Top 5 Places to Practice Ethical Hacking

The practice is essential for mastery of an art. Hacking is mostly an art since it’s more about how you use the tools you know and less about how many tools you know. While it might be easy to get a basic idea of what a certain technique is about during introductory phases, getting comfortable with that technique is highly improbable without hands-on practice.

Top-5-Places-to-Practice-Ethical-Hacking

The majority of ethical hacking skills can be practiced with a decent computer and an internet connection only. Some of the skills may require additional hardware like adapters and controllers. For example, WiFi hacking on Virtual Machine will require an external WiFi adapter. Similarly, RFID hacking will require an appropriate RFID kit with the scanner and key cards.

Setting up a system for practicing will require download and installation of tools. To setting up your virtual lab for practicing ethical hacking, go through this Article.

1. PortSwigger’s Web Security Academy Labs



You must have heard of BurpSuite, the tool used for penetration testing of web applications. The developers of BurpSuite now provide free of cost online training in web application security. The training contains tutorials and labs on almost every vulnerability commonly found in modern web applications. Once you are good enough, you can compete with others in solving a newly added challenge before others. They have a HOF for expert hackers and provide swag for top performers.

2. HackTheBox

HackTheBox is a collection of vulnerable applications called “machines”. Each of the machines is unique and contains a set of vulnerabilities, the hacker has to compromise it and gain the required privileges. The good thing about HTB is that a large number of machines are already there for practice and walkthrough tutorials are available in case you are stuck. New ones are added regularly containing most recently found vulnerabilities. The free version offers access to “live” machines only, old machines and walkthroughs are available on a paid subscription.

3. HackThisSite:

This one is very famous among hackers, probably because its founder got arrested for illegal cyber activities. The negative fame has helped well in marketing HackThisSite without significant efforts. HackThisSite is versatile. The hacking challenges on this site are called “missions” and are classified like:

  • Basic missions
  • Realistic missions
  • Application missions
  • Programming missions
  • Phone phreaking missions
  • Javascript missions
  • Forensic missions
  • Extbasic missions
  • Stego missions
  • Irc missions

As quoted on hackthissite.org, “You should Tune in to the hacker underground and get involved with the project”.

4. PentesterLab

One of the biggest platforms for web application security, PnetesterLabs hosts tutorials and labs on a very wide range of vulnerabilities of the web. But its quality content costs more than a decent sum. We advise you to keep checking the website for promos, as the courses can be grabbed at as little as 25% of the original price during certain promo events. PentesterLab has exercised on XSS, SQLi, XXE, CSRF, SAML related vulnerabilities, cross-site leakage, and many more.

5. HellBound Hackers

The name sounds badass, and the site lives to its name. It has articles, tutorials, hacking challenges, and a forum. You can practice web hacking, email tracking, software cracking, encryption challenges(which are decryption challenges), steganography, and even social engineering. Hell Bound Hackers have been under controversy for allegedly distributing “hacking tools”. However, this page on their site clarifies that they are providing security-related material in a legal manner.

Bonus:

Vulnhub is the hub of vulnerable virtual machines. It indexes intentionally vulnerable machines created by experts from different places. The vulnerable VMs are downloadable and can be installed on your VM hosting platform. VulnHub is popular because of its high quality and real-world application based VMs. VulnHub is diverse, as it hosts VMs based on banking web apps to basic level CTFs.

My Personal Notes arrow_drop_up

https//wwwtechwormnet

If you like GeeksforGeeks and would like to contribute, you can also write an article using contribute.geeksforgeeks.org or mail your article to contribute@geeksforgeeks.org. See your article appearing on the GeeksforGeeks main page and help other Geeks.

Please Improve this article if you find anything incorrect by clicking on the "Improve Article" button below.


Article Tags :

3


Please write to us at contribute@geeksforgeeks.org to report any issue with the above content.