HackingHub
@hackinghub.bsky.social
Educating the next generation of ethical hackers @ https://hackinghub.io
Want to learn how NahamSec scored a massive $50,000 payout by exploiting a Blind XSS?
Check out the full walkthrough and the lab at the link below 👇
https://app.hackinghub.io/hubs/megabites
Check out the full walkthrough and the lab at the link below 👇
https://app.hackinghub.io/hubs/megabites
November 10, 2025 at 9:03 PM
Want to learn how NahamSec scored a massive $50,000 payout by exploiting a Blind XSS?
Check out the full walkthrough and the lab at the link below 👇
https://app.hackinghub.io/hubs/megabites
Check out the full walkthrough and the lab at the link below 👇
https://app.hackinghub.io/hubs/megabites
Want to level up your virtual host scanning, asset & content discovery basics?
Make sure to check out this lab 👇
https://app.hackinghub.io/hubs/heaps-of-virtual-data
Make sure to check out this lab 👇
https://app.hackinghub.io/hubs/heaps-of-virtual-data
November 9, 2025 at 10:02 PM
Want to level up your virtual host scanning, asset & content discovery basics?
Make sure to check out this lab 👇
https://app.hackinghub.io/hubs/heaps-of-virtual-data
Make sure to check out this lab 👇
https://app.hackinghub.io/hubs/heaps-of-virtual-data
Want to hack a WordPress plugin? Look for vulnerability patterns in similar plugins👇
November 9, 2025 at 12:32 AM
Want to hack a WordPress plugin? Look for vulnerability patterns in similar plugins👇
New to Hacking? You've found the right place to start
HackingHub is a cybersecurity education platform that offers real infrastructures and scenarios to hack against, using data from actual security scenarios experienced in the real world.
✅Get started: https://app.hackinghub.io/hubs/start-here
HackingHub is a cybersecurity education platform that offers real infrastructures and scenarios to hack against, using data from actual security scenarios experienced in the real world.
✅Get started: https://app.hackinghub.io/hubs/start-here
November 7, 2025 at 9:31 PM
New to Hacking? You've found the right place to start
HackingHub is a cybersecurity education platform that offers real infrastructures and scenarios to hack against, using data from actual security scenarios experienced in the real world.
✅Get started: https://app.hackinghub.io/hubs/start-here
HackingHub is a cybersecurity education platform that offers real infrastructures and scenarios to hack against, using data from actual security scenarios experienced in the real world.
✅Get started: https://app.hackinghub.io/hubs/start-here
An easy IDOR that leaks tons of user information, but can you figure out how the usernames are created?
@nahamsec.bsky.social guides you through this "Ghost API" Hub.
Check it out here 👉 https://app.hackinghub.io/hubs/ghost-api
@nahamsec.bsky.social guides you through this "Ghost API" Hub.
Check it out here 👉 https://app.hackinghub.io/hubs/ghost-api
November 6, 2025 at 7:03 PM
An easy IDOR that leaks tons of user information, but can you figure out how the usernames are created?
@nahamsec.bsky.social guides you through this "Ghost API" Hub.
Check it out here 👉 https://app.hackinghub.io/hubs/ghost-api
@nahamsec.bsky.social guides you through this "Ghost API" Hub.
Check it out here 👉 https://app.hackinghub.io/hubs/ghost-api
Want to learn a way to find those hard-hitting critical vulnerabilities?
🐛 CVE-2025-29927 is a vulnerability in Next.JS that can lead to a complete authorization bypass.
Watch the video below to get a quick peek and then try the lab yourself 👇
https://app.hackinghub.io/hubs/cve-2025-29927
🐛 CVE-2025-29927 is a vulnerability in Next.JS that can lead to a complete authorization bypass.
Watch the video below to get a quick peek and then try the lab yourself 👇
https://app.hackinghub.io/hubs/cve-2025-29927
November 5, 2025 at 3:05 PM
Want to learn a way to find those hard-hitting critical vulnerabilities?
🐛 CVE-2025-29927 is a vulnerability in Next.JS that can lead to a complete authorization bypass.
Watch the video below to get a quick peek and then try the lab yourself 👇
https://app.hackinghub.io/hubs/cve-2025-29927
🐛 CVE-2025-29927 is a vulnerability in Next.JS that can lead to a complete authorization bypass.
Watch the video below to get a quick peek and then try the lab yourself 👇
https://app.hackinghub.io/hubs/cve-2025-29927
Want to take your Nuclei scanning skills to the next level? 'DEFCON 33 Nuclei Workshop' course will help you master Nuclei, to help you find what others miss!
Check out the course here 👇
https://app.hackinghub.io/course/defcon33-nuclei/purchase
Check out the course here 👇
https://app.hackinghub.io/course/defcon33-nuclei/purchase
November 4, 2025 at 6:02 PM
Want to take your Nuclei scanning skills to the next level? 'DEFCON 33 Nuclei Workshop' course will help you master Nuclei, to help you find what others miss!
Check out the course here 👇
https://app.hackinghub.io/course/defcon33-nuclei/purchase
Check out the course here 👇
https://app.hackinghub.io/course/defcon33-nuclei/purchase
Struggling with finding hidden assets? Watch this short clip and then test your knowledge in one of our labs!
Link to the full walkthrough video and lab 👇
https://app.hackinghub.io/hubs/heaps-of-virtual-data
Link to the full walkthrough video and lab 👇
https://app.hackinghub.io/hubs/heaps-of-virtual-data
November 3, 2025 at 9:03 PM
Struggling with finding hidden assets? Watch this short clip and then test your knowledge in one of our labs!
Link to the full walkthrough video and lab 👇
https://app.hackinghub.io/hubs/heaps-of-virtual-data
Link to the full walkthrough video and lab 👇
https://app.hackinghub.io/hubs/heaps-of-virtual-data
Did you know you can get a Linux box with the essential hacking tools and wordlists within seconds without even leaving HackingHub?
Watch the video below and test it out yourself 👇
Watch the video below and test it out yourself 👇
November 2, 2025 at 1:02 PM
Did you know you can get a Linux box with the essential hacking tools and wordlists within seconds without even leaving HackingHub?
Watch the video below and test it out yourself 👇
Watch the video below and test it out yourself 👇
Listen to these Tomcat hacking tips and put them to the test right away in our BlueWings lab!
Watch the full video and access the lab here 👇
https://app.hackinghub.io/hubs/bluewings
Watch the full video and access the lab here 👇
https://app.hackinghub.io/hubs/bluewings
November 2, 2025 at 12:03 AM
Listen to these Tomcat hacking tips and put them to the test right away in our BlueWings lab!
Watch the full video and access the lab here 👇
https://app.hackinghub.io/hubs/bluewings
Watch the full video and access the lab here 👇
https://app.hackinghub.io/hubs/bluewings
Don't feel comfortable working with Linux? Go through the 'Linux For Hackers Fundamentals' course by the expert hacker John Hammond to receive all of the Linux foundation you will need for your hacking journey 👇
https://app.hackinghub.io/course/linux-for-hackers-fundamentals/purchase
https://app.hackinghub.io/course/linux-for-hackers-fundamentals/purchase
November 1, 2025 at 12:02 AM
Don't feel comfortable working with Linux? Go through the 'Linux For Hackers Fundamentals' course by the expert hacker John Hammond to receive all of the Linux foundation you will need for your hacking journey 👇
https://app.hackinghub.io/course/linux-for-hackers-fundamentals/purchase
https://app.hackinghub.io/course/linux-for-hackers-fundamentals/purchase
Think you have what it takes to leverage an RCE and extract data even with strict firewall rules in place?
Find the lab and the full video here 👇
https://app.hackinghub.io/hubs/interactive-rce
Find the lab and the full video here 👇
https://app.hackinghub.io/hubs/interactive-rce
October 30, 2025 at 10:03 PM
Think you have what it takes to leverage an RCE and extract data even with strict firewall rules in place?
Find the lab and the full video here 👇
https://app.hackinghub.io/hubs/interactive-rce
Find the lab and the full video here 👇
https://app.hackinghub.io/hubs/interactive-rce
How much do you know about WebSockets?
Find out by hacking this chat application made by @insider.phd👇
https://app.hackinghub.io/hubs/nahamcon-25-insiderphd-websocket
Find out by hacking this chat application made by @insider.phd👇
https://app.hackinghub.io/hubs/nahamcon-25-insiderphd-websocket
October 29, 2025 at 5:05 PM
How much do you know about WebSockets?
Find out by hacking this chat application made by @insider.phd👇
https://app.hackinghub.io/hubs/nahamcon-25-insiderphd-websocket
Find out by hacking this chat application made by @insider.phd👇
https://app.hackinghub.io/hubs/nahamcon-25-insiderphd-websocket
Find out how a new hacker struck gold with this Remote Code Execution vulnerability, earning $5,000 from Netflix
Detailed walkthrough and lab is available at 👇
https://app.hackinghub.io/hubs/RemoteBinge
Detailed walkthrough and lab is available at 👇
https://app.hackinghub.io/hubs/RemoteBinge
October 28, 2025 at 5:04 PM
Find out how a new hacker struck gold with this Remote Code Execution vulnerability, earning $5,000 from Netflix
Detailed walkthrough and lab is available at 👇
https://app.hackinghub.io/hubs/RemoteBinge
Detailed walkthrough and lab is available at 👇
https://app.hackinghub.io/hubs/RemoteBinge
Missed NahamCon 2025 CTF, but up for a challenge?
Hack this cute little toy website and many others in the NahamCon 2025 CTF module 👇
https://app.hackinghub.io/hubs/nahamcon-2025-ctf
Hack this cute little toy website and many others in the NahamCon 2025 CTF module 👇
https://app.hackinghub.io/hubs/nahamcon-2025-ctf
October 27, 2025 at 11:02 PM
Missed NahamCon 2025 CTF, but up for a challenge?
Hack this cute little toy website and many others in the NahamCon 2025 CTF module 👇
https://app.hackinghub.io/hubs/nahamcon-2025-ctf
Hack this cute little toy website and many others in the NahamCon 2025 CTF module 👇
https://app.hackinghub.io/hubs/nahamcon-2025-ctf
Heard of Subfinder or Nuclei?
They are great, but you're likely missing out on @projectdiscovery.bsky.social's key tools and their full power. Our new Hub ties them all together with a single methodology to change your recon game.
🌀Start here: https://app.hackinghub.io/hubs/pd-tools
They are great, but you're likely missing out on @projectdiscovery.bsky.social's key tools and their full power. Our new Hub ties them all together with a single methodology to change your recon game.
🌀Start here: https://app.hackinghub.io/hubs/pd-tools
October 27, 2025 at 6:02 PM
Heard of Subfinder or Nuclei?
They are great, but you're likely missing out on @projectdiscovery.bsky.social's key tools and their full power. Our new Hub ties them all together with a single methodology to change your recon game.
🌀Start here: https://app.hackinghub.io/hubs/pd-tools
They are great, but you're likely missing out on @projectdiscovery.bsky.social's key tools and their full power. Our new Hub ties them all together with a single methodology to change your recon game.
🌀Start here: https://app.hackinghub.io/hubs/pd-tools
Take your knowledge about recon to the next level by completing the 'Path to RCE' hub, based on a real-world RCE vulnerability that was awarded a $40,000 bounty!
Watch the full walkthrough video and access the lab at:
https://app.hackinghub.io/hubs/path-to-rce
Watch the full walkthrough video and access the lab at:
https://app.hackinghub.io/hubs/path-to-rce
October 26, 2025 at 5:02 PM
Take your knowledge about recon to the next level by completing the 'Path to RCE' hub, based on a real-world RCE vulnerability that was awarded a $40,000 bounty!
Watch the full walkthrough video and access the lab at:
https://app.hackinghub.io/hubs/path-to-rce
Watch the full walkthrough video and access the lab at:
https://app.hackinghub.io/hubs/path-to-rce
Check out this great methodology tip by @jhaddix.bsky.social on what to do when you encounter a CMS.
Find the full walkthrough video and the lab below 👇
https://app.hackinghub.io/hubs/prison-hack
Find the full walkthrough video and the lab below 👇
https://app.hackinghub.io/hubs/prison-hack
October 25, 2025 at 5:02 PM
Check out this great methodology tip by @jhaddix.bsky.social on what to do when you encounter a CMS.
Find the full walkthrough video and the lab below 👇
https://app.hackinghub.io/hubs/prison-hack
Find the full walkthrough video and the lab below 👇
https://app.hackinghub.io/hubs/prison-hack
🚨NEW HUB: Poll Position F1
What if a simple web/API flaw on F1's governing site let you access sensitive data?
Imagine gaining access to Max Verstappen's ID and personal information, along with every other F1 driver's sensitive data
Master the circuit: https://tinyurl.com/pollF1
What if a simple web/API flaw on F1's governing site let you access sensitive data?
Imagine gaining access to Max Verstappen's ID and personal information, along with every other F1 driver's sensitive data
Master the circuit: https://tinyurl.com/pollF1
October 23, 2025 at 8:02 PM
🚨NEW HUB: Poll Position F1
What if a simple web/API flaw on F1's governing site let you access sensitive data?
Imagine gaining access to Max Verstappen's ID and personal information, along with every other F1 driver's sensitive data
Master the circuit: https://tinyurl.com/pollF1
What if a simple web/API flaw on F1's governing site let you access sensitive data?
Imagine gaining access to Max Verstappen's ID and personal information, along with every other F1 driver's sensitive data
Master the circuit: https://tinyurl.com/pollF1
Stop searching the hard way! Regular expressions (Regex) are an awesome tool for tracking down information and identifying patterns.
Learn how to wield this power for hacking and technology in our "Regex for Hackers" course: https://app.hackinghub.io/course/regex-for-hackers/purchase
Learn how to wield this power for hacking and technology in our "Regex for Hackers" course: https://app.hackinghub.io/course/regex-for-hackers/purchase
October 23, 2025 at 5:03 PM
Stop searching the hard way! Regular expressions (Regex) are an awesome tool for tracking down information and identifying patterns.
Learn how to wield this power for hacking and technology in our "Regex for Hackers" course: https://app.hackinghub.io/course/regex-for-hackers/purchase
Learn how to wield this power for hacking and technology in our "Regex for Hackers" course: https://app.hackinghub.io/course/regex-for-hackers/purchase
How are you using the most important part of hacking (Recon)?
Comment below👇
Comment below👇
October 22, 2025 at 5:03 PM
How are you using the most important part of hacking (Recon)?
Comment below👇
Comment below👇
October 21, 2025 at 6:31 PM
Tired of slide decks? This course is 100% hands-on web exploitation. Learn to think like a top bug hunter and find vulnerabilities others miss in custom-built labs.
✅ Get started today: https://app.hackinghub.io/course/nahamsec-bug-bounty-course/purchase
✅ Get started today: https://app.hackinghub.io/course/nahamsec-bug-bounty-course/purchase
October 20, 2025 at 8:02 PM
Tired of slide decks? This course is 100% hands-on web exploitation. Learn to think like a top bug hunter and find vulnerabilities others miss in custom-built labs.
✅ Get started today: https://app.hackinghub.io/course/nahamsec-bug-bounty-course/purchase
✅ Get started today: https://app.hackinghub.io/course/nahamsec-bug-bounty-course/purchase
Getting blocked by servers while using cURL?
Most sites don’t like requests from cURL and will often block it because it's a red flag for bots or scraping tools.
Try changing your User-Agent header👇
Most sites don’t like requests from cURL and will often block it because it's a red flag for bots or scraping tools.
Try changing your User-Agent header👇
October 19, 2025 at 10:31 PM
Getting blocked by servers while using cURL?
Most sites don’t like requests from cURL and will often block it because it's a red flag for bots or scraping tools.
Try changing your User-Agent header👇
Most sites don’t like requests from cURL and will often block it because it's a red flag for bots or scraping tools.
Try changing your User-Agent header👇
In Nov 2024, researchers used minimal data (name, email, or plate) to access engine controls, door locks, location tracking, and PII on Subaru STARLINK vehicles.
Master this high-impact exploit chain in our new CypherDrive lab!
Get started: https://app.hackinghub.io/hubs/cypherdrive
Master this high-impact exploit chain in our new CypherDrive lab!
Get started: https://app.hackinghub.io/hubs/cypherdrive
October 18, 2025 at 10:02 PM
In Nov 2024, researchers used minimal data (name, email, or plate) to access engine controls, door locks, location tracking, and PII on Subaru STARLINK vehicles.
Master this high-impact exploit chain in our new CypherDrive lab!
Get started: https://app.hackinghub.io/hubs/cypherdrive
Master this high-impact exploit chain in our new CypherDrive lab!
Get started: https://app.hackinghub.io/hubs/cypherdrive