A Finnish, beginner-friendly learning platform from hackers to hackers!

In Hakatemia you will learn cybersecurity, ethical hacking and programming from professionals. You start from the basics and soon you will be practicing real attacks safely in a training environment. The Hakatemia community supports you on your journey.

Hakatemia members stories

Here are some nice things people have said about us ❤️

Olen oppinut paljon perusteita Hakatemista ja osallistuin ensimmäisen kerran CTF kilpailuunkin jossa sai paljon apua ja uutta oppia!
Username123
Level 15
Vahva suositus XXE labroista sain kokemusta niitä kautta ja sain ensimmäisen bug bountyni, kiitos siis hakatemia!

-Arttu/G1gaByt3/Mr0zzy
Level 18
5/5 hienosti tehty alusta eikä opetuksessakaan ole puutteita, alusta innosti uudelleen aloittamaan hakkeroinnin
Level 14
Fundamentals
BurpSuite - Fundamentals
Python Programming
Basics of web development
SQL Injection
Password attacks
Command injections
XSS (Cross-Site Scripting)
JWT Attacks
XXE (XML External Entity) Attacks
LFI / RFI
Access control vulnerabilities
URL injection
Template Injection Vulnerabilities
Deserialization Attacks
Browser security
Windows - Attack and Defense
Nmap
Windows information security basics
Linux management and hardening
Type-juggling vulnerabilities
PDF export injection
Wireshark
Basics and concepts of information security monitoring
Cryptography
Metasploit
Building BurpSuite Extensions
Computer Networks
Nessus
Fundamentals
BurpSuite - Fundamentals
Python Programming
Basics of web development
SQL Injection
Password attacks
Command injections
XSS (Cross-Site Scripting)
JWT Attacks
XXE (XML External Entity) Attacks
LFI / RFI
Access control vulnerabilities
URL injection
Template Injection Vulnerabilities
Deserialization Attacks
Browser security
Windows - Attack and Defense
Nmap
Windows information security basics
Linux management and hardening
Type-juggling vulnerabilities
PDF export injection
Wireshark
Basics and concepts of information security monitoring
Cryptography
Metasploit
Building BurpSuite Extensions
Computer Networks
Nessus
Fundamentals
BurpSuite - Fundamentals
Python Programming
Basics of web development
SQL Injection
Password attacks
Command injections
XSS (Cross-Site Scripting)
JWT Attacks
XXE (XML External Entity) Attacks
LFI / RFI
Access control vulnerabilities
URL injection
Template Injection Vulnerabilities
Deserialization Attacks
Browser security
Windows - Attack and Defense
Nmap
Windows information security basics
Linux management and hardening
Type-juggling vulnerabilities
PDF export injection
Wireshark
Basics and concepts of information security monitoring
Cryptography
Metasploit
Building BurpSuite Extensions
Computer Networks
Nessus
Fundamentals
BurpSuite - Fundamentals
Python Programming
Basics of web development
SQL Injection
Password attacks
Command injections
XSS (Cross-Site Scripting)
JWT Attacks
XXE (XML External Entity) Attacks
LFI / RFI
Access control vulnerabilities
URL injection
Template Injection Vulnerabilities
Deserialization Attacks
Browser security
Windows - Attack and Defense
Nmap
Windows information security basics
Linux management and hardening
Type-juggling vulnerabilities
PDF export injection
Wireshark
Basics and concepts of information security monitoring
Cryptography
Metasploit
Building BurpSuite Extensions
Computer Networks
Nessus
Fundamentals
BurpSuite - Fundamentals
Python Programming
Basics of web development
SQL Injection
Password attacks
Command injections
XSS (Cross-Site Scripting)
JWT Attacks
XXE (XML External Entity) Attacks
LFI / RFI
Access control vulnerabilities
URL injection
Template Injection Vulnerabilities
Deserialization Attacks
Browser security
Windows - Attack and Defense
Nmap
Windows information security basics
Linux management and hardening
Type-juggling vulnerabilities
PDF export injection
Wireshark
Basics and concepts of information security monitoring
Cryptography
Metasploit
Building BurpSuite Extensions
Computer Networks
Nessus
Fundamentals
BurpSuite - Fundamentals
Python Programming
Basics of web development
SQL Injection
Password attacks
Command injections
XSS (Cross-Site Scripting)
JWT Attacks
XXE (XML External Entity) Attacks
LFI / RFI
Access control vulnerabilities
URL injection
Template Injection Vulnerabilities
Deserialization Attacks
Browser security
Windows - Attack and Defense
Nmap
Windows information security basics
Linux management and hardening
Type-juggling vulnerabilities
PDF export injection
Wireshark
Basics and concepts of information security monitoring
Cryptography
Metasploit
Building BurpSuite Extensions
Computer Networks
Nessus
Fundamentals
BurpSuite - Fundamentals
Python Programming
Basics of web development
SQL Injection
Password attacks
Command injections
XSS (Cross-Site Scripting)
JWT Attacks
XXE (XML External Entity) Attacks
LFI / RFI
Access control vulnerabilities
URL injection
Template Injection Vulnerabilities
Deserialization Attacks
Browser security
Windows - Attack and Defense
Nmap
Windows information security basics
Linux management and hardening
Type-juggling vulnerabilities
PDF export injection
Wireshark
Basics and concepts of information security monitoring
Cryptography
Metasploit
Building BurpSuite Extensions
Computer Networks
Nessus
Fundamentals
BurpSuite - Fundamentals
Python Programming
Basics of web development
SQL Injection
Password attacks
Command injections
XSS (Cross-Site Scripting)
JWT Attacks
XXE (XML External Entity) Attacks
LFI / RFI
Access control vulnerabilities
URL injection
Template Injection Vulnerabilities
Deserialization Attacks
Browser security
Windows - Attack and Defense
Nmap
Windows information security basics
Linux management and hardening
Type-juggling vulnerabilities
PDF export injection
Wireshark
Basics and concepts of information security monitoring
Cryptography
Metasploit
Building BurpSuite Extensions
Computer Networks
Nessus
Fundamentals
BurpSuite - Fundamentals
Python Programming
Basics of web development
SQL Injection
Password attacks
Command injections
XSS (Cross-Site Scripting)
JWT Attacks
XXE (XML External Entity) Attacks
LFI / RFI
Access control vulnerabilities
URL injection
Template Injection Vulnerabilities
Deserialization Attacks
Browser security
Windows - Attack and Defense
Nmap
Windows information security basics
Linux management and hardening
Type-juggling vulnerabilities
PDF export injection
Wireshark
Basics and concepts of information security monitoring
Cryptography
Metasploit
Building BurpSuite Extensions
Computer Networks
Nessus

Level up!

Gamified learning environment

Hakatemia is a gamified learning environment where you get experience points, levels and badges for successfully completing tasks. On the leaderboard, you can compete with other students.

Complete tasks to level up

By completing tasks you get experience points and levels.

Master new skills

Hakatemia has different types of exercises that give experience points to the skills related to the exercise.

Compete on the leaderboard

Compete on the leaderboard against other students.

Keep up your streak

A long streak of completing tasks increases your streak.

Get badges

By completing challenges you get badges.

No VPN required

Real-world lab exercises brought straight to your browser

Hakatemia lab environment has used a variety of technologies to optimize the user experience. We always strive to provide the simplest, most functional and fastest user interface for completing the task.

Web-based terminal

Often lab exercises do not require a full desktop environment, but rather a terminal. For this reason, Hakatemia uses a terminal based on xterm.js, which works directly in your browser. Unlike a full remote desktop, the web terminal works in real time even on slower connections and copy/paste works normally.

Web-based desktop

However, some lab exercises require a full desktop environment. In this case, we use a VNC connection tunneled over WebSockets, which allows a fully functional Kali Linux desktop directly in your browser.

Web-based development environment

In the web development environment, you can write and run code and scripts directly in your browser. This option is typically used when you are required to write or edit code or scripts to complete the task.

Practice attacks and earn experience points

How does Hakatemia work?

On a regular learning platform, you watch videos, read texts, and complete assignments. These basic elements are also found in Hakatemia, but they are all just preparation for the core of Hakatemia: lab exercises. In Hakatemia labs, you get to perform attacks against real vulnerable targets and earn levels and experience points when you solve a task.

App screenshot
Watch video.
Many courses or modules have a video where the topic is covered.
Read material.
All modules include readable material consisting of text, images, questions, and exercises.
Start lab task.
You will be given your own server in a few seconds, where you will find a vulnerable web application. You are free to search for and exploit vulnerabilities in the application. Depending on the task, you will also have access to attacker resources, such as a Kali Linux terminal that opens in your browser, where you can run attack tools and receive connections.
Use tools.
As a Hakatemia PRO member, you will also have access to Hakatemia tools that make it easier to find and exploit vulnerabilities.
Enter flag on Hakatemia page.
When you complete a task, you will receive a flag from the lab environment. When you enter the flag on the Hakatemia page, you will earn experience points and progress in the course.
Climb the leaderboard.
Hakatemia has a leaderboard that always lists the top ten hackers in Hakatemia with their levels and experience points.

Latest additions

Building BurpSuite Extensions

Cryptography

Basics and concepts of information security monitoring

Linux management and hardening

Windows information security basics

Nessus

Content Security Policy (CSP)

BurpSuite - Fundamentals

Blog

Metasploit, that pentester's swiss army knife

Sun, Oct 22, 2023

Welcome to Hakatemia's latest course! Metasploit is a popular attack framework that helps professionals identify and exploit security holes. In this course, you will go through the use of Metasploit and learn how it can be used to carry out attacks and find security holes.

Learning paths

Tue, Sep 5, 2023

Knock, knock, Neo. Follow the white rabbit... I mean the learning path!

Hakatemia now also in English!

Wed, Aug 30, 2023

Learning is more fun together!