Where can I learn various hacking techniques on the web?

Question

I would like to try my hand at hacking -- that is, exploiting various website vulnerabilities. Not for any illegal purpose mind you, but so I can have a better understanding and appreciation of these exploits while writing my own web software.

I seem to recall that there was a community that hosted a bunch of demo websites, and you had to find and exploit certain vulnerabilities with each one. I can't remember what it is called but this is the sort of thing I am looking for -- I have read a tonne of little XSS and CSRF examples but have yet to find a real-life hands-on example of one.

Does anyone know of such a place, where I can be given an example page and look for security holes? I would really rather not try this with actual websites, I don't want to break any laws.

score 6 · Accepted Answer · answered Mar 23 '10 at 21:44

6

HackThisSite is a great place to practice the basics of web hacking.

answered Mar 23 '10 at 21:44

Dentrasi

11,325

score 2 · Answer 2 · answered Mar 23 '10 at 21:42

2

http://www.hak5.org/ there are a lot of useful hacking tutorials on that site. very good!

answered Mar 23 '10 at 21:42

jburke

312

score 1 · Answer 3 · answered Mar 23 '10 at 21:51

I can recommend Semtex and I think it is a good match for what you want to do.

From the abstract:

This network is a legal environment where you can learn coding/hacking techniques without destroying anything. You have to solve Semtex 0 to get a username/password for login. Once logged in, you have to make your way from one level to the next, each one containing a small security hole/feature that has been installed for you. Your mission is to find out how to exploit the weakness and to cause interesting behaviour :)

Rules? Well you can do anything you want on this box, code, hack, learn, ... its all there for gaining knowledge.

Where can I learn various hacking techniques on the web?

3 Answers3