Profile Avatar

skalvin

Grandmaster
Lebanon Joined May 2025

Live Ranking

#12

Best: #12

Total Points

635

Total Earned

Labs Completed

91

92 User • 12 Root

Modules

12

Validated

First Bloods

1

First to Complete

Best Streak

7

Days

Achievements Certificates Activity

Skills Acquired

Technical skills practiced through completed labs

SQL InjectionRegex BypassInput ValidationWeb Application SecuritySQLiteUNION-Based SQLiGitVersion ControlSource Code AnalysisReconnaissanceWeb SecurityWeb EnumerationFile DiscoveryInformation GatheringPHPType JugglingAuthentication BypassHash AnalysisCryptographyHash CrackingPassword AnalysisSecurity ToolsDatabase SecurityPenetration TestingJavaScriptDeobfuscationClient-Side SecurityBrowser DevToolsCode AnalysisHTTP ProtocolRequest SmugglingNetwork ForensicsTraffic AnalysisPacket AnalysisEmail ForensicsHeader AnalysisPhishing DetectionBase64 DecodingOSINTDigital InvestigationSSRFURL ManipulationInternal Network AccessProtocol BypassSSTIFlask SecuritySSH Brute ForceDatabase EnumerationPrivilege EscalationSteganographyClassical CiphersImage AnalysisPolyalphabetic CiphersDirectory TraversalPath InjectionFile System SecurityPath ManipulationFile AccessYAML DeserializationPyYAML ExploitationConfiguration InjectionPython SecurityUnsafe DeserializationRemote Code ExecutionFile Processing SecurityWebDAV ExploitationFile UploadRemote File AccessHTTP MethodsWeb Server SecurityFile System EnumerationPrototype PollutionNode.js SecurityAPI SecurityJavaScript ExploitationObject ManipulationInput Validation BypassModern Web VulnerabilitiesRace ConditionsTiming AttacksConcurrent ExploitationIDORParameter ManipulationAuthorization BypassHTTP HeadersSecurity BypassClient-Side ManipulationDirectory EnumerationWeb ReconnaissanceAdministrative Panel DiscoverySecurity AssessmentLocal File InclusionFilter BypassApache AuthenticationPassword CrackingJWTCookie ManipulationDOM ManipulationCommand InjectionFilter EvasionGraphQLSchema IntrospectionInjectionDNS AnalysisData ExfiltrationFrequency AnalysisPattern RecognitionDocker Registry APIContainer SecurityAPI ManipulationRegistry ExploitationSUID BinariesLinux SecurityBinary ExploitationNoSQL InjectionMongoDBDocument DatabasesCRLF InjectionRedis Command InjectionCache PoisoningProtocol ManipulationLDAP InjectionDirectory ServicesEnterprise SecurityJWT ManipulationSSH ExploitationLog InjectionPython PickleEnterprise DeserializationCorporate Backup SystemsDisaster Recovery ExploitationConfiguration Import AttacksIP SpoofingAccess Control BypassServer-Side Template InjectionJinja2 ExploitationWiFi SecurityWPA CrackingDictionary AttacksWireless Penetration TestingNetwork SecurityWireless SecurityWEP CrackingRC4 AnalysisCryptographic AttacksLegacy Protocol ExploitationDigital ForensicsWindows RegistryPersistence AnalysisIncident ResponseMalware AnalysisHistorical CryptanalysisMD5 CrackingPassword AttacksGit ForensicsVersion Control SecurityRepository AnalysisSecret RecoveryZIP Password CrackingJohn the RipperfcrackzipBrute ForceArchive SecurityJinja2Web Application TestingCode InjectionPDF SecurityDocument SecurityBrute Force AttacksShell CommandsSystem AdministrationHTTP Parameter ManipulationUser-Agent Log PoisoningApache SecurityLog AnalysisVisibility ControlsSecurity TestingOperator ExploitationLinux CapabilitiesReverse ShellSystem EnumerationNetwork ReconnaissanceServer-Side Request ForgeryAWS MetadataCloud SecurityIAM CredentialsAWS EC2SSHLinux Privilege EscalationFile PermissionsCSRFCross-Site Request ForgerySession SecuritySocial EngineeringForm SecurityHTTP SecurityState ManagementXSSCross-Site ScriptingStored XSSSession HijackingPath TraversalCGIClaims ManipulationTime-Based AttacksSignature CrackingBlind SQLiTime-based SQLiBoolean-based SQLiVulnerability AssessmentXXEXML SecurityFile DisclosureExternal EntityToken AuthenticationWeb ExploitationService DiscoveryCommand Line ToolsForensicsAttack DetectionFlaskDebug ModePythonMemory AnalysisTransposition CipherRail FenceLSBPDF ForensicsFile AnalysisMetadataHidden DataForensic ToolsBlockchain AnalysisBitcoinOP_RETURNHex DecodingData ExtractionForensic AnalysisLFIFile InclusionNetwork AnalysisDNSCryptanalysisClassical CryptoData EncodingJenkinsCI/CDDevOpsPentestAutomationDatabase ForensicsCLI UsageData RecoveryBase64Hex EncodingRedisQR Code AnalysisMYSQLIRCEWeb InspectionHTML AnalysisWEBFile Upload BypassPHP SecurityWeb Shell ExploitationApache TomcatWAR DeploymentDefault CredentialsLinuxSudoWeb ShellsGITHTMLLearning PathTELNETFTP ExploitationBackdoor DetectionNetwork ServicesRemote ShellSystem ExploitationFTPNetworkingCommand LineWeb ServicesIP SPOOFINGJS

Completed Modules

Educational modules successfully validated

HTTP Header Manipulation: IP Spoofing

1 modules
Manipulating Headers
1 pts Completed: May 29, 2025

Nmap Mastery: Dominate Network Scanning

1 modules
Introduction to Nmap
1 pts Completed: May 29, 2025

Password Cracking: Advanced Techniques for Security Assessment

3 modules
Brute Force and Hybrid Attack Techniques
1 pts Completed: Aug 28, 2025
Password Security Fundamentals
1 pts Completed: Aug 21, 2025
Dictionary Attacks and Wordlist Optimization
1 pts Completed: Aug 22, 2025

HDNA Ethical Hacking Course

1 modules
Course Summary
1 pts Completed: May 29, 2025

Web Application Security: Exploitation and Defense

3 modules
Server-Side Template Injection
1 pts Completed: Aug 14, 2025
Deserialization Attacks
1 pts Completed: Aug 16, 2025
Command Injection
1 pts Completed: Aug 13, 2025

JWT Ethical Hacking: Token Takeover Tactics

1 modules
Introduction to JWT Tokens
1 pts Completed: Aug 13, 2025

Remote Code Execution (RCE)

1 modules
RCE: Introduction
1 pts Completed: May 29, 2025

CVE

1 modules
CVE-2024-34899
0 pts Completed: May 29, 2025

Completed Labs & Challenges

Hands-on cybersecurity challenges successfully completed

Regex Bypass to SQLi
Challenge
1 points Oct 27, 2025 6m
SQL InjectionRegex BypassInput ValidationWeb Application SecuritySQLiteUNION-Based SQLi
Git Exposed
Challenge
1 points Oct 22, 2025 11m
GitVersion ControlSource Code AnalysisReconnaissanceWeb Security
Backup Hunter
Challenge
1 points Oct 18, 2025 1h 13m
Web EnumerationFile DiscoveryReconnaissanceInformation Gathering
Type Juggling Bypass
Challenge
1 points Oct 14, 2025 1m
Web SecurityPHPType JugglingAuthentication BypassHash Analysis
Crack SHA1 Hash
Challenge
1 points Oct 09, 2025
CryptographyHash CrackingPassword AnalysisSecurity Tools
SQL Injection Test
Challenge
1 points Oct 08, 2025
SQL InjectionWeb SecurityDatabase SecurityAuthentication BypassInput ValidationPenetration Testing
Hack This Site
Challenge
1 points Oct 07, 2025 1m
JavaScriptDeobfuscationClient-Side SecurityBrowser DevToolsCode AnalysisAuthentication Bypass
HTTP Smuggling
Challenge
1 points Oct 07, 2025
HTTP ProtocolRequest SmugglingNetwork ForensicsTraffic AnalysisWeb SecurityPacket Analysis
Email Header Forensics
Challenge
1 points Oct 03, 2025 3m
Email ForensicsHeader AnalysisPhishing DetectionBase64 DecodingOSINTDigital Investigation
SSRF Validator
Challenge
1 points Oct 03, 2025 12m
SSRFWeb SecurityURL ManipulationInternal Network AccessProtocol Bypass
FortiPy
Hard
60 points Oct 01, 2025 1h 53m
Web Application SecuritySSTIFlask SecuritySSH Brute ForceDatabase EnumerationHash CrackingPrivilege Escalation
Vigenere Stego Hunt
Challenge
1 points Sep 30, 2025 2m
CryptographySteganographyClassical CiphersImage AnalysisPolyalphabetic Ciphers
Simple Directory Traversal
Challenge
1 points Sep 29, 2025 8m
Directory TraversalPath InjectionFile System SecurityWeb SecurityInput ValidationPath ManipulationFile Access
YAML Bomb
Challenge
1 points Sep 26, 2025 7m
YAML DeserializationPyYAML ExploitationConfiguration InjectionPython SecurityUnsafe DeserializationRemote Code ExecutionFile Processing Security
WebDAV Explorer
Challenge
1 points Sep 25, 2025 1h 56m
WebDAV ExploitationFile UploadDirectory TraversalRemote File AccessHTTP MethodsWeb Server SecurityFile System Enumeration
Prototype Pollution Hunter
Challenge
1 points Sep 24, 2025 5m
Prototype PollutionNode.js SecurityAPI SecurityJavaScript ExploitationObject ManipulationInput Validation BypassModern Web Vulnerabilities
Race Condition Hunter
Challenge
1 points Sep 23, 2025 1h 15m
Race ConditionsTiming AttacksConcurrent ExploitationWeb Application Security
IDOR Explorer
Challenge
1 points Sep 22, 2025 4m
IDORParameter ManipulationWeb Application SecurityAuthorization Bypass
Header Hijacker
Challenge
1 points Sep 19, 2025 7m
HTTP HeadersSecurity BypassWeb Application SecurityClient-Side Manipulation
Corporate Directory Hunt
Challenge
1 points Sep 18, 2025 19m
Directory EnumerationWeb ReconnaissanceAdministrative Panel DiscoverySecurity Assessment
File Include Bypass
Challenge
1 points Sep 17, 2025 1h 8m
Local File InclusionFilter BypassApache AuthenticationPassword Cracking
Cookie Forge
Challenge
1 points Sep 16, 2025 1h 27m
JWTCookie ManipulationAuthentication BypassPrivilege Escalation
Button Activator
Challenge
1 points Sep 15, 2025 1m
JavaScriptBrowser DevToolsDOM ManipulationClient-Side Security
RCE Playground
Medium
20 points Sep 12, 2025 5h 34m
Command InjectionInput Validation BypassRemote Code ExecutionFilter EvasionWeb Security
GraphQL Gateway
Challenge
1 points Sep 12, 2025 12m
GraphQLAPI SecuritySchema IntrospectionAuthorization BypassInjection
DNS Tunneling Detective
Challenge
1 points Sep 11, 2025 2m
Network ForensicsDNS AnalysisData ExfiltrationTraffic Analysis
Caesar Shift Decoder
Challenge
1 points Sep 10, 2025 1m
CryptographyClassical CiphersFrequency AnalysisPattern Recognition
Registry Hijacker
Challenge
1 points Sep 09, 2025 2m
Docker Registry APIAuthentication BypassContainer SecurityAPI ManipulationRegistry Exploitation
SUID Privilege Hunter
Challenge
1 points Sep 08, 2025 3m
SUID BinariesPrivilege EscalationCommand InjectionLinux SecurityBinary Exploitation
MongoDB Injector
Challenge
1 points Sep 05, 2025 6m
NoSQL InjectionMongoDBAuthentication BypassDocument DatabasesWeb Security
Redis Cache Poisoner
Challenge
1 points Sep 04, 2025 10m
CRLF InjectionRedis Command InjectionCache PoisoningProtocol ManipulationWeb Security
LDAP Injector
Challenge
1 points Sep 03, 2025 5m
LDAP InjectionAuthentication BypassDirectory ServicesEnterprise SecurityWeb Security
Infiltrator
Easy
20 points Sep 01, 2025 55m
JWT ManipulationSSH ExploitationLog InjectionPrivilege EscalationWeb SecurityLinux Security
Corporate Backup Deserializer
Challenge
1 points Sep 01, 2025 1h 10m
Python PickleEnterprise DeserializationCorporate Backup SystemsDisaster Recovery ExploitationConfiguration Import AttacksEnterprise Security
IP Spoofing Admin
Challenge
1 points Sep 01, 2025 3h 57m
Web SecurityHTTP HeadersIP SpoofingAccess Control BypassInformation Gathering
Template Injector
Challenge
1 points Sep 01, 2025 34m
Server-Side Template InjectionFlask SecurityJinja2 ExploitationRemote Code ExecutionWeb Security
WiFi Password Cracker
Challenge
1 points Aug 27, 2025 1h 55m
WiFi SecurityWPA CrackingDictionary AttacksWireless Penetration TestingNetwork SecurityPacket Analysis
WEP Cracker
Challenge
1 points Aug 27, 2025 3m
Wireless SecurityWEP CrackingRC4 AnalysisPacket AnalysisCryptographic AttacksLegacy Protocol Exploitation
Registry Hunter
Challenge
1 points Aug 26, 2025 40m
Digital ForensicsWindows RegistryPersistence AnalysisBase64 DecodingIncident ResponseMalware Analysis
Book Cipher Challenge
Challenge
1 points Aug 23, 2025 13m
CryptographyClassical CiphersPattern RecognitionHistorical Cryptanalysis
Admin Portal Breach
Challenge
1 points Aug 21, 2025 1m
Client-Side SecurityMD5 CrackingSource Code AnalysisWeb Application SecurityPassword AttacksAuthentication Bypass
Git Secrets Hunter
Challenge
1 points Aug 20, 2025 10m
Git ForensicsVersion Control SecurityRepository AnalysisPenetration TestingSecret RecoveryOSINT
ZIP Cracker
Challenge
1 points Aug 19, 2025 5m
ZIP Password CrackingJohn the RipperfcrackzipDictionary AttacksBrute ForceArchive Security
Template Injection
Challenge
1 points Aug 14, 2025 1h 0m
Server-Side Template InjectionJinja2Flask SecurityWeb Application TestingCode InjectionPrivilege Escalation
PDF Password Cracker
Challenge
1 points Aug 13, 2025 1h 0m
PDF SecurityPassword CrackingDictionary AttacksDigital ForensicsDocument SecurityBrute Force Attacks
Shell Command Scanner
Challenge
1 points Aug 12, 2025 1h 2m
Command InjectionWeb SecurityShell CommandsSystem AdministrationHTTP Parameter ManipulationSecurity Assessment
LFI Log Poison
Challenge
1 points Aug 11, 2025 1h 0m
Local File InclusionUser-Agent Log PoisoningRemote Code ExecutionDirectory TraversalWeb SecurityApache SecuritySystem AdministrationLog Analysis
NoSQL Injection
Challenge
1 points Aug 08, 2025 2h 0m
NoSQL InjectionMongoDBVisibility ControlsAccess Control BypassSecurity TestingOperator Exploitation
Internal
Hard
60 points Aug 06, 2025 11h 29m
Command InjectionLinux CapabilitiesPrivilege EscalationReverse ShellWeb Application SecuritySystem EnumerationNetwork Reconnaissance
URL Scanner
Challenge
1 points Aug 06, 2025 1h 15m
SSRFServer-Side Request ForgeryAWS MetadataCloud SecurityIAM CredentialsNetwork SecurityWeb SecurityAWS EC2
Alpwned
Medium
40 points Aug 05, 2025 9h 34m
SQL InjectionAuthentication BypassSSHLinux Privilege EscalationFile PermissionsWeb Application Security
CSRF Bank Transfer
Challenge
1 points Aug 05, 2025 1h 0m
CSRFCross-Site Request ForgerySession SecurityWeb SecuritySocial EngineeringForm SecurityHTTP SecurityState Management
XSS Playground
Challenge
1 points Aug 04, 2025 1h 0m
XSSCross-Site ScriptingStored XSSSession HijackingJavaScriptWeb SecurityClient-Side SecurityDOM Manipulation
Path Traversal
Challenge
1 points Aug 02, 2025 4h 0m
Path TraversalCGIWeb SecurityFile AccessDirectory TraversalInput Validation
JWT Claims Manipulation
Challenge
1 points Jul 31, 2025 1h 0m
JWTClaims ManipulationPrivilege EscalationAuthentication BypassTime-Based AttacksSignature Cracking
SQL Injection
Challenge
1 points Jul 30, 2025 2h 0m
SQL InjectionDatabase SecurityWeb SecurityBlind SQLiTime-based SQLiBoolean-based SQLiDatabase EnumerationVulnerability Assessment
XXE Exposed
Challenge
1 points Jul 29, 2025 1h 0m
XXEXML SecurityFile DisclosureExternal EntityWeb SecurityVulnerability Assessment
JWT Bypass
Challenge
1 points Jul 25, 2025 1h 0m
JWTWeb SecurityToken AuthenticationCryptography
Auth Bypass
Challenge
1 points Jul 24, 2025 1h 0m
SQL InjectionAuthentication BypassWeb SecurityDatabase Security
Ping Pwn
Challenge
1 points Jul 23, 2025 18m
Command InjectionWeb ExploitationService DiscoveryNetwork Security
Log Hunter
Challenge
1 points Jul 22, 2025 1h 0m
Log AnalysisWeb SecurityIncident ResponsePattern RecognitionFile DiscoveryCommand Line ToolsForensicsHTTP ProtocolAttack DetectionSecurity Assessment
Flask Error
Challenge
1 points Jul 17, 2025 2h 0m
FlaskDebug ModePythonWeb SecurityMemory Analysis
Rail Fence
Challenge
1 points Jul 16, 2025 1h 0m
CryptographyTransposition CipherRail FencePattern RecognitionPython
Pixel Puzzler
Challenge
1 points Jul 14, 2025 1h 0m
SteganographyImage AnalysisLSBForensicsPython
PDF Trap
Challenge
1 points Jul 11, 2025 1h 0m
PDF ForensicsFile AnalysisMetadataHidden DataForensic Tools
Blockchain Secrets
Challenge
1 points Jul 10, 2025 1h 0m
Blockchain AnalysisBitcoinOP_RETURNHex DecodingData ExtractionForensic Analysis
Corporate Breach 2
Challenge
1 points Jul 09, 2025 1h 0m
Web SecurityPHPLFIPath ManipulationFile Inclusion
Corporate Breach
Challenge
1 points Jul 08, 2025 1h 0m
Web SecurityPHPLFIPassword CrackingAuthentication BypassDirectory Traversal
DNS Exfil
Challenge
1 points Jul 07, 2025 33m
Network AnalysisDNSPacket AnalysisData ExfiltrationBase64 Decoding
Crypto Cipher
Challenge
1 points Jul 04, 2025 1h 0m
CryptanalysisClassical CryptoPattern RecognitionData Encoding
Snapchat Exposed
Challenge
1 points Jul 02, 2025 1h 0m
JenkinsCI/CDDevOpsWeb SecurityPentestAutomation
Red is Dead
Challenge
1 points Jun 30, 2025 1h 0m
Network ReconnaissanceService DiscoveryDatabase ForensicsData EncodingCLI UsageData RecoveryIncident ResponseBase64Hex EncodingRedis
QR Code Quest
Challenge
1 points Jun 25, 2025 1h 0m
QR Code AnalysisImage AnalysisData ExtractionSteganographyDigital Forensics
Query Quake
Medium
40 points Jun 25, 2025 12h 50m
MYSQLIRCE
Base64 Detective
Challenge
1 points Jun 24, 2025 1h 0m
Base64Web InspectionBrowser DevToolsData EncodingHTML Analysis
AlVault
Medium
40 points Jun 06, 2025 6h 24m
WEB
FiPloit
Easy
20 points Jun 02, 2025 1h 0m
Local File InclusionFile Upload BypassPHP SecurityDirectory TraversalWeb Shell ExploitationPrivilege EscalationLog Analysis
Compromised 1
Medium
40 points May 29, 2025 1h 10m
Apache TomcatWeb Application SecurityWAR DeploymentDefault CredentialsPrivilege EscalationLinuxSudoWeb Shells
Traversed
Medium
40 points May 29, 2025 46m
GIT
Matsudo
Medium
40 points May 29, 2025 26m
SSHBrute ForcePrivilege EscalationLinuxSudoNetwork ReconnaissancePenetration Testing
Beyond Echo
Medium
20 points May 29, 2025 1h 0m
PHPRCE
Cronpocalypse
Easy
20 points May 29, 2025 3h 0m
SSH
Secrets in Source
Very Easy
4 points May 29, 2025 2m
HTMLLearning Path
Nmap Lab 102
Very Easy
8 points May 29, 2025 19m
TELNETLearning Path
Include me
Easy
10 points May 29, 2025 4m
PHPLFI
Anonymous 2
Easy
10 points May 29, 2025 38m
FTP ExploitationBackdoor DetectionNetwork ServicesRemote ShellSystem Exploitation
Anonymous
Easy
10 points May 29, 2025 1h 37m
FTP
Learning Lab 101
Very Easy
4 points May 29, 2025 35m
NetworkingReconnaissanceCommand LineWeb ServicesLearning Path
Spoof!
Easy
10 points May 28, 2025 4m
IP SPOOFING
Hack the Cookie
Very Easy
4 points May 28, 2025 2h 1m
WEBLearning Path
Hack the Login
Very Easy
4 points May 28, 2025 6m
JSLearning Path

Courses Progress

Your learning paths and modules

CVE
1 / 1 modules completed
100%
Nmap Mastery: Dominate Network Scanning
1 / 4 modules completed
25%
HTTP Header Manipulation: IP Spoofing
1 / 3 modules completed
33%
Web Application Security: Exploitation and Defense
3 / 12 modules completed
25%
HDNA Ethical Hacking Course
1 / 5 modules completed
20%
JWT Ethical Hacking: Token Takeover Tactics
1 / 4 modules completed
25%
Remote Code Execution (RCE)
1 / 3 modules completed
33%
Password Cracking: Advanced Techniques for Security Assessment
3 / 6 modules completed
50%