Level 1 — Low
Auth Bypass
Bypass the login screen without knowing the password.
Start Challenge
Level 2 — Low
Union Based
Use UNION SELECT to extract hidden content from other tables.
Start Challenge
Level 3 — Medium
Error Based
Force an error to leak database structure data.
Start Challenge
Level 4 — Medium
Blind Boolean
Blindly extract the secret character by character.
Start Challenge
Level 5 — Hard
WAF Bypass
Bypass a firewall blocking spaces by injecting alternate delimiters.
Start Challenge
Level 6 — Hard
Order By Injection
Inject logic into an ORDER BY clause.
Start Challenge
Level 7 — Expert
Second Order SQLi
Your registration payload triggers later when viewing your profile.
Start Challenge