黑客攻击具有某种浪漫的吸引力。通过显示器的光线打字并获得只有少数人知道的秘密的想法吸引了许多人,但现实生活中的黑客行为与电影中的不同。在现实世界中,黑客是一种犯罪行为,但也是一种急需的技能(in-demand skill set)。
公司支付专业(或白帽)黑客((or white-hat) hackers)来测试他们的安全性。如果这听起来对您来说是一项有趣的工作,请尝试在线玩这些黑客游戏,以学习入门所需的编码和黑客技能。
破解盒子(Hack the Box)
Hack the Box与其说是一款游戏,不如说是一款拼图游戏。要进入该平台,您必须具备一些基本的 Web 开发知识(basic level of knowledge of web development)。它要求您入侵该站点只是为了获得邀请码,尽管它确实会在此过程中提供多个提示来帮助您解决难题。
进入后,Hack the Box是与其他渗透测试人员联系的好地方。它有 30 多台不同的机器,您可以远程连接和破解。如果您提交破解证明,您可以获得积分并登上排行榜。在隐写术、密码学等领域也有离线谜题。
如果您认为自己是一名半熟练的黑客并想提高自己的技能,那么Hack the Box是一个不错的起点。
黑客本站(HackThisSite)
HackThisSite是一个完全免费的网站,提供有关黑客的测试和课程。它首先为用户提供他们可以完成的任务,难度从最低限度的知识到更高级的技术。网站上还有许多文章可以教您许多所需的技能,以及讨论解决方案和难题的论坛。
如果您刚开始涉足黑客世界,请尝试“基本任务”挑战。这些将逐渐增加难度,并在继续之前教您需要了解的内容。还有一些更复杂的现实任务。
和Hack the Box一样,HackThisSite也有一个高分系统。还有一个“名人堂”部分,该网站列出了用户发现的漏洞并奖励这些用户积分。HackThisSite鼓励用户寻找安全漏洞,但要求他们提交错误报告而不是采取破坏性行动。
HackThisSite是一个很好的培训场所和潜在白帽黑客的聚集地,特别是如果您刚刚开始学习所需的技能。
许多人认为 hacking 只是关于编码,但其中涉及的不仅仅是了解 Java 语法(more involved than just knowing Java syntax)。您需要能够创造性地思考并知道如何解决黑客可能遇到的不同问题。PicoCTF针对年轻观众(初中到高中),但任何人都可以使用。
PicoCTF由卡内基梅隆大学(Carnegie Mellon University)的计算机安全专家设计。玩家通过一个充满教育内容和网络安全谜题的松散故事情节进行工作。据该网站称,玩家必须“逆向工程、破解、破解、解密,并创造性地和批判性地思考以解决挑战。”
虽然涉及黑客攻击,但将PicoCTF更像是大脑的训练游戏。当您知道如何考虑黑客攻击时,破解代码的实际行为会容易得多。如果您在适当的年龄范围内,用户甚至可以参加比赛。
PicoCTF是(PicoCTF)对黑客感兴趣的年轻人(younger that is interested in hacking)的绝佳工具。它将教授扎实的基本技能基础,使人们在以后的生活中进入更高级的课程。
破解说明(Hacksplaining)
Hacksplaining是一个交互式教程网站,可指导用户逐步完成各种安全漏洞的过程。它的平台允许用户在使用SQL 注入(SQL Injection)、点击劫持(Clickjacking)和其他类型的黑客技术时看到幕后发生的事情。
虽然它不是一个黑客游戏,但互动元素帮助它以一种仅仅阅读材料所没有的方式展示了它的课程。它设置在一系列课程中,这些课程自然地从一个课程转移到另一个课程。例如,当您完成SQL 注入(SQL Injection)教程时,它将带您进入有关如何防止SQL 注入(SQL Injection)的课程。
许多课程无需注册即可获得,但您可以免费加入以获取更多信息。凭借网站上的丰富信息和易于使用的格式,Hacksplaining是了解安全漏洞基本知识的好地方。
关于黑客的注意事项
尽管黑客是一个浪漫的行业,但请记住,访问您不允许访问的信息是一种犯罪行为——并且与任何犯罪行为一样,它可能会受到重罚和监禁。白帽黑客可能是一项有利可图的技能,但您通常需要拥有干净的犯罪记录才能获得在该领域工作所需的安全许可。
如果您想成为一名白帽黑客,请确保您不会滥用您所学的技能。它还可以使您获得各种认证,例如EC-Council的(EC-Council)Certified Ethical Hacker认证或网络安全认证路线图(Cyber Security Certification Roadmap)。
4 Best Online Hacking Games to Learn Programming
There is a certain romantic appeal in hacking. The idеa of typing away by the light of your monitоr and gaining access to secrets only a fеw others know appeals to mаny pеople, but real-life hаcking isn’t the same as it is in thе movies. In the real-world, hacking is a crime, but also an in-demand skill set.
Companies pay professional (or white-hat) hackers to test their security. If this sounds like an interesting job to you, try your hand at these hacking games online to learn the necessary coding and hacking skills you’ll need to get started.
Hack the Box isn’t as much a game as it is a puzzle. To even gain entry into the platform, you have to have some basic level of knowledge of web development. It requires you to hack your way into the site just to get an invite code, although it does drop multiple hints along the way to help you solve the puzzle.
Once inside, Hack the Box is a great place to connect with other penetration testers. It has more than 30 different machines you can connect to remotely and hack. If you submit proof of your hack, you can receive points and climb the leaderboards. There are also offline puzzles in the realms of steganography, cryptography, and more.
If you fancy yourself a semi-skilled hacker and want to sharpen your skills, Hack the Box is a good place to start.
HackThisSite is a totally free website that has tests and courses on hacking. It starts with offering users missions they can work through, ranging in difficulty from bare-minimum knowledge to more advanced techniques. There are also scores of articles on the website to teach you many of the skills you need, as well as forums to discuss solutions and puzzles.
If you’re just starting out in the world of hacking, try the “basic missions” challenges. These will gradually scale up in difficulty and teach you what you need to know before moving on. There are also realistic missions that are much more complicated.
Like Hack the Box, HackThisSite has a high score system. There’s also a “Hall of Fame” section where the site lists vulnerabilities that users have found and awards those users points. HackThisSite encourages users to look for security holes, but asks that they submit a bug report rather than take destructive action.
HackThisSite is a great training ground and gathering place for would-be white hat hackers, especially if you’re just starting out learning the skills you need.
Many people think hacking is solely about coding, but there is much more involved than just knowing Java syntax. You need to be able to think creatively and know how to approach different problems a hacker might encounter. PicoCTF is aimed at younger audiences (middle-grades to high school) but can be used by anyone.
PicoCTF is designed by computer security experts at Carnegie Mellon University. Players work through a loose storyline filled with educational content and cybersecurity puzzles. According to the website, players must “reverse engineer, break, hack, decrypt, and think creatively and critically to solve the challenges.”
While there is hacking involved, think of PicoCTF more like a training game for your brain. When you know how to think about hacking, the actual act of breaking into the code will be much easier. There are even competitions users can take part in, provided you are within the proper age range.
PicoCTF is a great tool for someone younger that is interested in hacking. It will teach a strong foundation of basic skills that will carry someone into more advanced courses later in life.
Hacksplaining is an interactive tutorial site that guides users step-by-step through the process of various security exploits. Its platform allows users to see what happens behind the scenes when something like SQL Injection, Clickjacking, and other types of hacking techniques are used.
While it isn’t much of a hacking game, the interactive elements help it demonstrate its lessons in a way that just reading the material does not. It’s set up in a series of courses that move naturally from one to another. For example, when you finish the SQL Injection tutorial, it moves you into a lesson on how to protect against SQL Injection.
Many lessons are available without signing up, but you can join for free to access even more information. With the wealth of information on the site and the easy-to-approach format, Hacksplaining is a good place to get a basic understanding of security exploits.
A Note on Hacking
Although hacking is a romanticized industry, remember that it’s a crime to access information you’re not allowed access to–and like any crime, it can carry massive penalties and jail time. White-hat hacking can be a lucrative skill set, but you’re often required to have a clean criminal record in order to gain the necessary security clearances to work in this field.
If you want to become a white-hat hacker, make sure that you don’t abuse the skills you learn. It can also benefit you to obtain various certifications, such as the Certified Ethical Hacker certification from the EC-Council or Cyber Security Certification Roadmap.