GOOD HACKING WEBSITE TO HELP YOU

Viewing 10 reply threads
  • Author
    Posts
    • #6625
      CTRLS
      Participant

      This website will help you figure out how advanced you in your hacking abilities. If your a new to hacking the website can really help you out alot, currently iv been testing myself with this site so just give it a try

      Hackthissite.org <


      this is the website

    • #41151
      MaXe
      Participant

      @CTRLS wrote:

      This website will help you figure out how advanced you in your hacking abilities. If your a new to hacking the website can really help you out alot, currently iv been testing myself with this site so just give it a try

      Hackthissite.org <


      this is the website

      That website will not help you to become a hardcore hacker. The challenges are okay, and nice for beginners, but often not _very_ realistic. (I often use 0days in Web Applications, where I may have to create a duplicate of the target, and make it as realistic as possible and of course anticipate various security controls.)

      If you want something hard, go for Cracking the Perimeter by Offensive Security and do the OSCE test. That will measure “how advanced” you are in your hacking abilities. Same with OSCP. If you can complete OSCP, you’re a hacker, if you can complete OSCE, you’re quite good imho. (The exam requires a high amount of creativity, skill, and pain resistance.)

      For beginners, there’s a lot better resources. The reason why I say that, is because A LOT of these challenges are way too unrealistic, such as but not limited to various “Cyber Challenges”, offered by a large amount of companies and organizations each year to find potential pentesters.

      So what are the better (free) resources?  If you’re going into “website hacking” aka Web Application Security:
      1) Learn all the fundamentals such as: HTML, CSS and basic JavaScript.
      2) Learn PHP or ASP (or any other server language that serves websites, but PHP is often the easiest and most used choice.)
      3) Learn how to find vulnerabilities in PHP code, write vulnerable code yourself, exploit it, write a patch, enjoy.
      4) Download various web applications, preferably not widely used ones as they are often more secure. Install these, fuzz them or review the code and find 0days in them.
      5) Use that knowledge responsibly. It’s that simple, but it takes time to become good at it.

      If you just want resources, try the forums at intern0t.net, the Metasploit Unleashed project by Offensive Security, and SecurityTube. HackThisSite has indeed existed for a very long time, and so has Myspace, that doesn’t mean it is realistic to use.  No offense intended to any parties.

    • #41152
      CTRLS
      Participant

      Well sorry i was only trying to help :

    • #41153
      impelse
      Participant

      @CTRLS wrote:

      Well sorry i was only trying to help :

      CTRLS, please do not feel sorry, the site that you mention is ok (I used in the past), the thning is that normally when somebody suggest a site other people wants to know about that site and how to progrees in the ethical hacker arena. So MaXe try to give more info

    • #41154
      MaXe
      Participant

      @CTRLS wrote:

      Well sorry i was only trying to help :

      No need to be sorry, I was just sharing my opinion about the quality of that website, compared to other resources, that would probably benefit beginners in web application security a lot more.  😉

      @impelse wrote:

      So MaXe try to give more info

      Here’s more of the same info I posted right above.

      So what are the better (free) resources?  If you’re going into “website hacking” aka Web Application Security:
      1) Learn all the fundamentals such as: HTML, CSS and basic JavaScript.
      2) Learn PHP or ASP (or any other server language that serves websites, but PHP is often the easiest and most used choice.)
      3) Learn how to find vulnerabilities in PHP code, write vulnerable code yourself, exploit it, write a patch, enjoy.
      4) Download various web applications, preferably not widely used ones as they are often more secure. Install these, fuzz them or review the code and find 0days in them.
      5) Use that knowledge responsibly. It’s that simple, but it takes time to become good at it.

      If you just want resources, try the forums at intern0t.net, the Metasploit Unleashed project by Offensive Security, and SecurityTube. HackThisSite has indeed existed for a very long time, and so has Myspace, that doesn’t mean it is realistic to use.  No offense intended to any parties.

    • #41155
      CTRLS
      Participant

      alright i just thought you were trying to talk shit or put me down….i was just trying nto help other

      hey do you know any website sites where i could download the language C

    • #41156
      Quote
      Participant

      Hey there, what is your opinion of the following sites?

      http://www.overthewire.org/wargames/
      http://smashthestack.org/faq.php
      http://osix.net

      The former two have SSH wargames, and I was wondering how similar they were to Offensive Security’s offerings. OSIX is a little more of a mainstream hacker game, with more coding and reverse engineering, and a bit of steganalysis. Also, they’re bringing back Cyberarmy.

      Anyway, I’m looking to enter the pen testing industry and would like to know about any other good kind of playgrounds like these.

    • #41157
      MaXe
      Participant

      @Quote wrote:

      Hey there, what is your opinion of the following sites?

      http://www.overthewire.org/wargames/
      http://smashthestack.org/faq.php
      http://osix.net

      The former two have SSH wargames, and I was wondering how similar they were to Offensive Security’s offerings. OSIX is a little more of a mainstream hacker game, with more coding and reverse engineering, and a bit of steganalysis. Also, they’re bringing back Cyberarmy.

      Anyway, I’m looking to enter the pen testing industry and would like to know about any other good kind of playgrounds like these.

      Tough challenges, but no bad opinions!  ;D

      If you want something fun, look out for challenges by Offensive Security:
      http://www.information-security-training.com/blog/
      http://www.offensive-security.com/blog/

      And perhaps more HaXx.Me’s will be coming soon:
      http://forum.intern0t.net/intern0t-contests/

      (You can watch some of the solution videos at http://intern0t.blip.tv )

    • #41158
      rattis
      Participant

      Personally, what I use (and try to abuse) to build my skills:
      Damn Vulnerable Web App (maintained one of the forum members)
      Damn Vulnerable Linux
      OWASP
      De-ICE

      There is another one I came across for web apps, I remember it was a collection with one being a Bank. I think I came across it In Hacking Exposed Web Apps, but I can’t remember what it was called.

    • #41159
      MaXe
      Participant

      @chrisj wrote:

      There is another one I came across for web apps, I remember it was a collection with one being a Bank. I think I came across it In Hacking Exposed Web Apps, but I can’t remember what it was called.

      HackMe 😉

      List of more similar good apps:
      – HackMe Bank
      – MackMe Books
      – WebMaven
      – WebGoat

      WebGoat is made by Owasp and is quite good, however at some points, not 100% realistic and it could work better, but overall it’s quite good.  🙂

    • #41160
      Quote
      Participant

      Thanks, guys! This should keep me busy.

Viewing 10 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2021 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?