Security Lab

最新推荐文章于 2023-06-20 12:38:56 发布
置顶 最新推荐文章于 2023-06-20 12:38:56 发布
阅读量2.4k 收藏 1
点赞数
分类专栏: Methods Maintaining Access Web Applications Pentesting Password Attacks Vulnerability Analysis
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/nixawk/article/details/38475681
版权


Following table gives the URLs of all the vulnerable web applications,operating system installations, old software and war games [hacking] sites. TheURLs for individual applications that are part of other collection entitieswere not given as it is not necessary to download each of them and manuallyconfigure them if they are already available in a configured state. Fortechnologies used in each web application, please refer to the mindmap above.

Vulnerable Web Applications [64 unique web applications]
OWASP BWAhttp://code.google.com/p/owaspbwa/
OWASP Hackademichttp://hackademic1.teilar.gr/
OWASP SiteGeneratorhttps://www.owasp.org/index.php/Owasp_SiteGenerator
OWASP Brickshttp://sourceforge.net/projects/owaspbricks/
OWASP Security Shepherdhttps://www.owasp.org/index.php/OWASP_Security_Shepherd
WebGoat.NEThttps://github.com/jerryhoff/WebGoat.NET/
PentesterLabhttps://pentesterlab.com/
Butterfly Security Projecthttp://thebutterflytmp.sourceforge.net/
Foundstone Hackme Bankhttp://www.mcafee.com/us/downloads/free-tools/hacme-bank.aspx
Foundstone Hackme Bookshttp://www.mcafee.com/us/downloads/free-tools/hacmebooks.aspx
Foundstone Hackme Casinohttp://www.mcafee.com/us/downloads/free-tools/hacme-casino.aspx
Foundstone Hackme Shippinghttp://www.mcafee.com/us/downloads/free-tools/hacmeshipping.aspx
Foundstone Hackme Travelhttp://www.mcafee.com/us/downloads/free-tools/hacmetravel.aspx
LAMPSecurityhttp://sourceforge.net/projects/lampsecurity/
Mothhttp://www.bonsai-sec.com/en/research/moth.php
WackoPickohttps://github.com/adamdoupe/WackoPicko
BadStorehttp://www.badstore.net/
WebSecurity Dojohttp://www.mavensecurity.com/web_security_dojo/
BodgeIt Storehttp://code.google.com/p/bodgeit/
hackxorhttp://hackxor.sourceforge.net/cgi-bin/index.pl
SecuriBenchhttp://suif.stanford.edu/~livshits/securibench/
SQLolhttps://github.com/SpiderLabs/SQLol
CryptOMGhttps://github.com/SpiderLabs/CryptOMG
XMLmaohttps://github.com/SpiderLabs/XMLmao
Exploit KB Vulnerable Web Apphttp://exploit.co.il/projects/vuln-web-app/
PHDays iBank CTFhttp://blog.phdays.com/2012/05/once-again-about-remote-banking.html
GameOverhttp://sourceforge.net/projects/null-gameover/
Zap WAVEhttp://code.google.com/p/zaproxy/downloads/detail?name=zap-wave-0.1.zip
PuzzleMallhttp://code.google.com/p/puzzlemall/
VulnApphttp://www.nth-dimension.org.uk/blog.php?id=88
sqli-labshttps://github.com/Audi-1/sqli-labs
Drunk Admin Web Hacking Challengehttps://bechtsoudis.com/work-stuff/challenges/drunk-admin-web-hacking-challenge/
bWAPPhttp://www.mmeit.be/bwapp/
Vulnerable Operating System Installations [36+ unique OS setups]
Damn Vulnerable Linuxhttp://sourceforge.net/projects/virtualhacking/files/os/dvl/
Metasploitablehttp://sourceforge.net/projects/virtualhacking/files/os/metasploitable/
LAMPSecurityhttp://sourceforge.net/projects/lampsecurity/
UltimateLAMPhttp://www.amanhardikar.com/mindmaps/practice-links.html
De-ICE, hackerdemiahttp://hackingdojo.com/downloads/iso/De-ICE_S1.100.iso
http://hackingdojo.com/downloads/iso/De-ICE_S1.110.iso
http://hackingdojo.com/downloads/iso/De-ICE_S1.120.iso
http://hackingdojo.com/downloads/iso/De-ICE_S2.100.iso
hackerdemia - http://hackingdojo.com/downloads/iso/De-ICE_S1.123.iso
pWnOShttp://www.pwnos.com/
Holynixhttp://sourceforge.net/projects/holynix/files/
Kioptrixhttp://www.kioptrix.com/blog/
exploit-exercises - nebula, protostar, fusionhttp://exploit-exercises.com/download
PenTest Laboratoryhttp://pentestlab.org/lab-in-a-box/
RebootUser Vulnixhttp://www.rebootuser.com/?page_id=1041
neutronstarhttp://neutronstar.org/goatselinux.html
scriptjunkie.ushttp://www.scriptjunkie.us/2012/04/the-hacker-games/
21LTRhttp://21ltr.com/scenes/
SecGame # 1: Sauronhttp://sg6-labs.blogspot.co.uk/2007/12/secgame-1-sauron.html
TurnKey Linuxhttp://www.turnkeylinux.org/
CentOShttp://www.centos.org/
Sites for Downloading Older Versions of Various Software [3 sources]
Old Appshttp://www.oldapps.com/
Old Versionhttp://www.oldversion.com/
Exploit-DBhttp://www.exploit-db.com/
Sites by Vendors of Security Testing Software [9 unique sites]
Acunetix acuforumhttp://testasp.vulnweb.com/
Acunetix acubloghttp://testaspnet.vulnweb.com/
Acunetix acuarthttp://testphp.vulnweb.com/
Cenzic crackmebankhttp://crackme.cenzic.com
HP freebankhttp://zero.webappsecurity.com
IBM altoromutualhttp://demo.testfire.net/
Mavituna testsparkerhttp://aspnet.testsparker.com
Mavituna testsparkerhttp://php.testsparker.com
NTOSpider Test Sitehttp://www.webscantest.com/
Sites for Improving Your Hacking Skills [25 unique sites]
EnigmaGrouphttp://www.enigmagroup.org/
Exploit Exerciseshttp://exploit-exercises.com/
Google Gruyerehttp://google-gruyere.appspot.com/
Hack This Sitehttp://www.hackthissite.org/
HackThishttp://www.hackthis.co.uk/
HackQuesthttp://www.hackquest.com/
Hack.mehttps://hack.me
Hacking-Labhttps://www.hacking-lab.com
Hacker Challengehttp://www.dareyourmind.net/
Hacker Testhttp://www.hackertest.net/
hACME Gamehttp://www.hacmegame.org/
Hax.Torhttp://hax.tor.hu/
OverTheWirehttp://www.overthewire.org/wargames/
PentestIThttp://www.pentestit.ru/en/
pwn0https://pwn0.com/home.php
RootContesthttp://rootcontest.com/
Root Mehttp://www.root-me.org/?lang=en
Security Treasure Hunthttp://www.securitytreasurehunt.com/
Smash The Stackhttp://www.smashthestack.org/
TheBlackSheep and Erikhttp://www.bright-shadows.net/
ThisIsLegalhttp://thisislegal.com/
Try2Hackhttp://www.try2hack.nl/
WabLabhttp://www.wablab.com/hackme
XSS: Can You XSS This?http://canyouxssthis.com/HTMLSanitizer/
XSS: ProgPHPhttp://xss.progphp.com/
CTF Sites / Archives [3 sites/repos]
CTFtime (Details of CTF Challenges)http://ctftime.org/ctfs/
shell-storm Repohttp://shell-storm.org/repo/CTF/
CAPTF Repohttp://captf.com/
Miscellaneous [10 items]
ExploitMe Mobile Android Labshttp://securitycompass.github.io/AndroidLabs/
ExploitMe Mobile iPhone Labshttp://securitycompass.github.io/iPhoneLabs/
NcN Wargamehttp://noconname.org/evento/wargame/
NETinVMhttp://informatica.uv.es/~carlos/docencia/netinvm/
OWASP iGoathttp://code.google.com/p/owasp-igoat/
OWASP Goatdroidhttps://github.com/jackMannino/OWASP-GoatDroid-Project
Hacme Bank Androidhttp://www.mcafee.com/us/downloads/free-tools/hacme-bank-android.aspx
InsecureBankhttp://www.paladion.net/downloadapp.html
VulnVPNhttp://www.rebootuser.com/?page_id=1041
VulnVoIPhttp://www.rebootuser.com/?page_id=1041

There are other war games sites also. The sites whose core objective is hacking and available for free to all are in theabove list. Rest of the sites focus mainly on software cracking, logic/puzzles and therefore not included in the hacking related list.



原始链接:
http://www.amanhardikar.com/mindmaps/Practice.html
Nixawk
关注
专栏目录
Security
tianshuai1212的博客
09-03 327
Spark Security Spark目前通过共享密钥支持身份验证。 可以通过spark.authenticate配置参数将身份验证配置为打开。 此参数控制Spark通信协议是否使用共享密钥进行身份验证。 此身份验证是一种基本握手,可确保双方具有相同的共享密钥并允许进行通信。 如果共享密钥不相同,则不允许它们进行通信。 共享密钥创建如下: 对于YARN部署上的Spark,将spark.au...
CCNA Security LAB综合实验(中文)
09-10
这个是学完成CCNA Security 安全后的一个富有挑战的综合实验。
CCIE安全Lab实战 中文版
03-19
本书提供了一系列完整的lab实战练习来模拟需要较高动手能力的lab考试。书中列举的7个端到端情景试题同时具备复杂性和真实性,提供给你lab考试的经验并且开发你的应急思考技能,这是在真实网络世界中解决复杂问题的基本要素。本书没有在普及其他安全手册中已经涉及到的安全知识上浪费时间,而是把注意力全部放在复杂的网络情景中。各章的结构相同,涵盖很广泛的安全话题。随书附带的光盘包含了所有lab实战练习的答案、配置、各种命令以及拓扑中所有设备的show命令输出文件。 本书适合于准备参加ccie安全认证考试的人员,也适合那些希望了解网络安全配置技巧和实施建议的人员。
阿里安全猎户座实验室(Alibaba Orion Security Lab)简介
weixin_34216196的博客
06-07 1424
阿里安全猎户座实验室是以通用系统平台、软件供应链、终端和设备为研究对象,以提升攻防对抗能力方法论为目标的实验室。目前实验室共有成员十余人,灵活且互相渗透地形成了如下的主要研究方向:1.二进制程序细粒度分析无源码的程序分析历来是一个硬核的、严重依赖专家经验的工作,面临着程序规模、执行路径复杂化的现状,以及无法有效沉淀人工经验的问题。该方向旨在基于数据流分析的基础能力,形成对二进制程序从最底层指令功能...
1. LAMPSecurity-CTF8靶机复现
Sam5ara的博客
12-05 2037
vulnhub
红队打靶:LampSecurity:CTF5打靶思路详解(vulnhub)
最新发布
Bossfrank的博客
06-20 1115
本文是vulnhub靶机LampSecurity:CTF5的打靶思路详解,涉及的知识点包括到关于NanoCMS凭据泄露漏洞利用、历史记录凭据搜索等。靶机不难,但在寻找cms后台登录和提权的过程需要经验。
华为HCIE-Security Lab版本培训.rar
09-21
目录: 1-考试介绍 2-防火墙 3-VPN 4-controller-1 4-controller-2 5-UTM 6-Feature
CCIE security Lab V5 Soluting
10-07
本资料集合,标题为"CCIE security Lab V5 Soluting",主要针对CCIE安全实验室考试的V5版本提供了详细的解决方案,帮助备考者理解和解决实验过程中的问题。 首先,从描述中我们可以看出,这份资源特别关注了"LAB1 ...
Browser_Exploits:来自Singular Security Lab的浏览器利用代码的集合
05-13
浏览器漏洞 来自Singular Security Lab的浏览器利用代码的集合。 目标:三星浏览器全链 版本:13.2.3.2(Chrome:83.0.4103.106) 拱门:ARM 目标:V8 版本:8.3.110.13 拱门:X86-64
HCIE-Security Lab+论述 战报
10-30
HCIE-Security Lab+论述 战报
WebSecurity
04-21
通过高级加密标准(AES)和安全断言标记语言(SAML)在Web上的安全性
华为HCIE-Security Lab培训视频教程【共6集】.rar
10-17
目录: 网盘文件永久连接 1-考试要求 1-考试要求.mp4 2-防火墙 2-防火墙.mp4 3-VPN 3-VPN.mp4 4-Agile Controller 4-Agile Controller.mp4 5-安全配置文件 5-安全配置文件.mp4 6-Feature 6-Feature.mp4
一些可供扫描测试的站点
sinat_35416215的博客
12-13 1914
http://testhtml5.vulnweb.com http://testphp.vulnweb.com http://testasp.vulnweb.com http://testaspnet.vulnweb.com
web安全相关网址
10-05 2969
原文:http://www.owasp.org/index.php/Phoenix/Tools LiveCDs Monday, January 29, 2007 4:02 PM 828569600 AOC_Labrat-ALPHA-0010.iso - http://www.pack...
LAMPSECURITY: CTF6 内网拿到root 20211226
32bin的博客
12-26 2782
LAMPSECURITY: CTF6 参考博客: https://blog.csdn.net/weixin_42652002/article/details/112132466?spm=1001.2101.3001.6650.2&utm_medium=distribute.pc_relevant.none-task-blog-2%7Edefault%7ECTRLIST%7Edefault-2.nonecase&depth_1-utm_source=distribute.pc_releva
web安全攻防演练网站 靶机 测试环境 收集
whatday的专栏
09-09 4227
http://demo.testfire.net http://testphp.vulnweb.com http://testasp.vulnweb.com http://testaspnet.vulnweb.com http://zero.webappsecurity.com http://crackme.cenzic.com http://www.webscantest.com ...
渗透测试攻防练习实验室 (资源分享,国外在线教程)
关注互联网安全的小虾米一枚
07-26 2万+
Vulnerable Web Applications Vulnerable Web Applications BadStore http://www.badstore.net/ BodgeIt Store http://code.google.com/p/bodgeit/ Butterfly Security Project ht
解决:Gitlab上出现“You won't be able to pull or push project code via SSH until you add an SSH key to you”
热门推荐
白清羽的博客
07-12 7万+
第一次使用Gitlab上的issues进行缺陷管理,在使用是出现You won't be able to pull or push project code via SSH until you add an SSH key to your profile (在您的配置文件中添加一个ssh密钥之前,您将无法通过ssh来拖动或推动项目代码): 解决办法:首先确保电脑上安装了git: 详细教程请...
transport layer security (tls) lab
03-16
Transport Layer Security(TLS)实验室是一个用于测试和研究TLS协议的环境。TLS是一种加密协议,用于保护网络通信的安全性。TLS实验室可以帮助开发人员和安全专家了解TLS协议的工作原理,测试TLS实现的安全性和性能...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值