Hacker-powered security leader now offers web hacking courses with replicated real-world bugs to help educate the next generation of hackers
Singapore, @mcgallen #microwireinfo, December 5, 2018 — HackerOne, the leading hacker-powered security platform, today announced the expansion of its free online hacker training program, Hacker101 through a partnership with interactive cybersecurity training company HackEDU. Hacker101 is giving away the first of its kind sandboxed training environments, modeled after five real-world vulnerability reports. HackerOne and HackEDU are committed to empowering the hacker community by providing access to world-class training materials. The new HackEDU-developed vulnerability sandboxes are the latest in their interactive coursework available to hackers and join existing Hacker101 interactive content, coursework and capture the flag (CTF) challenges.
The first five featured vulnerability sandboxes were inspired by some of the most popular publicly disclosed reports on HackerOne’s Hacktivity. With over 6,000 vulnerability reports listed, Hacktivity is the world’s largest public activity feed of vulnerabilities found, rewarded, resolved and disclosed. The five sandboxes available feature the following replicated vulnerabilities:
- Clickjacking vulnerability that can be used to create a worm
- XXE vulnerability that can be exploited to steal files
- Remote code execution (RCE) vulnerability on a server
- SQL injection attack using sqlmap that steals data
- XSS attack that causes a user to send you data without their knowledge
These latest Hacker101 training environments were designed and developed by HackEDU for hackers or developers interested in practicing real-world hacking techniques in a safe and legal environment. Since HackerOne’s Hacker101 launched in January 2018, thousands of individuals have become better hackers by participating in the free challenges and coursework.
“Hacking is a highly sought after skill, but it is not always clear how to get started or advance to the next level. This is why we started Hacker101,” said Cody Brocious, HackerOne security researcher and Head of Hacker Education. “Now with HackEDU’s sandboxes and interactive lessons, hackers can test their skills like never before. With simulated real-world bugs — originally discovered by top bug hunters in the community — you will learn something new with these latest sandboxes, no matter your skill level.”
“HackEDU is proud to offer real-world applications with real-world vulnerabilities found on HackerOne’s platform,” said Jared Ablon, HackEDU’s CEO. “With this addition to HackEDU’s current offerings, users can explore how vulnerabilities manifest themselves in applications that people use everyday which enhances the learning process for both attackers and defenders.”
Hacktivity Sandboxes are now available along with HackEDU’s other current content offerings of both public vulnerabilities and Secure Development Training. All of these courses are now available for tailoring programs for software developers, security champions, and application security professionals.
New HackerOne Private Program Invites From Hacker101 CTF Flags
Hacker101 recently introduced the Hacker101 CTF as a new way for hackers to apply their skills to real-world challenges. Now finding flags in the CTF will now allow hackers to directly earn invitations to ongoing private customer bug bounty programs on HackerOne. Since the launch, nearly 9,000 hackers have participated in the CTF and found over 22,000 flags. For the latest updates on Hacker101, check out the blog: https://www.hackerone.com/blog
With over 250,000 hackers registered, HackerOne hosts the world’s largest community of trusted hackers. These hackers have earned more than $40M USD in bounties for reporting over 100,000 security vulnerabilities to HackerOne’s more than 1,200 customer programs, including the U.S. Department of Defense, Github, Spotify, General Motors, Starbucks and Coinbase. To start hacking today visit https://www.hackerone.com/start-hacking.
The world needs hackers now more than ever. Approximately 4.5 billion records were lost or stolen in the first six months of 2018 as a result of 945 breaches worldwide, according to recent research. By working with hackers to find unknown vulnerabilities, organizations are safely fixing security issues reported by the hacker community before they can be exploited.
HackerOne is the #1 hacker-powered security platform, helping organizations find and fix critical vulnerabilities before they can be exploited. More Fortune 500 and Forbes Global 1000 companies trust HackerOne than any other hacker-powered security alternative. The U.S. Department of Defense, General Motors, Google, Twitter, GitHub, Nintendo, Lufthansa, Panasonic Avionics, Qualcomm, Starbucks, Dropbox, Intel, the CERT Coordination Center and over 1,200 other organizations have partnered with HackerOne to resolve over 86,000 vulnerabilities and award over $40M in bug bounties. HackerOne is headquartered in San Francisco with offices in London, New York, the Netherlands, and Singapore. For a comprehensive look at the industry based on the largest repository of hacker reported vulnerability data, download the The Hacker-Powered Security Report 2018.
HackEDU provides best in class interactive cybersecurity training by teaching both offensive and defensive techniques, offering safe & legal environments for real exploration, and effectively lowering barriers to learn security. Hundreds of customers trust HackEDU to train their software developers, engineers, and IT personnel to write safer code through hands-on secure coding training. For a look at HackEDU’s training offerings visit Secure Development Training.