Skip to main content

Useful Online Resources for New Hackers

  • March 8th , 2016

Image from The Waiting Room, Episode 3 by Bat in the Sun

HackerOne likes to spend time talking to active hackers and people who are interested in learning how to hack. Just last week, a hacker in his early teens was awarded his first bounty. The best part: he taught himself to hack by reading public disclosure reports on HackerOne. Many of the best hackers are self-taught and this is one of the truly unique aspects of this skillset.

Hackers not only make the Internet safer, they can earn monetary rewards, or bounties ($$$), for their work. You can even turn security work you do in your spare time into a full fledged career. Imagine being a security consultant for a video game company, or prevent attackers from disrupting your favorite social network or apps on your phone.

Hackers have the opportunity to help protect organizations like General Motors, Twitter, Vimeo, Square, HackerOne and soon even the Pentagon.

Getting Started Is Easier Than You May Think

Many developers and younger people don't realize they often have a hacker skillset already! The best hackers are curious and find clever ways around obstacles in systems. The good news? There is a huge knowledge base out there to help you.

Here are a few quick free resources that you may find useful. The material ranges from technical, to ethical consideration, and even tools. By utilizing one (or all) of these offerings you can help increase your hacking knowledge.

Cybrary
Cybrary offers a broad based free platform for cyber security training. It's a great place to start even if you already have some knowledge.

https://www.cybrary.it/

Hackers Online Club
Hackers Online Club also has a similar offering that goes even further in discussing many forensic and security tools with an eye towards the ethical concepts of hacking.

http://www.hackersonlineclub.com/online-ethical-hacking-training/

Bug Hunter University
Google's Bug Hunter University is another great resource that was created by the Google Security Team. It is particularly good for use in creating great vulnerability reports.

https://sites.google.com/site/bughunteruniversity/

HackerOne Public Disclosures

There's no better resource than actually looking at closed reports. To that end HackerOne and our customers strive to make our best examples public. You can find a list of HackerOne publicly disclosed reports here:

http://h1.nobbd.de/

Damn Vulnerable Web Application (DVWA)
DVWA is a PHP/MySQL web application that is damn vulnerable designed to help security professionals test their skills and tools in a legal environment and help web developers better understand the processes of securing web applications.

http://www.dvwa.co.uk/

Additional Resources

At HackerOne, everyday we see the benefits that hacking provides in making us all safer online. We believe these resources can help you expand your knowledge about the field and contribute!

If you're a hacker and recommend other resources, please send it to hackers@hackerone.com. I will update the blog post as new ones come in that people find helpful.

Recent articles

Bug Bounty Field Manual: The Definitive Guide for Planning, Launching, and Operating a Successful Bug Bounty Program

H1-415 Hackathon Delivers to Customers, Community, and Hackers

Just a few short weeks ago, an elite group of hackers huddled in conference rooms in a San Francisco high-rise…

Introducing CWE-based Weaknesses

HackerOne updated their vulnerability taxonomy to include a more complete weakness suite based on the industry-…