Hack.me is a FREE community project powered by eLearnSecurity. The community can create, host, and share code from vulnerable web applications for educational and research purposes.
It aims to be the largest collection of vulnerable “executable” web applications, code samples, and online CMS. The platform is available without any restriction to any party interested in the security of web applications: student universities pentesting testers, Internet site developers, etc..
Hack.me is not a virtual lab. It’s not a place where you learn an app or an environment. There is also no software you download. And finally, it’s not a hacking platform. It’s a test.
Exploring the examples of hack.me
Users can run and practice offensive techniques against vulnerable new web applications provided by the community. Users will be able to practice the OWASP Top 10, testing CMS vulnerabilities, verifying the latest exploits. Vulnerable web applications, called hackmes, run in a sandboxed, user-isolated environment provided by the Coliseum Framework.
By clicking on Explore we will see a series of projects that exploit various security flaws and that we can test.
The page has a number of projects performed by users where you try to show vulnerabilities. It contains challenges about file inclusion, file upload, SQL injection, code injection, and more. First we have to create a sandbox.
If you work on Wordpres you can search for vulnerabilities in this content manager. When you click and type wordpress in the search box and find the following:
Creating a sandbox
A sandbox is a demilitarized zone in which we can test our hacker techniques. It is a mechanism to run programs safely and separately without implications on others. A room for us to test and destroy everything we want without causing damage.
Learn more at https://hack.me. Now is your turn and use your hacker skills.