SixHack Academy Offensive learning
ES Español EN English
Enter
SixHack Academy

Offensive Cybersecurity academy backed by real research.

SixHack Academy is an online ethical hacking and pentesting academy led by a security researcher with 67 published CVEs and international recognition from CERN, WHO, UNESCO, Harvard and the U.S. Department of Commerce. This isn't another theory course: we teach what we do in the real world every day.

Vulnerabilities
67CVE
Hall of Fame
17orgs
Certifications
14earned
Pillars

What defines SixHack Academy

Four principles that set us apart from generic cybersecurity training.

🎯

Content with judgment

Every module is designed from real vulnerabilities and techniques. No "textbook" examples that never show up in real audits.

🧪

Labs at the core

70% of your time is spent in the lab. SQLi, XSS, IDOR, SSRF, file upload, path traversal and more, in controlled environments.

🔬

Active research

The researcher behind the courses keeps finding and publishing vulnerabilities. Material is updated with what actually works today.

📝

Professional methodology

From finding to report: enumerate, validate, exploit, document and communicate impact. The way real audits are done.

Lead instructor

Gonzalo Aguilar García

Head of Cybersecurity at K-LAGAN · Offensive security researcher · Known in the community as 6h4ack

Computer engineer specialized in offensive security, focused on vulnerability research and real-world application auditing. Currently leads security strategy and governance at K-LAGAN, combining that role with independent research publishing and the technical direction of SixHack Academy.

His work focuses on identifying and assessing real-impact vulnerabilities, with a verifiable track record of responsible disclosure to leading international organizations and companies.

Red Team and Web/Mobile Pentesting
Application Security (AppSec)
Responsible Disclosure (CVD)
Automation with Python and Bash

Public research: published CVEs

Vulnerabilities discovered and responsibly disclosed. Each card links to the official record.

67 total CVEs
CVE-2026-5010 Medium

Reflected Cross-Site Scripting (XSS) in Sanoma’s Clickedu Summary A reflected Cross-Site Scripting (XSS) vulnerability has been discovered in Clickedu. This vulnerability allows an attacker to execute JavaScript code in…

📅 2026-03-27 CVSS 5,1
CVE-2025-41026 Medium

Multiple vulnerabilities in GDTaller Summary Reflected Cross Site Scripting (XSS) vulnerabilities in GDTaller. These vulnerabilities allows an attacker execute JavaScript code in the victim's browser by sending a…

📅 2026-03-26 CVSS 5,1
CVE-2025-41027 Medium

Multiple vulnerabilities in GDTaller Summary Reflected Cross Site Scripting (XSS) vulnerabilities in GDTaller. These vulnerabilities allows an attacker execute JavaScript code in the victim's browser by sending a…

📅 2026-03-26 CVSS 5,1
CVE-2026-4816 Medium

Reflected Cross Site Scripting (XSS) vulnerability in Support Board Summary A Reflected Cross Site Scripting (XSS) vulnerability has been found in Support Board v3.7.7. This vulnerability allows an attacker to execute…

📅 2026-03-25 CVSS 4,8
CVE-2026-4815 High

SQL Injection vulnerability in Support Board Summary A SQL Injection vulnerability has been found in Support Board v3.7.7. This vulnerability allows an attacker to retrieve, create, update and delete database via…

📅 2026-03-25 CVSS 8,7
CVE-2025-41007 Critical

SQL Injection in Cuantis Summary SQL Injection in Cuantis. This vulnerability allows an attacker to retrieve, create, update and delete databases through the 'search' parameter in the '/search.php' endpoint. Severity ?…

📅 2026-03-23 CVSS 9,3
CVE-2025-41008 Critical

SQL Injection in Sinturno Summary SQL injection vulnerability in Sinturno. This vulnerability allows an attacker to retrieve, create, update, and delete databases through the 'client' parameter in the…

📅 2026-03-23 CVSS 9,3
CVE-2025-40638 Medium

Reflected Cross-Site Scripting (XSS) in Eventobot Summary A reflected Cross-Site Scripting (XSS) vulnerability has been found in Eventobot. This vulnerability allows an attacker to execute JavaScript code in the…

📅 2026-03-09 CVSS 5,1
CVE-2025-40639 High

SQL injection in Eventobot Summary A SQL injection vulnerability has been found in Eventobot. This vulnerability allows an attacker to retrieve, create, update and delete databases through the 'promo_send' parameter in…

📅 2026-03-09 CVSS 8,7
CVE-2025-40701 Medium

Reflected Cross-Site scripting (XSS) in SOTE's SOTESHOP Summary Reflected Cross-Site Scripting vulnerability in SOTESHOP, version 8.3.4. THis vulnerability allows an attacker execute JavaScript code in the victim's…

📅 2026-02-23 CVSS 5,1
CVE-2025-40986 Medium

Reflected Cross-Site Scripting in PideTuCita Summary Reflected Cross-Site Scripting (XSS) vulnerability in PideTuCita. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending…

📅 2026-02-23 CVSS 5,1
CVE-2025-41002 Critical

SQL injection in Infoticketing Summary SQL injection vulnerability in Infoticketing. This vulnerability allows an unauthenticated attacker to retrieve, create, update, and delete the database by sending a POST request…

📅 2026-02-23 CVSS 9,3
CVE-2025-40697 Medium

Reflected Cross-Site Scripting (XSS) in Lewe WebMeasure Summary Reflected Cross-Site Scripting (XSS) vulnerability in '/index.php' in Lewe WebMeasure, which allows remote attackers to execute arbitrary code through the…

📅 2026-02-19 CVSS 5,1
CVE-2025-41023 Medium

Authentication bypass in AutoGPT de Thesamur Summary An authentication bypass vulnerability has been found in Thesamur's AutoGPT. This vulnerability allows an attacker to bypass authentication mechanisms. Once inside…

📅 2026-02-19 CVSS 6,9
CVE-2026-2735 Medium

Stored Cross-Site Scripting (XSS) vulnerability in Alkacon's OpenCms Summary Stored Cross-Site Scripting (XSS) in Alkacon's OpenCms v18.0, which occurs when user input is not properly validated when sending a POST…

📅 2026-02-19 CVSS 5,1
CVE-2026-2736 Medium

Reflected Cross-Site Scripting (XSS) vulnerability in Alkacon's OpenCms Summary Reflected Cross-site Scripting (XSS) in Alkacon's OpenCms v18.0, which allows an attacker to execute JavaScript code in the victim's…

📅 2026-02-19 CVSS 5,1
CVE-2025-40644 Medium

Reflected Cross-Site Scripting (XSS) in QRGen's Riftzilla Summary Reflected Cross-Site Scripting (XSS) vulnerability in Riftzilla's QRGen. This vulnerability allows an attavker to execute JavaScript code in the victim's…

📅 2026-01-20 CVSS 5,1
CVE-2025-40679 Medium

HTML injection in Isshue from Bdtask Summary HTML Injection vulnerability in Isshue by Bdtask, consisting os an HTML injection due to a lack os proper validation of user input by sending a POST request to…

📅 2026-01-20 CVSS 5,1
CVE-2025-41081 Medium

Reflected Cross-Site Scripting (XSS) in IsMyGym Summary Reflected Cross-Site Scripting (XSS) vulnerability in IsMyGym by Zuinq Studio. This vulnerability allows an attacker to execute JavaScript code in the victim's…

📅 2026-01-20 CVSS 5,1
CVE-2026-1183 Medium

HTML injection in multiple Botble products Summary HTML injection vulnerability in multiple Botble products such as TransP, Athena, Martfury, and Homzen, consisting of an HTML injection due to a lack of proper…

📅 2026-01-20 CVSS 5,1
CVE-2025-40975 Medium

Multiple vulnerabilities in WorkDo products Summary Stored Cross-Site Scripting (XSS) vulnerability in WorkDo's HRMGo, consisting of a lack of proper validation of user input by sending a POST request to…

📅 2026-01-12 CVSS 5,1
CVE-2025-40976 Medium

Multiple vulnerabilities in WorkDo products Summary Stored Cross-Site Scripting (XSS) vulnerability in WorkDo's TicketGo, consisting of a lack of proper validation of user input by sending a POST request to…

📅 2026-01-12 CVSS 5,1
CVE-2025-40977 Medium

Multiple vulnerabilities in WorkDo products Summary Stored Cross-Site Scripting (XSS) vulnerability in WorkDo's eCommerceGo SaaS, consisting of a lack of proper validation of user input by sending a POST request to…

📅 2026-01-12 CVSS 5,1
CVE-2025-40978 Medium

Multiple vulnerabilities in WorkDo products Summary Stored Cross-Site Scripting (XSS) vulnerability in WorkDo's eCommerceGo SaaS, consisting of a stored XSS due to a lack of proper validation of user input by sending a…

📅 2026-01-12 CVSS 5,1
CVE-2025-41003 Medium

Multiple vulnerabilities in Imaster products Open configuration options Summary Imaster's Patient Record Management System contains a stored Cross-Site Scripting (XSS) vulnerability in the endpoint…

📅 2026-01-12 CVSS 5,1
CVE-2025-41004 High

Multiple vulnerabilities in Imaster products Open configuration options Summary Imaster's Patient Records Management System is vulnerable to SQL Injection in the endpoint ‘/projects/hospital/admin/complaints.php’…

📅 2026-01-12 CVSS 8,7
CVE-2025-41005 High

Multiple vulnerabilities in Imaster products Open configuration options Summary Imaster's MEMS Events CRM contains an SQL injection vulnerability in‘keyword’ parameter in ‘/memsdemo/exchange_offers.php’. Severity ? 8.7…

📅 2026-01-12 CVSS 8,7
CVE-2025-41006 Critical

Multiple vulnerabilities in Imaster products Open configuration options Summary Imaster's MEMS Events CRM contains an SQL injection vulnerability in ‘phone’ parameter in ‘/memsdemo/login.php’. Severity ? 9.3 (Critical)…

📅 2026-01-12 CVSS 9,3
CVE-2025-40700 Medium

Reflected Cross-Site Scripting (XSS) in Governalia by IDI Eikon Summary Reflected Cross-Site Scripting (XSS) in IDI Eikon's Governalia. The vulnerability allows an attacker to execute JavaScript code in the victim's…

📅 2025-12-02 CVSS 5,1
CVE-2025-41101 Medium

Multiple vulnerabilities in Fairsketch's RISE CRM Framework Summary HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation…

📅 2025-11-11 CVSS 5,1
CVE-2025-41102 Medium

Multiple vulnerabilities in Fairsketch's RISE CRM Framework Summary HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation…

📅 2025-11-11 CVSS 5,1
CVE-2025-41103 Medium

Multiple vulnerabilities in Fairsketch's RISE CRM Framework Summary HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation…

📅 2025-11-11 CVSS 5,1
CVE-2025-41104 Medium

Multiple vulnerabilities in Fairsketch's RISE CRM Framework Summary HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation…

📅 2025-11-11 CVSS 5,1
CVE-2025-41105 Medium

Multiple vulnerabilities in Fairsketch's RISE CRM Framework Summary HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation…

📅 2025-11-11 CVSS 5,1
CVE-2025-41106 Medium

Multiple vulnerabilities in Fairsketch's RISE CRM Framework Summary HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation…

📅 2025-11-11 CVSS 5,1
CVE-2025-41107 Medium

Stored XSS in Smart School Summary Stored Cross Site Scripting (XSS) vulnerability in Smart School 7.0 due to lack of proper validation of user input when sending a POST request to '/online_admission', wich affects the…

📅 2025-11-10 CVSS 5,1
CVE-2025-41009 Critical

SQL injection on the virtual campus platform of Diseño de Recursos Educativos Summary SQL injection vulnerability in the DRED virtual campus platform. This vulnerability allows an attacker to retrieve, create, update,…

📅 2025-10-27 CVSS 9,3
CVE-2025-40989 Medium

Stored XSS in Creativeitem Ekushey CRM Summary Stored Cross Site Scripting vulnerability in Ekushey CRM v5.0 by Creativeitem, due to lack of proper validation of user inputs via the…

📅 2025-10-02 CVSS 5,1
CVE-2025-40990 Medium

Stored XSS in Creativeitem Ekushey CRM Summary Stored Cross Site Scripting vulnerability in Ekushey CRM v5.0 by Creativeitem, due to lack of proper validation of user inputs via the…

📅 2025-10-02 CVSS 5,1
CVE-2025-40991 Medium

Stored XSS in Creativeitem Ekushey CRM Summary Stored Cross Site Scripting vulnerability in Ekushey CRM v5.0 by Creativeitem, due to lack of proper validation of user inputs via the…

📅 2025-10-02 CVSS 5,1
CVE-2025-40992 Medium

Stored XSS in Creativeitem Sociopro Summary Stored XSS vulnerability in Creativeitem Sociopro due to lack of proper validation of user inputs via the endpoint '/sociopro/profile/update_profile', affecting to 'name'…

📅 2025-10-02 CVSS 5,1
CVE-2025-10341 Medium

HTML injection in Perfex CRM Summary HTML injection vulnerability in Perfex CRM v3.2.1 consisting of a stored HTML injection due to lack of proper validation of user input by sending a POST request in the parameter…

📅 2025-09-29 CVSS 5,3
CVE-2025-10342 Medium

HTML injection in Perfex CRM Summary HTML injection vulnerability in Perfex CRM v3.2.1 consisting of a stored HTML injection due to lack of proper validation of user input by sending a POST request in the parameter…

📅 2025-09-29 CVSS 5,3
CVE-2025-10343 Medium

HTML injection in Perfex CRM Summary HTML injection vulnerability in Perfex CRM v3.2.1 consisting of a stored HTML injection due to lack of proper validation of user input by sending a POST request in the parameter…

📅 2025-09-29 CVSS 5,3
CVE-2025-10344 Medium

HTML injection in Perfex CRM Summary HTML injection vulnerability in Perfex CRM v3.2.1 consisting of a stored HTML injection due to lack of proper validation of user input by sending a POST request in the parameters…

📅 2025-09-29 CVSS 5,3
CVE-2025-10345 Medium

HTML injection in Perfex CRM Summary HTML injection vulnerability in Perfex CRM v3.2.1 consisting of a stored HTML injection due to lack of proper validation of user input by sending a POST request in the parameters…

📅 2025-09-29 CVSS 5,3
CVE-2025-10346 Medium

HTML injection in Perfex CRM Summary HTML injection vulnerability in Perfex CRM v3.2.1 consisting of a stored HTML injection due to lack of proper validation of user input by sending a POST request in the parameters…

📅 2025-09-29 CVSS 5,3
CVE-2025-40725 Medium

Reflected Cross-Site Scripting (XSS) in Azon Dominator Summary Reflected Cross-Site Scripting (XSS) vulnerability in Azon Dominator. This vulnerability allows an attacker to execute JavaScript code in the victim's…

📅 2025-09-10 CVSS 5,1
CVE-2025-40641 Medium

Stored Cross-Site Scripting (XSS) in the Multi-purpose Inventory Management System Summary Cross-site Scripting (XSS) vulnerability stored in Multi-Purpose Inventory Management System, consisting of a stored XSS due to…

📅 2025-09-08 CVSS 5,1
CVE-2025-40642 Medium

Reflected Cross-Site Scripting (XSS) in WebWork Summary Reflected Cross-Site Scripting (XSS) vulnerability in WebWork, which allows remote attackers to execute arbitrary code through the 'q' and 'engine' request…

📅 2025-09-08 CVSS 5,1
CVE-2025-40730 Medium

HTML injection in Vox Media's Chorus CMS Summary HTML injection in Vox Media's Chorus CMS. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL using…

📅 2025-07-28 CVSS 4,8
CVE-2025-40724 Medium

Stored Cross-Site Scripting (XSS) in Pharmacy POS PHP Script Summary Stored Cross-Site Scripting (XSS) vulnerability in Pharmacy POS PHP Script. This vulnerability allows an attacker to execute JavaScript code in the…

📅 2025-07-16 CVSS 5,1
CVE-2025-40674 Medium

Reflected Cross-Site Scripting (XSS) in osCommerce Summary Reflected Cross-Site Scripting (XSS) in osCommerce v4. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending the…

📅 2025-06-17 CVSS 5,1
CVE-2025-40726 Medium

Cross-Site Scripting (XSS) reflected in Nosto Summary Reflected Cross-Site Scripting (XSS) vulnerability in /pages/search-results-page in Nosto, which allows remote attackers to execute arbitrary code via the q GET…

📅 2025-06-16 CVSS 5,1
CVE-2025-40727 Medium

Reflected Cross-Site Scripting (XSS) in Phoenix CMS Summary A Reflected Cross Site Scripting (XSS) vulnerability was found in '/search' in Phoenix Site CMS from Phoenix, which allows remote attackers to execute…

📅 2025-06-16 CVSS 5,1
CVE-2025-40675 Medium

Reflected Cross-Site Scripting (XSS) in Bagisto Summary A Reflected Cross-Site Scripting (XSS) vulnerability has been found in Bagisto v2.0.0. This vulnerability allows an attacker to execute JavaScript code in the…

📅 2025-06-09 CVSS 5,1
CVE-2025-40628 Critical

SQL Injection in DomainsPRO Summary SQL injection vulnerability in DomainsPRO 1.2. This vulnerability could allow an attacker to retrieve, create, update and delete databases via the “d” parameter in the “/article.php”…

📅 2025-05-13 CVSS 9,3
CVE-2025-40626 Medium

Reflected Cross-Site Scripting (XSS) in AbanteCart Summary Reflected Cross-Site Scripting (XSS) vulnerability in AbanteCart v1.4.0, that could allow an attacker to execute JavaScript code in a victim's browser by…

📅 2025-05-12 CVSS 5,1
CVE-2025-40627 Medium

Reflected Cross-Site Scripting (XSS) in AbanteCart Summary Reflected Cross-Site Scripting (XSS) vulnerability in AbanteCart v1.4.0, that could allow an attacker to execute JavaScript code in a victim's browser by…

📅 2025-05-12 CVSS 5,1
CVE-2025-1746 Medium

Cross-Site Scripting vulnerability in OpenCart Summary Cross-Site Scripting vulnerability in OpenCart versions prior to 4.1.0. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by…

📅 2025-02-28 CVSS 6,1
CVE-2025-1747 Medium

HTML injection vulnerability in OpenCart Summary HTML injection vulnerabilities in OpenCart versions prior to 4.1.0. These vulnerabilities could allow an attacker to modify the HTML of the victim's browser by sending a…

📅 2025-02-28 CVSS 4,7
CVE-2025-1748 Medium

HTML injection vulnerability in OpenCart Summary HTML injection vulnerabilities in OpenCart versions prior to 4.1.0. These vulnerabilities could allow an attacker to modify the HTML of the victim's browser by sending a…

📅 2025-02-28 CVSS 4,7
CVE-2025-1749 Medium

HTML injection vulnerability in OpenCart Summary HTML injection vulnerabilities in OpenCart versions prior to 4.1.0. These vulnerabilities could allow an attacker to modify the HTML of the victim's browser by sending a…

📅 2025-02-28 CVSS 4,7
CVE-2025-1776 Medium

Cross-Site Scripting (XSS) vulnerability in Soteshop Summary Cross-Site Scripting (XSS) vulnerability in Soteshop, versions prior to 8.3.4, which could allow remote attackers to execute arbitrary code via the ‘query’…

📅 2025-02-28 CVSS 6,1
CVE-2025-1751 Critical

SQL Injection CIGES Summary A SQL Injection vulnerability has been found in Ciges 2.15.5 from ATISoluciones. This vulnerability allows an attacker to retrieve, create, update and delete database via $idServicio…

📅 2025-02-27 CVSS 9,8
CVE-2025-1360 Medium

Internet Web Solutions Sublime CRM HTTP POST Request inicio.php cross site scripting Summary A vulnerability, which was classified as problematic, was found in Internet Web Solutions Sublime CRM up to 20250207. Affected…

📅 2025-02-16 CVSS 5,1
CVE-2024-10332 Medium

A Cross-Site Scripting vulnerability has been found in Janto v4.3r11 from Impronta.

📅 2024-10-24 CVSS 6,1

See the full list on cve.org →

Hall of Fame and acknowledgments

Recognition for responsible disclosure and vulnerability research.

UNESCO
WHO
CERT-EU
CERN
Harvard University
Bayer
U.S. Department of Commerce
Universitetet i Oslo
Ayuntamiento de Madrid
Berlin.de
LG Electronics
Bournemouth University
Utrecht University
NCSC-NL (Dutch Gov)
BASF
EducaMadrid
GovTech Singapore

Certifications earned

Verified technical training in offensive security, red team and appsec.

OSCP
OSWE
OSEP
OSWP
CRTO
CRTP
CRTE
CARTP
CEH
eCPTXv2
eWPTXv2
eCDFP
eCTHP
eMAPT
Methodology

How the academy works

A learning flow designed to build real, reproducible skill step by step.

1

Technical fundamentals

Networking, HTTP/HTTPS, web applications and traffic flow. Without these foundations, offensive techniques are just tricks without context. We start here even if you have experience, to establish shared vocabulary.

2

Enumeration and reconnaissance

How an attacker studies a target before touching anything: surface discovery, endpoint mapping, technology identification and prioritization. Good enumeration saves hours in everything that follows.

3

Hands-on exploitation in labs

Every OWASP Top 10 vulnerability is worked in a real lab: SQL injection, XSS, IDOR, SSRF, path traversal, file upload, deserialization, SSTI... Detection, proof of concept and impact.

4

Validation and evidence

Finding a bug isn't enough: you have to prove it's exploitable and measure impact. We teach you how to build reproducible evidence that holds up in a serious audit.

5

Professional report

From findings to the final document: how to prioritize, describe risk, propose remediation and communicate usefully to both technical teams and business. The deliverable that's expected in the real world.

Who it's for

Who this academy is designed for

Three profiles that fit especially well with the SixHack Academy methodology.

🚀

If you're starting from zero

You've never done ethical hacking and you want to start with solid ground, not with 20 scattered YouTube tutorials.

  • Start with networking and web fundamentals
  • Clear progression with no technical gaps
  • Step-by-step guided labs
🔧

If you're a dev or sysadmin

You already know tech but you've never audited from the other side. Here you learn to break what you build.

  • Learn the applied offensive approach
  • Find flaws you couldn't see before
  • Your code comes out better protected
🎯

If you want to specialize

You already work in cybersecurity but want to go deeper into web hacking and real exploitation techniques.

  • Complex vulnerability chains
  • Real research cases
  • Full professional methodology
FAQ

Frequently asked questions about the academy

What people ask most about the instructor, the methodology and the courses.

Who is behind SixHack Academy?
SixHack Academy is led by Gonzalo Aguilar García (6h4ack), a computer engineer specialized in offensive security and current Head of Cybersecurity at K-LAGAN. He has 67 published CVEs and recognition from organizations including CERN, WHO, UNESCO, Harvard University and the U.S. Department of Commerce.
What makes this offensive cybersecurity academy different?
The content is designed by a researcher with a public, verifiable track record of discovering real vulnerabilities. It's not a course recorded from other courses: it's built from direct experience auditing production applications.
How long does it take to complete a course?
It depends on your level and time commitment. Courses have no deadline: you can move at your own pace, pause, come back and access the labs whenever you need. Access is lifetime.
Is there direct instructor support?
Yes. One of the real advantages of the academy is direct access for questions, feedback on your findings and technical guidance. It's not a pre-recorded video where you're left alone with a blocker.
What topics do the courses cover?
Full offensive cybersecurity: networking fundamentals, HTTP/HTTPS, enumeration and reconnaissance, OWASP Top 10 with its variants (SQLi, XSS, IDOR, SSRF, file upload, path traversal), web exploitation techniques, professional Burp Suite usage, audit methodology and report writing.

Start training in offensive cybersecurity

Browse the catalog, pick your course and start practicing with real labs today.

View courses Try free labs