Hack.me: a new way to learn web application security presented at AppSec USA 2013

by Armando Romeo,

Summary : The Hack.me (https://hack.me) project is a worldwide, FREE for all platform where to build, host and share simple and complex vulnerable web applications. It's completely online and doesn’t require any software to be installed, just a web browser.
Users will be able to run and practice offensive techniques against always new vulnerable web applications provided by the community. Users will be able to practice the OWASP Top 10, testing CMS vulnerabilities,verifying the latest exploits. The vulnerable web applications, referred as hackmes, are run in a sandboxed and user-isolated environment provided by the Coliseum Framework.
We will show a typical use of the platform and some of the challenges, both technical and legal, faced by the project.