部分靶场是线上,部分是需要搭建本地环境。
1. 综合性靶场
- DVWA - Damn Vulnerable Web ApplicationDamn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and aid teachers/students to teach/learn web application security in a class room environment.
https://dvwa.co.uk/
- itsecgames.com
http://www.itsecgames.com/
- https://adworld.xctf.org.cn/
https://adworld.xctf.org.cn/
- CTFHub
https://www.ctfhub.com/#/index
- 在线靶场_墨者学院
https://www.mozhe.cn/bug
- 必火网络安全技术课程教育培训机构-专注web安全-大数据-java-HTML5前端培训必火安全学院,专注网络安全培训,渗透测试培训,大数据培训,java培训,HTML5前端培训,必火安全白帽子黑客技术教程网络安全工程师在线黑客靶机练习平台,由全中国最有责任心、最负责的讲师必火亲手打造的一个适合新生入门的渗透测试学习靶场平台,根据10余年的编程和渗透经验,全面总结了SQL注入、XSS漏洞、文件上传、CSRF、代码执行、命令执行等的各种场景,适合各大培训机构在校学生使用
https://www.bihuoedu.com/
- 黑客游戏--Hackers game
http://www.fj543.com/hack/
- -
2.XSS靶场
- XSS Challenges (by yamagata21) - Stage #1
https://xss-quiz.int21h.jp/
- prompt(1) to win - 0x0
http://prompt.ml/0
- alert(1) to win
https://alf.nu/alert1
- GitHub - do0dl3/xss-labs: xss 跨站漏洞平台xss 跨站漏洞平台. Contribute to do0dl3/xss-labs development by creating an account on GitHub.
https://github.com/do0dl3/xss-labs
- -