Google launches ‘how to hack’ course

Want to learn how hackers work? Try out Google’s new course.


Google has launched a new course to teach students how hackers find security vulnerabilities and exploit web applications.

Participants in Google's Web Application Exploits and Defenses codelab get to play the part of a malicious hacker, finding and exploiting security bugs.

"The codelab is built around Jarlsberg, a small yet full-featured microblogging application with lots of security bugs," explained Bruce Leban, a software engineer at Google, in an introduction to the course.

The Jarlsberg application, which lets users publish bits of text and store files, is riddled with bugs including denial of service (DoS), information disclosure and remote code execution.

Advertisement - Article continues below

Students will get to try out two forms of attacking, the first being black-box hacking'. With this, they will try and locate security bugs by experimenting with the application, manipulating input fields and URL parameters. Participants will also try to cause application errors, while monitoring HTTP requests and responses to guess server behaviour.

White-box hacking', meanwhile, allows the user to look through the Jarlsberg source code to find bugs, which can also be located using automated or manual analysis.

While Google is elucidating on how cyber criminals work, its aim is to show how software developers can protect applications and stop hackers in their tracks.

The search giant warned that participants should use what they learn to make their own applications more secure and not use their new-found knowledge to attack any applications other than their own. Even the latter should be done with proper permission from the right authorities, Google added, such as the company's security team.

Graham Cluley, senior technology consultant at IT security firm Sophos, said that education on finding security vulnerabilities in software and how to write code more securely is "very important for firms".

He told IT PRO that this can help stop the problems at the source and prevent hackers from exploiting vulnerabilities later on.

Featured Resources

The IT Pro guide to Windows 10 migration

Everything you need to know for a successful transition

Download now

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Software-defined storage for dummies

Control storage costs, eliminate storage bottlenecks and solve storage management challenges

Download now

6 best practices for escaping ransomware

A complete guide to tackling ransomware attacks

Download now



The IT Pro Podcast: Is the future multi-cloud?

29 Nov 2019
Business strategy

Google accused of ‘union busting’

26 Nov 2019

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019
public cloud

Vodafone launches 'Neuron' platform with Google Cloud

20 Nov 2019

Most Popular

identity and access management (IAM)

44 million Microsoft customers found using compromised passwords

6 Dec 2019
Microsoft Azure

Microsoft, not Amazon, is going to win the cloud wars

30 Nov 2019

Five signs that it’s time to retire IT kit

29 Nov 2019

Where modernisation and sustainability meet: A tale of two benefits

25 Nov 2019