IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Google launches ‘how to hack’ course

Want to learn how hackers work? Try out Google’s new course.

Hacker

Google has launched a new course to teach students how hackers find security vulnerabilities and exploit web applications.

Participants in Google's Web Application Exploits and Defenses codelab get to play the part of a malicious hacker, finding and exploiting security bugs.

"The codelab is built around Jarlsberg, a small yet full-featured microblogging application with lots of security bugs," explained Bruce Leban, a software engineer at Google, in an introduction to the course.

The Jarlsberg application, which lets users publish bits of text and store files, is riddled with bugs including denial of service (DoS), information disclosure and remote code execution.

Students will get to try out two forms of attacking, the first being black-box hacking'. With this, they will try and locate security bugs by experimenting with the application, manipulating input fields and URL parameters. Participants will also try to cause application errors, while monitoring HTTP requests and responses to guess server behaviour.

White-box hacking', meanwhile, allows the user to look through the Jarlsberg source code to find bugs, which can also be located using automated or manual analysis.

While Google is elucidating on how cyber criminals work, its aim is to show how software developers can protect applications and stop hackers in their tracks.

The search giant warned that participants should use what they learn to make their own applications more secure and not use their new-found knowledge to attack any applications other than their own. Even the latter should be done with proper permission from the right authorities, Google added, such as the company's security team.

Graham Cluley, senior technology consultant at IT security firm Sophos, said that education on finding security vulnerabilities in software and how to write code more securely is "very important for firms".

He told IT PRO that this can help stop the problems at the source and prevent hackers from exploiting vulnerabilities later on.

Featured Resources

The state of Salesforce: Future of business

Three articles that look forward into the changing state of Salesforce and the future of business

Free Download

The mighty struggle to migrate SAP to the cloud may be over

A simplified and unified approach to delivering Enterprise Transformation in the cloud

Free Download

The business value of the transformative mainframe

Modernising on the mainframe

Free Download

The Total Economic Impact™ Of IBM FlashSystem

Cost savings and business benefits enabled by FlashSystem

Free Download

Recommended

Google urges Apple to embrace RCS as standard, ditch SMS for Android texts
Mobile

Google urges Apple to embrace RCS as standard, ditch SMS for Android texts

10 Aug 2022
Google reveals new office in Atlanta and $1 million in funding for local communities
Careers & training

Google reveals new office in Atlanta and $1 million in funding for local communities

28 Jul 2022
Hackers hiding malicious links in top Google search results, researchers warn
malware

Hackers hiding malicious links in top Google search results, researchers warn

21 Jul 2022
What is zero trust?
network security

What is zero trust?

14 Jul 2022

Most Popular

Why convenience is the biggest threat to your security
Sponsored

Why convenience is the biggest threat to your security

8 Aug 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

29 Jul 2022
Cyber attack on software supplier causes "major outage" across the NHS
cyber attacks

Cyber attack on software supplier causes "major outage" across the NHS

8 Aug 2022