explaingit

hacker0x01/hacker101

14,421SCSSAudience · developerComplexity · 2/5Setup · moderate

TLDR

Hacker101 is the source for a free online security course at hacker101.com that teaches programmers about web and mobile vulnerabilities like clickjacking and CSRF to help them participate in bug bounty programs.

Mindmap

mindmap
  root((hacker101))
    What It Is
      Free security course
      Bug bounty training
      hacker101.com source
    Topics Covered
      Clickjacking
      CSRF attacks
      Mobile security
    Tech Used
      Jekyll site
      Ruby Bundler
      SCSS styling
    Who It Is For
      Security beginners
      Bug bounty hunters
      Curious programmers
Click or tap to explore — scroll the page freely

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

Things people build with this

USE CASE 1

Learn the basics of web security vulnerabilities like CSRF and clickjacking for free at your own pace

USE CASE 2

Prepare to submit your first bug bounty report by working through the course content

USE CASE 3

Run the course website locally using Jekyll to read lessons offline

USE CASE 4

Contribute lesson corrections or new content to the course via a pull request

Tech stack

SCSSJekyllRuby

Getting it running

Difficulty · moderate Time to first run · 30min

Running the site locally requires Ruby and Bundler, the course content itself is accessible at hacker101.com without any setup.

In plain English

Hacker101 is the source code behind hacker101.com, a free online class focused on web and mobile security. The course is aimed at two kinds of people: programmers who are curious about security and want to learn how to participate in bug bounty programs (where companies pay people to find and report vulnerabilities in their software), and experienced security professionals looking to sharpen their skills. The topics covered span several common categories of web security weaknesses, including clickjacking, CSRF, and mobile security. Clickjacking is a technique where a malicious site tricks a user into clicking on something hidden or disguised. CSRF, short for Cross-Site Request Forgery, is a type of attack where a user is unknowingly made to perform an action on a site they are already logged into. The project is built with Jekyll, a tool that converts text files into a website. Running it locally requires Ruby, a programming language, and Bundler, a tool that manages Ruby software dependencies. Once those are in place, a few commands clone the project, install its requirements, and start a local server so you can preview the site in a browser. The repository accepts contributions through GitHub, meaning anyone can submit suggested changes or report problems. The actual course content lives at hacker101.com, while this repository holds the site's structure, styling, and lesson files that produce that website.

Copy-paste prompts

Prompt 1
I am starting Hacker101. Explain what CSRF is and show me a simple code example of how a CSRF attack tricks a logged-in user into performing an unwanted action.
Prompt 2
I found a clickjacking vulnerability in a bug bounty target. Write a proof-of-concept HTML file that demonstrates the issue for a security report.
Prompt 3
How do I run the hacker101 site locally? List the commands to clone the repo, install Ruby dependencies with Bundler, and start the Jekyll server.
Prompt 4
Give me a 4-week study plan for completing Hacker101 and submitting my first bug bounty report, including which topics to cover each week.
Open on GitHub → Explain another repo

← hacker0x01 on gitmyhub — every repo by this author, as a profile.

Verify against the repo before relying on details.