Are you a newbie in hacking world? Want to practice your hacking skills? The biggest problem I’ve faced every time I want to learn about hacking other than it’s not easy to learn the tools is I have a difficult time trying to find a victim for my practice sessions. Surely I can’t try to hack any sites I found on google since it will be against the law. Should I try to make a custom web application for this? Nah, it’s too time consuming and I’m not sure everything will work. Luckily, somehow I found myself in a web page which contain a link to a web application based on PHP and MySQL called mutillidae.
So, what does this mutillidae do? It basically is just a normal web application written in PHP and use MySQL server as its database. The best thing about it is, it has been customized to include a lot of security vulnerabilities for you to practice your hacking skills. Some example of its vulnerabilities are SQL injection, Cross Site Scripting, Remote File Inclusion, and many more. So I guess us newbies should really thank this irongeek guy for taking his time to create mutillidae. I even used it for my undergraduate theses project by combining it with HIHAT to create a honeypot website. You just need a machine with web server and MySQL server running to deploy mutillidae.
I’ve also managed to find some more vulnerable web application for hacking practice. They are: