Hack.me – Build, Host & Share Vulnerable Web Application Code


Hack.me is a FREE, community based project powered by eLearnSecurity. The community allows you to build, host and share vulnerable web application code for educational and research purposes.

It aims to be the largest collection of “runnable” vulnerable web applications, code samples and CMS’s online. The platform is available without any restriction to any party interested in Web Application Security: students, universities, researchers, penetration testers and web developers.

Hack.me - Build, Host & Share Vulnerable Web Apps

Features

  • Upload your own code
  • Online IDE for PHP & MySQL
  • Your code hosted in the cloud
  • FREE!!
  • Practice webapp security
  • Isolated enviroment
  • Online: nothing to download!

Safety

Every time you run a new Hackme the site will initiate a new sandbox for you. You will get isolated access to it so that you will always know that the application is safe for you to use. No other students can add malware or exploits in your sandbox. This ensures 99% safety.

What about the 1%? While the team makes the best effort to moderate every and each new web app uploaded on Hack.me, chances are that something can and will slip through. If you are not 100% comfortable to trust us or the Hackme developer, please just run new Hackmes from a virtual machine or from a non production OS.

We have written about a variety of web apps where you can practice your hack-fu such as:

So head over to hack.me and see what you think:

https://hack.me/

Posted in: Advertorial, Exploits/Vulnerabilities, Secure Coding, Web Hacking

, , , ,


Latest Posts:


tko-subs - Detect & Takeover Subdomains With Dead DNS Records tko-subs – Detect & Takeover Subdomains With Dead DNS Records
tko-subs is a tool that helps you to detect & takeover subdomains with dead DNS records, this could be dangling CNAMEs point to hosting services and more.
Arcane - Tool To Backdoor iOS Packages (iPhone ARM) Arcane – Tool To Backdoor iOS Packages (iPhone ARM)
Arcane is a simple script tool to backdoor iOS packages (iPhone ARM) and create the necessary resources for APT repositories.
SharpHose - Asynchronous Password Spraying Tool SharpHose – Asynchronous Password Spraying Tool
SharpHose is an asynchronous password spraying tool in C# for Windows environments that takes into consideration fine-grained password policies and can be run over Cobalt Strike's execute-assembly.
Axiom - Pen-Testing Server For Collecting Bug Bounties Axiom – Pen-Testing Server For Collecting Bug Bounties
Project Axiom is a set of utilities for managing a small dynamic infrastructure setup for bug bounty, basically a pen-testing server out of the box with 1-line.
Quasar RAT - Windows Remote Administration Tool Quasar RAT – Windows Remote Administration Tool
Quasar is a fast and light-weight Windows remote administration tool coded in C#. Used for user support through day-to-day administrative work to monitoring.
Pingcastle - Active Directory Security Assessment Tool Pingcastle – Active Directory Security Assessment Tool
PingCastle is a Active Directory Security Assessment Tool designed to quickly assess the Active Directory security level based on a risk and maturity framework.


Comments are closed.