1 XP Dec 24, 2025

Windows Privilege Escalation 6

Token impersonation 1 XP Feb 16, 2026

Windows privesc basics 1 XP Feb 12, 2026

WinPEAS and PowerUp 1 XP Feb 16, 2026

Service exploitation 1 XP Feb 16, 2026

Windows enumeration 1 XP Feb 12, 2026

Registry attacks 1 XP Feb 16, 2026

CVE 1

CVE-2024-34899 0 XP May 29, 2025

Daily Hack Solved - Crack the reset token +10 XP

21 hours ago

Lesson Completed +10 XP

1 day ago

Daily Hack Solved - Tamper the invoice ID +10 XP

1 day ago

Active for 1 days

6 days ago

Lesson Completed +5 XP

1 week ago

Chapter Completed - Encoding is not encryption +1 XP

1 week ago

Lesson Completed +16 XP

1 week ago

Lesson Completed +11 XP

1 week ago

Lesson Completed +5 XP

1 week ago

Lesson Completed +16 XP

1 week ago

Lesson Completed +10 XP

1 week ago

Lesson Completed +5 XP

1 week ago

Chapter Completed - The hacker mindset +1 XP

1 week ago

Active for 2 days

2 weeks ago

Flag Found - Pwnify - Web Application Penetration Testing +350 XP

2 weeks ago

Flag Found - Pwnify - Web Application Penetration Testing +350 XP

2 weeks ago

Active for 4 days

2 weeks ago

Profile Updated +1 XP

1 month ago

Active for 11 days

1 month ago

Flag Found - Host Hijack +200 XP

1 month ago

Flag Found - Host Hijack +200 XP

1 month ago

Flag Found - Mythos Leak - Headless CMS Draft Exposure +200 XP

1 month ago

Flag Found - Mythos Leak - Headless CMS Draft Exposure +200 XP

1 month ago

Flag Found - Pickle Jar +200 XP

2 months ago

Flag Found - Pickle Jar +200 XP

2 months ago

Flag Found - ClearDesk +200 XP

2 months ago

Flag Found - ClearDesk +200 XP

2 months ago

Active for 5 days

3 months ago

Flag Found - Token Trust +50 XP

4 months ago

Chapter Completed - Token impersonation +1 XP

4 months ago

Chapter Completed - Registry attacks +1 XP

4 months ago

Chapter Completed - WinPEAS and PowerUp +1 XP

4 months ago

Your Certificate is Ready!

View and share your Certificate of Achievement

View Certificate