Hack.Me – Hack Away White Hat Style

What is your first association when somebody says “hackers”? To some of us it is the movie of the same title with Angelina Joile and Jonny Lee Miller. However, just like in the movie, many people have very negative connotations with the word. Of course, all knowledge can be used in a bad and in a good way-  always depends on who is using it. But today, let’s talk about the good kind of hackers, so called white hats. And what do good people do? They help each other. So let’s talk about Hack.Me.

It Is Not a Hack

Hack.Me is a free community based project powered by eLearnSecurity. You can think of it as a platform where the community can build, host and share vulnerable web application code for educational and research purposes. The platforms is available without any restriction to any party interested in Web Application Security: students, universities, researches, penetration testers and web developers. It aims to be the largest collection of “runnable” vulnerable web applications, code samples and CMS’s online.

Every time you run a new hackme they will instantiate a new sandbox for you. You will get isolated access to it, so you know that the application is safe for you to use. No one else can add malware or exploits to it. You also own any copyright over the material uploaded to the website, but by uploading your “hackme”, you give the permission to host it, share it and use it for the purposes set forth by Hack.Me.

You can also upload any third party hackme, as long as the third party hackme is licensed with GPL, LGPL or any similar licensing mechanism that allows it to be freely shared. Any hackme you upload is your responsibility and you are also responsible for any copyright infringement in your uploads so make sure you have the rights before uploading them. At any time you decide, you can delete your hackme without any warning.

What You Can And Can’t Do

All of the pages are moderated. Community also has the chance to report abuses in case of hidden or suspicious contents are hosted on our website. It is not allowed to include advertisement of any kind within your hackme. Just like theInternet should be, it is all free, but some common courtesy and morals apply, and if they are not obeyed, you will suffer the wrath of other users.

When you make your hackme public, you give the rights to show your web application to the world. Everyone will be able to search, run and practice offensive techniques against it. If you wish to keep it to yourself you should use the ‘Only me’ visibility level where hackme will not be searchable or visible to anybody except you.

Community Spirit

For now the whole concept is working, the community understands what is it for and anyone who wants to use it can get a positive feedback. If you are thinking about launching your app, but you don’t have any sources to double check it from an angle that is not yours, this is the place to go. But there are also many things that could be considered fun and educational, so if you are firs timer coding waters, this is a welcoming place.

Hack.Me is a great starting point if you want to get hacked, in a best way possible. Test things out, get a second opinion. Then it can become even more than just your starting point. Meet new people, discuss ideas and mingle. Enjoy community!