Hacking without going to jail !


You ever wondered how breaking into computers feels? according to TV . . .

Hmmm.. nop, you got it so wrong again Hollywood!

Many finish university with a degree and all the foundations required to be great security engineers. Either you want to start a career as a Penetration Tester or you are a Developer and want to expand yourself more about security or simply because you are curious enough then you should try some of the following. The following is selection of projects that designed vulnerable applications to demonstrate security vulnerabilities that are common in the wild, usually in their simplest form penetration easy and some practical examples of vulnerabilities in their simplest found.

1. Webgoat

After OWASP Webgoat 5.0, the newly released version offers a more user-friendly interface and an almost complete selection of security topics in web application secure coding. In addition no installation is required, code is compressed in .jar format and can be run through java.

Vulnerabilities : OWASP Top 10
Tips : Yes
Solutions : No
Project: owasp.org/index.php/Category:OWASP_WebGoat_Project
Format: .jar
Download: github.com/WebGoat/WebGoat-Legacy/releases

Quick Start:

java -jar WebGoat-6.1.0-exec-war.jar

2. Damn Vulnerable Web Applications (DVWA)

Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and aid teachers/students to teach/learn web application security in a class room environment.

Vulnerabilities : OWASP Top 10
Tips : Yes
Solutions : No
Project: owasp.org/index.php/OWASP_Vulnerable_Web_Applications_Directory_Project
Format: PHP/SQL
Download: github.com/RandomStorm/DVWA

Quick Start:

The easiest way to install DVWA is to download and install 'XAMPP' if you do not already have a web server setup. 

XAMPP can be downloaded from: www.apachefriends.org/en/xampp.html

Simply unzip dvwa.zip, place the unzipped files in your public htm folder, 
then point your browser to

Continue reading