Practice Hacking: the Command Injection ISO

Pentester Academy
This entry is part 11 of 11 in the series [ Hacker Night School ]
I love sites like and, where you can practice your hacking skills legally and safely.
There are also some cool pre-vulnerable-ized web applications/sites that you can download, unzip and use on your hacking lab, like DVWA and Mutillidae.
Then there are the dedicated virtual machines like Metasploitable, that give you a whole OS environment to wreck to your heart’s content. Here’s an example a friend recently pointed out to me, the Command-Injection-ISO from PenTester Academy.
“We’ve packaged 10 real world applications into an Ubuntu Desktop based ISO. These applications are vulnerable to command injection attacks which you will need to find and exploit. Please note that not all applications are on port 80 :)” – .
Give it a try and tell us what you think! Thanks –

Sites To Practice Hacking:

Glenn Norman
This entry is part 2 of 2 in the series [ Sites Where You Can Hack ]

Where is about … hacking that site, is a whole platform. That means you can work your way through entire categories of Challenges: apps, crypto, forensics, stego, web clients and servers, and so forth.

This is a blast. Don’t take my word for it. Go see.

There’s an active and helpful community with forums sorted by Challenge. But it’s not immediately clear where you’re supposed to start. Let me suggest going to Challenges > Web – Client, and start at the top of the list you get. The initial Challenges really are easy, but things get tricky fast.

I use this site in my security and hacking classes largely because they can get a foothold almost immediately, then learn the process of researching (and asking) their way to solutions to other Challenges.

As always, School for Hackers members, you can let us know how it goes by commenting below. Thanks –

* * *