This Web Site Has 100 Bugs. Can You Hack Them All?


beeboxEver wanted to try your hand at being a computer hacker? Or, as they are often called nowadays, a penetration tester or an ethical hacker? If so, here's your chance. And you won't end up in jail if you succeed, either.

It all involves a web application called bWAPP. The name stands for Buggy Web Application and, as the moniker implies, it's designed to be buggy. Really, really buggy. There are at least 100 different problems with this web-based application, each of which could allow a hacker or security researcher to break into the code or its underlying database.

Thankfully, bWAPP is not available online over the web. You have to run it yourself on your own web server. But to make that really easy, you can download everything you need in a single package and it runs completely independently of your PC. It then provides you with a great environment in which to practice your skills.

To start with, you'll need VMware Player. You'll find this at and it's completely free. It allows you to create and use Virtual Machines. A virtual machine is a complete operating system (Windows, Linux or whatever else you want) running as a separate task window on your existing computer, totally isolated from everything else.

Once you've got VMware Player installed, you can then download BeeBox. It's at and is a VM comprising a fully installed version of Ubuntu Linux along with all the components of bWAPP, all installed and ready to use. Just power up the BeeBox VM and start playing.

This is clearly not for everyone. You need to be fairly technical, and you also need to be interested in exploring the inner workings of web applications. But if that's you, and it's something you've always wanted to try, bWAPP is the easy way to get started. It's also completely safe, because nothing runs within your main Windows installation.

Please rate this article: 

Your rating: None
Average: 4.3 (9 votes)


Isn't this a sure-fire way to get your name on a CIA list of people of interest?

Ha, ha. Good one!