Some of the most highly recommended hacking competitions that will get your name and skills noticed by the right people.

Hack the Pentagon

From the Hack the Pentagon announcement to the Facebook Hacker Cup, there are loads of opportunities for those new to security to either participate in educational hacking competitions or simply learn by watching others compete. Michiel Prins, co-founder, HackerOne, and Ryan Stortz, security researcher, Trail of Bits, offered up a list of popular competitions and what they like most about some of them.

Uber Engineering Bug Bounty

The engineering security team at Uber has developed a bug hunter treasure map inviting hackers to find vulnerabilities in their cn.uber.com service, which communicates with the Android and iOS apps while using Uber. Prins said, “Uber’s program is unique because it offers a first of its kind loyalty program and the treasure map gives hackers unprecedented transparency.”

Yahoo’s Hack U

The development network division at Yahoo!, Hack U, offers a platform for different hacking competitions with “no rules or limitations.” Prins said, “”Yahoo! has a large footprint on the web and diverse portfolio of products so there is always something new for bug hunters to find. This makes it a great program for newer hackers.””

GitHub at the core of it all

The GitHub Bug Bounty Program offers a minimum prize of $200. Prins said, “GitHub is a core product for nearly all development teams — if you are able to hack it and report a vulnerability you are potentially helping millions.”

Google

Unlike the unencumbered opportunites at Hack U, Google Bug Hunter University is much more explicit about their boundaries and expectations. “Google’s program is great for bug hunters. They are very particular and transparent about how they determine bounty awards and what technology is in scope. Google’s Bug Hunter University is also a great resource for hackers wanting to look for bugs in Google and any other program,” Prins said.

Capture the Flag (CTF)

“Many competitions (mine included) target the CTF community and tend to punish new people. Much like jazz musicians, we build off of challenges from our peers to pay homage and to show off. Unfortunately this means challenge, sophistication, and difficulty goes way up in a horrible feedback loop,” Stortz said.

Competitions like PicoCTF and Microcorruption are specifically targeted at new players and the stages. “They are meant to slowly build up fundamental skills (and in the case of PicoCTF specifically – recruit you to Carnegie Melon),” Stortz said.

A few more recommendations

DropBox — They pay competitive bounties, they store a lot of data and there are many components, like iPhone app, syncing with computer. It is more than just a web app which creates unique challenges and makes it a fun target for hackers.

CyberCompEx is another community of highly skilled and talented researchers looking to connect through an online platform and various competitions. You can engage in a competition or view past competitions to get a taste of what they are all about.

Some other types:

I have always enjoyed trying to gain access to things I’m not really supposed to play around with. I found Hack This Site a long time ago and I learned a lot from it.

HellBound Hackers is the quintessential site for hacking tutorials. Covering an expansive range of topics including ethics, social engineering and phreaking, the site’s articles hold an impressive wealth of material. With a community of almost 50,000 members it’s also one of the largest hacking sites out there, making it ideal for newbies and experienced pros alike.

In a similar vein to Hack This Site, Hacker Games offers a range of challenges and war games that should pique any budding hacker’s interest. While there’s not much in the way of actual tutorials, the site provides a great, safe avenue for investigating complex security setups.

Current list:

Wargames:

• Over The Wire They have lots of small hacking challenges like: analyze the code, simple TCP communication application, crypto cracking.
  
• We Chall We Chall is similar to Over The Wire. Lots of challenges. They also have a large list of other sites with similar challenges.
  
• Smash The Stack
  

  
  

Downloads:

• Damn Vulnerable Web Application
  
• Google Jarlsberg
  
• exploit Exercises
  

Competitions:

• NetWars Offers tournaments at some conferences. And one longer challenge over 4 months. With scenario challenges.
  
• Cyber Security Challenge
  
• US Cyber Challenge
  

CRT:

• iCTF iCTF is a capture the flag contest held once a year.
  
• PlaidCTF
  
• Hack.lu CTF 2012
  
• Defcon Quals
  
• RuCTFe
  

Other list like this one:

• http://captf.com/practice-ctf/
  
• http://www.stumbleupon.com/su/1YNSxi/www.brighthub.com/internet/security-privacy/articles/77093.aspx/
  

Other interesting sites:

• http://captf.com/.calendar
  
• http://facebook.com/hackercup
  
• http://www.ethicalhacker.net/
  
• http://exploit-exercises.com/
  
• http://www.counterhack.net/Counter_Hack/Challenges.html
  

Via: csoonline