Update README.md

This commit is contained in:
Omar Santos 2020-04-06 20:32:19 -04:00 committed by GitHub
parent 5e6b5017d3
commit f043214d29
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -1,6 +1,6 @@
# Building Your Own Penetration Testing Lab # Building Your Own Penetration Testing Lab
The following are some tips and instructions on how you can build your own lab for web application penetration testing, including deploying intentionally vulnerable applications in a safe environment. The following are some tips and instructions on how you can build your own lab for penetration testing and to practice different defensive techniques helpful for incident response and digital forensics.
## Pen Testing Linux Distributions ## Pen Testing Linux Distributions
@ -29,11 +29,14 @@ The purpose of this VM is to have a lightweight (single VM) with a few web appli
### Getting Started ### Getting Started
1. Download VirtualBox. 1. Download VirtualBox.
2. Download the .ova file from http://h4cker.org/websploit and import it in VirtualBox. 2. Download the .ova file from http://websploit.org and import it in VirtualBox. Alternatively, download Kali or Parrot and then run `curl -sSL https://websploit.org/install.sh | sudo bash`.
The following are the vulnerable applications included in [WebSploit](https://websploit.h4cker.org/): The following are the vulnerable applications included in [WebSploit](https://websploit.h4cker.org/):
- Damn Vulnerable Web Application (DVWA) - Damn Vulnerable Web Application (DVWA)
- Damn Vulnerable Node Application (DVNA)
- WebGoat - WebGoat
- Hackazon - Hackazon
- OWASP Juice Shop - OWASP Juice Shop
- OWASP Mutillidae 2 - OWASP Mutillidae 2
- bWapp2
- hackme-rtov