Want to learn web application hacking on the fly? What if there is a platform that has almost all the vulnerable web apps for you to test, play and research about web application security? What if you don't have to pay a single dime for this application? What if you don't have to worry about running vulnerable web apps in your own machine and get hacked by others while you are learning to hack? Well, wait no more as the platform is here.
Well as we know there are websites such as hack-me.org or wablab.com for you to learn about hacking. But as we know it is all web based and shared among few other hundred users who are in the verge of learning about web security flaws as well. However, Hack-Me is a bit different. It has the platform, you choose which vulnerable web app that you want to play around for example, maybe Mutillidae and once you click Run, Hack-Me would create an individual private sandbox for you with a specific URL and you can use all the tools in the world to play around it. Unless you share that particular sandbo url with anyone, you will be the sole person who will be using it with no interference. Cool eh! That's what makes it different from other web hacking platform that are out there. Kudos eLearnSecurity for this brilliant idea.
The feature does not stop there. If at all you have your own vulnerable web app that you feel worth sharing, or you wanted to share a vulnerable web app that you found in the Net, Hack-Me gives you the privilege to upload those file and create a new vulnerable web app in their server. How cool is that. I have not tried the functionality yet but I feel it won't be that hard to achieve that as well. A complete video on how to do that is described when one of the founder of Hack-Me, Armando Romeo presented it at OWASP APPSEC USA New York 2013 (Link given below).
I have tried Mutillidae Web App in this platform and it works like a charm. I am still exploring and sharing the word around about this new platform. Well Hack-Me is still in its beta stage and the developers & community are really working very hard to give the best for IT security lovers. I have no any kind of affiliation with eLearnSecurity or whatsoever (in case you are wondering why am I talking about them so much) but hey it's not that bad to compliment some things that are done and available for free to the public with a good intention right. Well this is just an information sharing session. Well that's all from me. Try it out (Link fo the website will be given below) and let me know how is it. Follow me in Twitter at @SecurityBazinga. Share my blog if you feel it's worth sharing. Till next post. Take Care folks!
Links
No comments:
Post a Comment