5 sites to learn how to ethically hack

If you are an ethical hacker and want to test your skills, check out these five sites that provide you with a sandbox to log in and try to hack them legally.

1. Google Gruyere
The Google Gruyere is Google's attempt to get into the world of hacking. The Google Gruyere website is full of holes and so is using it the word "Gruyer" (gruyere), which is a Swiss cheese. Even the has a cheese themed wallpaper in the background!

Once you get started, Google Gruyere will give you some challenges to run. It has a deliberately weak and vulnerable code to exploit. The problems underline these weak areas and give you a goal to accomplish.

If you are stuck on how to complete a challenge, don't worry. Each mission comes with some tips to help you move in the right direction. If you still can't move on, you can look at the solution and apply it yourself to get a sense of how this hack works.

2. HackThis
The site HackThis, is trying to give you a "real" mission.

It has a wide variety of challenges in different categories. There are fundamental challenges and difficult challenges to try, depending on your skill level. If you want to try disabling plain CAPTCHA codes, there is an entire section for that.

There is even a "real" category that includes fun fictional scenarios where you have to hack a website for your customer.

The best part about HackThis is the hints it offers. Each puzzle has a special tips page where you can talk to forum members and discuss where you are wrong. Members will never give you the solution so you can understand for yourself what you need to do.

3. bWAPP
While hacking sites are useful, there are some bugs and some exploits that they can't cover. For example, these sites may not ask you for challenges that would result in you downloading the site itself. If they did, no one else would be there later!

Ως εκ τούτου, είναι καλύτερα να επιχειρήσετε μία καταστροφική σε έναν δικό σας server που έχετε δημιουργήσει εσείς, έτσι ώστε να μην κάνετε ζημιά σε ιστοσελίδες άλλων ανθρώπων. Αν ενδιαφέρεστε για αυτό το σκέλος της πειρατείας, δοκιμάστε την buggy web application (bWAPP).

The main feature of the bWAPP application is the huge number of errors. It has over 100 errors, ranging from DDoS vulnerabilities to Heartbleed vulnerabilities Bugs in HTML5 ClickJacking. If you want to know about a particular vulnerability, there is a good chance you can find it at bWAPP.

When you want to try it, download it for free and run it on which you have set a goal. Once it's running, you can launch attacks without worrying about some pesky webmaster trying to stop you.

4. OverTheWire
The OverTheWire features wargames and warzones with the most advanced hacking attacks. Wargames are unique hacking scenarios, usually with little history, to be more plausible. Wargames can be a competitive event between hackers, either as a race or as an attacker on each other's servers.

While this may sound complicated and scary, don't worry. The site still has courses ranging from the basics to the more advanced . It requires a Secure Shell (SSH) connection, so be sure to learn SSH if you want to try OverTheWire. Fortunately, there are easy ways to configure SSH in Windows, so it shouldn't be too big of an obstacle.

OverTheWire has three main uses. First, you can play through small ones with increasing difficulty, to learn how to hack. Once you gain some skill, you can download wargames with unique backstories for a more immersive experience.

There is also Warzone, which is a dedicated network, designed to work exactly like an IPV4 Internet. The they can place sensitive devices on this network and others can use them to practice their piracy skills.

At the time of writing this article, there is an exercise that replicates his hack Kevin Mitnick at Tsutomu Shimomura, 1995. Now you can put yourself in Mitnik's position and see if you can break the safety yourself!

5. Hack This Site
Another site that invites you to is Hack This Site and is an amazing source of learning. It ranges from beginner-oriented courses to dedicated phone hosting s for phone phreak attacks.

Some of the missions have a short story to keep you interested in the lessons. For example, users in the basic lesson will join Network Security Sam. Sam is a man who stubbornly refuses to save the code on his website, so he has to remember it. But every time you break his security and discover his code, he adds more security to his website.

"Realistic" exercises are also enjoyable. These are fake websites created to teach you to hack with a specific goal. They range from hitting a voting system to put someone first on the preference list or delete the of some spiritual people, such as poets, etc.

Each puzzle comes with a special thread in the forums where you can get help. Problems and discussions have been around for a long time, and users have posted a lot of useful information. Again, no one will tell you clearly the solution to every challenge. But if you are willing to do some , you will find their tips quite useful to solve the puzzle.

Do these sites promote illegal piracy?
As you browse through these websites, you may realize that various malicious people can use exactly the same, malicious skills. For example, some of the "realistic" missions are intended to break a library system or voting website for the best music band. It is easy to assume that these websites train the scammers to become better at their jobs.

The truth is, if these sites did not exist, hacker scammers could get relevant lessons and help from Dark web. Meanwhile, website developers, the people who need to learn hacking techniques to protect themselves, have a chance to learn and try these hacking techniques.

It's like a knife. In the hands of a surgeon he performs miracles, while in the hands of a robber he becomes a deadly tool. Therefore, by publishing this information, it gives developers the practice they need to secure their websites.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.

Written by Dimitris

Dimitris hates on Mondays .....

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).