For the last week I have been working my way through the challenges on www.HackThisSite.org.
HackThisSite has a number of ‘missions’ where you are required to hack into websites to achieve your goals. However, all of the challenges are simulated and hosted on the HackThisSite servers so it’s all legal and above board. To complete the tasks you have to learn a number of different methods of hacking and improve your general knowledge of programming, cryptography and internet protocols.
There are many reasons to want to do this. It’s fun but it is also educational. It is hard to design secure websites and applications without any understanding of how others may try to exploit them. Some of the ‘basics’ challenges on the site seem almost laughable but it is surprising how often you see some of these vulnerabilities in the wild.
For me it has been a real eye opener. Now I can’t even look at one of my own sites without thinking: ‘How can I exploit this?’ I’m looking for ways someone would hack my sites and it makes me all the more careful not to leave gaping holes in my own security.
I’ve often said that a good understanding of photography aught to be compulsory for designers. Well, likewise, working through the missions on HackThisSite aught to be compulsory for developers so that they can understand some of what they are up against.
Forewarned is forearmed!