Google has released a free online tutorial that gives developers the chance
to play the role of malicious hacker by exploiting real security bugs in a mock
The codelab is premised on a "small, cheesy web application" dubbed Jarlsberg
that is chock-full of bugs that can be exploited to take down webservers,
perform remote code-execution attacks, and spring information-disclosure leaks.
It can be downloaded and run on a local machine to teach developers firsthand
the perils of insecure coding.