之后会继续补充,大家有好玩的靶场也可以说一下。
多而杂:
vulnhub:https://www.vulnhub.com
hackthebox:https://www.hackthebox.eu
在线靶场:https://www.root-me.org
bWAPP:http://www.itsecgames.com
当下比较流行的漏洞学习平台docker环境:https://github.com/c0ny1/vulstudy
OWASP Juice Shop:https://github.com/bkimminich/juice-shop
DVWA:https://github.com/digininja/DVWA
DoraBox:https://github.com/0verSp4ce/DoraBox
permeate:https://github.com/78778443/permeate
DSVW:https://github.com/stamparm/DSVW
bodhi:https://github.com/amolnaik4/bodhi
WebGoat:https://github.com/WebGoat/WebGoat
hackazon:https://github.com/rapid7/hackazon
https://www.azcwr.org/
https://avatao.com/
SQL注入:
sqli-labs:https://github.com/lcamry/sqli-labs
文件上传:
upload-labs:https://github.com/c0ny1/upload-labs
文件包含:
LFIboomCTF:https://github.com/Go0s/LFIboomCTF
Linux提权:
https://in.security/2018/07/11/lin-security-practise-your-linux-privilege-escalation-foo/
iOS 应用程序渗透测试:
https://github.com/OWASP/igoat
https://github.com/prateek147/DVIA-v2
Metasploit 练习系统:
https://github.com/rapid7/metasploitable3
Metasploit 服务模拟器
https://github.com/rapid7/metasploit-vulnerability-emulator
内网:
DarthSidious:https://github.com/chryzsh/DarthSidious
Vulnstack:http://vulnstack.qiyuanxuetang.net/vuln/