Hacker-powered security leader now offers web hacking courses with replicated real-world bugs to help educate the next generation of hackers
SAN FRANCISCO-- December 4, 2018 --HackerOne, the leading hacker-powered security platform, today announced the expansion of its free online hacker training program, Hacker101 through a partnership with interactive cybersecurity training company HackEDU. Hacker101 is giving away the first of its kind sandboxed training environments, modeled after five real-world vulnerability reports. HackerOne and HackEDU are committed to empowering the hacker community by providing access to world-class training materials. The new HackEDU-developed vulnerability sandboxes are the latest in their interactive coursework available to hackers and join existing Hacker101 interactive content, coursework and capture the flag (CTF) challenges.
The first five featured vulnerability sandboxes were inspired by some of the most popular publicly disclosed reports on HackerOne’s Hacktivity. With over 6,000 vulnerability reports listed, Hacktivity is the world’s largest public activity feed of vulnerabilities found, rewarded, resolved and disclosed. The five sandboxes available feature the following replicated vulnerabilities:
- Clickjacking vulnerability that can be used to create a worm
- XXE vulnerability that can be exploited to steal files
- Remote code execution (RCE) vulnerability on a server
- SQL injection attack using sqlmap that steals data
- XSS attack that causes a user to send you data without their knowledge
These latest Hacker101 training environments were designed and developed by HackEDU for hackers or developers interested in practicing real-world hacking techniques in a safe and legal environment. Since HackerOne’s Hacker101 launched in January 2018, thousands of individuals have become better hackers by participating in the free challenges and coursework.
“Hacking is a highly sought after skill, but it is not always clear how to get started or advance to the next level. This is why we started Hacker101,” said Cody Brocious, HackerOne security researcher and Head of Hacker Education. “Now with HackEDU’s sandboxes and interactive lessons, hackers can test their skills like never before. With simulated real-world bugs -- originally discovered by top bug hunters in the community -- you will learn something new with these latest sandboxes, no matter your skill level.”
“HackEDU is proud to offer real-world applications with real-world vulnerabilities found on HackerOne’s platform,” said Jared Ablon, HackEDU’s CEO. “With this addition to HackEDU’s current offerings, users can explore how vulnerabilities manifest themselves in applications that people use everyday which enhances the learning process for both attackers and defenders.”
Hacktivity Sandboxes are now available along with HackEDU’s other current content offerings of both public vulnerabilities and Secure Development Training. All of these courses are now available for tailoring programs for software developers, security champions, and application security professionals.
New HackerOne Private Program Invites From Hacker101 CTF Flags
Hacker101 recently introduced the Hacker101 CTF as a new way for hackers to apply their skills to real-world challenges. Now finding flags in the CTF will allow hackers to directly earn invitations to ongoing private customer bug bounty programs on HackerOne. Since the launch, nearly 9,000 hackers have participated in the CTF and found over 22,000 flags. For the latest updates on Hacker101, check out the blog: https://www.hackerone.com/blog.
With over 250,000 hackers registered, HackerOne hosts the world’s largest community of trusted hackers. These hackers have earned more than $40M in bounties for reporting over 100,000 security vulnerabilities to HackerOne’s more than 1,200 customer programs, including the U.S. Department of Defense, Github, Spotify, General Motors, Starbucks and Coinbase. To start hacking today visit https://www.hackerone.com/start-hacking.
The world needs hackers now more than ever. Approximately 4.5 billion records were lost or stolen in the first six months of 2018 as a result of 945 breaches worldwide, according to recent research. By working with hackers to find unknown vulnerabilities, organizations are safely fixing security issues reported by the hacker community before they can be exploited.