URL: http://overthewire.org/wargames/
Career Path: Pentesters, Beginners in Security
Level: All, good for beginners
The wargames are free & fun, I tested two games so far, Bandit and Natas, but there are much more that include also crypto and explotation wargames.
Bandit
From the website:
- aimed to absolute beginners
- connection over ssh with given credentials, no registration needed
- for learning linux commands/hacking
- in each level you have to find the password for the next level
- exercides are for example search for the password in hidden files, files with special characters, learning commands
- Reading the exercise makes absolute sense here 😉
Example:
The password for the next level is stored somewhere on the server and has all of the following properties:* owned by user bandit7* owned by group bandit6* 33 bytes in size
For starting you get your first credentials and then hack on:
Natas
Natas is for learning webserver security. You can just start right away and log into the first exercise:
- Read the source code
- Use a proxy like Burpsuite might be useful
- starting simple, but you should read a bit about html and http before starting
- first find tokens in code, files, change cookies and so on
I hope I will have some time to write about the other wargames too.
Hack on!
We learn Security! 