HackerOne, HackEDU Partner Up
December 5, 2018
HackerOne has expanded its free online hacker training program, Hacker101 through a partnership with interactive cybersecurity training company HackEDU. Hacker101 is giving away the first of its kind sandboxed training environments, modeled after five real-world vulnerability reports. HackerOne and HackEDU are committed to empowering the hacker community by providing access to world-class training materials. The new HackEDU-developed vulnerability sandboxes are the latest in their interactive coursework available to hackers and join existing Hacker101 interactive content, coursework and capture the flag (CTF) challenges.
The first five featured vulnerability sandboxes were inspired by some of the most popular publicly disclosed reports on HackerOne’s Hacktivity. With over 6,000 vulnerability reports listed, Hacktivity is the world’s largest public activity feed of vulnerabilities found, rewarded, resolved and disclosed. The five sandboxes available feature the following replicated vulnerabilities:
Clickjacking vulnerability that can be used to create a worm XXE vulnerability that can be exploited to steal files Remote code execution (RCE) vulnerability on a server SQL injection attack using sqlmap that steals data XSS attack that causes a user to send you data without their knowledge
These latest Hacker101 training environments were designed and developed by HackEDU for hackers or developers interested in practicing real-world hacking techniques in a safe and legal environment. Since HackerOne’s Hacker101 launched in January 2018, thousands of individuals have become better hackers by participating in the free challenges and coursework.
“Hacking is a highly sought after skill, but it is not always clear how to get started or advance to the next level. This is why we started Hacker101,” said Cody Brocious, HackerOne security researcher and Head of Hacker Education. “Now with HackEDU’s sandboxes and interactive lessons, hackers can test their skills like never before. With simulated real-world bugs -- originally discovered by top bug hunters in the community -- you will learn something new with these latest sandboxes, no matter your skill level.”
“HackEDU is proud to offer real-world applications with real-world vulnerabilities found on HackerOne’s platform,” said Jared Ablon, HackEDU’s CEO. “With this addition to HackEDU’s current offerings, users can explore how vulnerabilities manifest themselves in applications that people use everyday which enhances the learning process for both attackers and defenders.”
Hacktivity Sandboxes are now available along with HackEDU’s other current content offerings of both public vulnerabilities and Secure Development Training. All of these courses are now available for tailoring programs for software developers, security champions, and application security professionals.