Dimension scores are derived from public data and fields; weighted into the composite. Reference only.
hackxor is a Web application hacking practice game designed to help players of different skill levels improve their security skills. The site lists multiple missions, such as Balance Check, Asset Management, CTRL+Z, and Firewall Bypass, with details including rewards, clients, required experience, and release dates. Its core appeal is that the missions are based on real vulnerabilities personally discovered by creator albinowax during penetration testing, bug bounty work, and security research. As a result, it feels more like a realistic target range than a traditional recorded course.
The subject matter focuses on Web application security, penetration testing, bug bounties, and vulnerability research. The teaching format does not appear to involve live classes, recorded videos, or 1-on-1 instruction; instead, users explore online missions independently. Mission difficulty ranges from None and Basic to Moderate, Extensive, and Researcher, covering everyone from beginners to more advanced researchers. The site uses instance isolation: each player gets an independent instance, so their actions do not affect others. Instances can also be shared via invitation links, which is helpful for security practice.
In terms of pricing, the author clearly states that the plan is to keep hackxor free forever. No paid plans or payment methods are currently mentioned, and there is no certification, completion certificate, or career training endorsement. If traffic grows in the future, operations may be supported through recruitment ads from security companies. For learners with limited budgets who value hands-on practice, this is a clear advantage; however, if you need certificates, course proof, or enterprise training delivery, the available information is insufficient.
The strengths are that it is free, driven by real-world vulnerabilities, offers difficulty tiers, and uses independent instances to reduce the risk of disruption. It is well suited for training independent analysis, exploitation skills, and Web security thinking. The drawbacks are also clear: the main content does not show a structured learning path, instructor explanations, video courses, Q&A community, or customer support. The FAQ also says players are discouraged from publishing writeups, which may reduce the availability of public learning materials. Automated scanning is not required; if used, it should be limited to one request per second.
hackxor is better suited to Web security learners, CTF players, penetration testing trainees, and beginner bug bounty hunters who already have some English reading ability and are willing to learn through hands-on challenges. It is less suitable for people who want chapter-based lessons, Chinese-language explanations, certificates, or mentor guidance. The main content does not specify access from China, network stability, or payment methods; since it is free, payment is not involved. It can serve as a supplementary practice platform alongside PortSwigger Web Security Academy, Hack The Box Academy, TryHackMe, and similar services.
⚠ This review is compiled from public sources and does not constitute a purchase recommendation. Verify all facts on the vendor's official site. Verify on hackxor.net official site.
hackxor.net is an Unknown pentest provider. TG4G tracks its product information, an overall rating of 6.0/10, and a China-accessibility score of China direct-connect friendly. Click "Visit Official Site" to reach hackxor.net directly.