Useful Online Resources for New Hackers
Image from The Waiting Room, Episode 3 by Bat in the Sun
HackerOne likes to spend time talking to active hackers and people who are interested in learning how to hack. Just last week, a hacker in his early teens was awarded his first bounty. The best part: he taught himself to hack by reading public disclosure reports on HackerOne. Many of the best hackers are self-taught and this is one of the truly unique aspects of this skillset.
Hackers not only make the Internet safer, they can earn monetary rewards, or bounties ($$$), for their work. You can even turn security work you do in your spare time into a full fledged career. Imagine being a security consultant for a video game company, or prevent attackers from disrupting your favorite social network or apps on your phone.
Getting Started Is Easier Than You May Think
Many developers and younger people don't realize they often have a hacker skillset already! The best hackers are curious and find clever ways around obstacles in systems. The good news? There is a huge knowledge base out there to help you.
Here are a few quick free resources that you may find useful. The material ranges from technical, to ethical consideration, and even tools. By utilizing one (or all) of these offerings you can help increase your hacking knowledge.
Cybrary offers a broad based free platform for cyber security training. It's a great place to start even if you already have some knowledge.
Hackers Online Club
Hackers Online Club also has a similar offering that goes even further in discussing many forensic and security tools with an eye towards the ethical concepts of hacking.
Bug Hunter University
Google's Bug Hunter University is another great resource that was created by the Google Security Team. It is particularly good for use in creating great vulnerability reports.
HackerOne Public Disclosures
There's no better resource than actually looking at closed reports. To that end HackerOne and our customers strive to make our best examples public. You can find a list of HackerOne publicly disclosed reports here:
Damn Vulnerable Web Application (DVWA)
DVWA is a PHP/MySQL web application that is damn vulnerable designed to help security professionals test their skills and tools in a legal environment and help web developers better understand the processes of securing web applications.
At HackerOne, everyday we see the benefits that hacking provides in making us all safer online. We believe these resources can help you expand your knowledge about the field and contribute!
If you're a hacker and recommend other resources, please send it to firstname.lastname@example.org. I will update the blog post as new ones come in that people find helpful.