Hello, Habr. I have been involved in vulnerability research for many years and have realized that it is a global and dynamic field. It's impossible to describe it in just one book. Every day, I gain new knowledge about technologies, as well as their security flaws.
For me, the main source of knowledge is reports from other researchers in this field. When reading reports, I find interesting techniques that I later apply in my work. Usually, it's not enough to just read the report to understand the root cause of a vulnerability. That's why I started simulating situations in which the described vulnerability may appear. I began creating virtual machines with vulnerable web pages. Initially, I published them in my Telegram channel, but it was inconvenient since virtual machine images weigh around 1GB. People had to download the image and install it in VirtualBox.
Therefore, it was decided to develop a portal where users could run virtual machines with vulnerable pages with just one click. After many months of development, I am pleased to introduce the website hackerhub.pro. On the website, you can run virtual machines and hack them. Tasks are provided in the CTF format, where you receive a flag upon successful hack. When submitting a flag, you are offered to specify the difficulty of the virtual machine, which will be helpful to other users.
The website is ready for use, but there is still much work ahead. Since there is no paid content on the website, I would be very grateful for material support in developing the resource.