Is there a site or server out there that allows pentesting?
The questions pretty out there, but is there a site to pactice pentesting skills?
I mean a site that gives permission to 'hack' it. I remember a site like hackthissite.com or something along those lines, but i heard somewhere that that site is really hard or something (never actually tried it).
EDIT: well I signed up for hackthissite.org. I see there's a bunch of different hacking skills i can test out and try out.
Do you guys recommend this site or somewhere else?
EDIT2: I've been looking aorund on the site, and most of those 'hacks' are retrieve passwords from files, delete databases, etc. I'm just looking for something to get into (to build up metasploit skills). I haven't started learning about password cracking yet so I'd rather wait for that
The PenTest Live CD's here are great
Plu PureHate has a great tutorial video for the both
Just burned his ISO
Problem with those is that they require other computers. Im sure he is looking for an already hosted site/server that allows people to connect and do pentesting.
Originally Posted by s1lang
This is incorrect. the De-Ice discs can be done in vmware just fine. The problem with doing stuff over the internet is even if you have permission from the end site you could be violating any number of laws and ISP rules and who knows what else on the way. If you do a trace route to the site your going to hack you may have 20 hops along the way. Do you have permission from all those people?
Originally Posted by dsync0
a lot of the 'hacking' sites I've been looking at aren't really hacking over the internet. You download .rar files and .exe and hack the password. As far as from what I've seen, there isn't any actual pentesting over the interwebnets.
Originally Posted by pureh@te
Back when I was playing around with hackthissite.org it did allow you to hack the site itself as an additional challenge.
Not sure if that's still the case.
Like stated, most sites are puzzles but there are some, I believe one of the major ones is something like roothack.org, which do allow you to connect to their server, write your own exploits, compile them and execute them.
hackthissite also created rootthisbox.org
Originally Posted by white scorpion
check it out, maybe this is what you're looking for?
According to pureh@te's advice, the best would be to set up a homelab using different subnets.
You don't need that many machines, with vmware you could also create set it up just on one machine (if it is a decent one).
Or you could get some lab access from offensive security to get some hands on experience.
hello for about 350 usd i was able to pick up 3 laptops 2 thinkpad 600x and an e and i pretty nice desk top along with ip printing to make a long story short i have set up my own network to to learn on....so check out you pawn shops and want adds you can find every thing you could need......just make sure you know what your buying and have a clue what you need ahead of time......... hope this has some value to some one...