In the next weeks I would like to hack a website together with you in order to have a deep look into the web security area.

It will be shown how hackers are trying to execute code on a website and which  typical problems can occur in case a programmer writes code for a highly dynamical website. Additionally cross site scripting will be explained on real life example.

Isn’t it illegal?

Well, in general it would be. But in our case we will hack  a website on our own machine.

Therefore I will introduce you in the first article to an Web Application which is vulnerable. This application can be downloaded as some kind of an disk image from the Internet. It is legal and free to use. But please be aware to not put this application to a computer which can be accessible through the Internet. The application is so vulnerable that an attacker on the Internet could easily get full access to your computer.

This application has been developed for training purpose in order to teach developers how a hacker is thinking and how easy it can be for an attacker to do harmful things.

To prepare yourself in advance, I recommend to install Virtual Box which is a free to use virtualization system, which can boot ISO images (a file representing the content of a CD/DVD) and is able to  run on Windows, Linux, OS X or Solaris.

As an alternative you can burn the images to an CD/DVD and boot them up on a spare system.