[ Hacking 101 ] :: [ Javascript ]

This entry is part 7 of 11 in the series [ Hacking 101 ]


Javascript runs locally, in your browser. That means you can view it with your browser’s debug console, run it and tinker with it. One issue is locating the scripts your target page uses, which may be listed in META tags or called from HTML (DOM) objects. Another issue is that people hide, obfuscate and encode Javascript to keep hackers at bay. Learn to pierce these veils, young padawan, and you will see much deeper into the web world.

Where to Learn

Take advantage of the free, high-quality learning materials online.

Again, see W3Schools, this time their Javascript course. The “Try it yourself” feature that lets you tinker with code live in the browser. Play with this a lot.

CodeAcademy has a whole series of Javascript classes, at least the first of which is free. You’ll have to create an account. As always, think carefully about what email address and identity you give away.ja

Don’t forget the trove of great (and terrible) Javascript courses on Youtube. For instance:

Where to Test Your HTML Hacking Skills

Root-me.org has Web Client and Web Server areas. Don’t forget that account you’ve set up.

HackThisSite has a whole category of Javascript challenges. You’ve already created your account, right?


  1. Conquer the seven Javascript challenges here:
  2. Defeat the first four challenges on the page: