mirror of
https://github.com/The-Art-of-Hacking/h4cker
synced 2024-12-11 18:42:28 +00:00
.. | ||
README.md |
Vulnerable Apps, Servers, and Websites
The following is a collection of vulnerable servers (VMs) or websites that you can use to practice your skills (sorted alphabetically).
- bWAPP
- CloudGoat
- Damn Small Vulnerable Web
- Damn Vulnerable ARM Router (DVAR)
- Damn Vulnerable iOS Application (DVIA)
- Damn Vulnerable Web App (DVWA)
- Damn Vulnerable Web Services
- Damn Vulnerable WordPress
- DOMXSS
- Extreme Vulnerable Node Application(XVNA)
- Game of Hacks
- Gruyere
- Hack This Site
- Hack This
- Hack Yourself first
- Hackazon
- HellBound Hackers
- Kubernetes Goat
- Metasploitable2
- Metasploitable3
- NodeGoat
- Over The Wire Wargames
- OWASP Juice Shop
- OWASP Mutillidae II
- Peruggia
- PortSwigger Web Security Academy
- RailsGoat
- RootMe
- Server-Side Request Forgery (SSRF) vulnerable Lab
- Snyk exploit-workshop
- Try2Hack
- VAmPI - vulnerable API
- Vicnum
- Vulnerable Single Sign-On (SSO)
- WebGoat
- XXE Lab
- Pentest-Ground
WebSploit Labs
- WebSploit Labs (created and maintained by Omar Ωr Santos)
- Mayhem - vulnerable container created by Omar Ωr for Mayhem 2020
- RTOV-Hackme - vulnerable container created by Omar Ωr for DEF CON 27
- RTV-Safemode - vulnerable container created by Omar Ωr for DEF CON Safemode
Learning Platforms and VMs
Commercial (with free tiers)
Commercial Learning Providers (require registration)
- O'Reilly - access to thousands of books, learning paths, video courses, labs, and live training.
- CyberPython
- eLearn Security