Vulnerable by Design

最新推荐文章于 2024-09-02 07:44:17 发布
最新推荐文章于 2024-09-02 07:44:17 发布
阅读量3.1k 收藏
点赞数
文章标签: application security web testing download disk



2011-03-13

Vulnerable by Design

Pentest lab. "Hacker" training. Deliberately insecure applications challenge thingys.
Call it what you will, but what happens when you want to try out your new set of skills? Do you want to be compare results from a tool when it's used in different environments? What if you want to explore a system  (that is legal to do so!) that you have no knowledge about  (because you didn't set it up!)...
If any of that sounds helpful, below is a small collection of different environments, so if you want to go from "boot to root", "capture the flag" or just to dig around as much as you want to try out the odd thing here and there. These will allow you to do so and without getting in trouble for doing it!

The idea isn't to cheat, the aim is to learn a thing or two ;)

I'm sure there are a lot more out there, if you want to recommend any others - please so do! =)

'Complete' Operating System. The idea of going from boot to root via any which way you can. Most of them have multiple entry points (some are easier than others) so you can keep using it ;)  They are all Linux OS (either in ISO or VM form) with vulnerable/configured software installed. (If you haven't got any VM software,  VMware Player is free and will do the trick)

(Offline) Web based. Most of them you'll need to download, copy and load the files yourself on your own web server (if you haven't already got one,  xampp is great). A few of them are VM images that can be loaded in to Virtual machines as they come with all the software & settings needed.
(Online) Web based. Same as above, however if you don't want the hassle of setting it all up or to be able to do it where ever you have a Internet connection...

War Games (VPN).  These are computer break-in challenge, were you try and compete against other users. They are usually 'ranked' in which you collect points, over multiple levels to make your way onto a 'Hall Of Fame' (Top 10,25,50 or 100 Users). This all takes part on a separate private network, where you have to connect into it each time.
War Games (Web Based).  Same as above, however if you don't want the hassle of connecting every time you can compete using a web browse. 

Forensic.  The idea is to analysis event(s) to see if you can understand what either has been going or or happening currently. Some are complete disk images with scenarios, whereas some are 'single' exercises (e.g. 'Data Carving', 'Memory Dump Analysis' or 'Reserve Engineering').

Mobile Platforms. The same idea the subjects above, however these programs are designed for mobile use on smart phones. The increase of mobile phone usage is on the rise, along with smart phones. As more and more programs are being created for this platform, this makes the possibly of more 'poorly' coded programs and/or higher change of malware. These programs are meant to defend against these program 'defects'. 

Capture The Flag Competitions.  At various events, competitions are run to attack and defend computers and networks. Here is a list of resources which were used. 

Other collections & lists.  Other lists of different types of 'vulnerable' software
Other useful pages on the 'subject'.  'Helpful' information to look at. Worth a read! 




Complete Operating System
Name: Damn Vulnerable Linux
Homepagehttp://www.damnvulnerablelinux.org/
Brief descriptionDamn Vulnerable Linux (DVL) is everything a good Linux distribution isn’t. Its developers have spent hours stuffing it with broken, ill-configured, outdated, and exploitable software that makes it vulnerable to attacks. DVL isn’t built to run on your desktop – it’s a learning tool for security students.
Version/Levels: 1
Support/Walk-throughBrochure


Name: De-ICE
Homepagehttp://heorot.net/livecds/ or  http://www.de-ice.net
Brief descriptionThe PenTest LiveCDs are the creation of Thomas Wilhelm, who was transferred to a penetration test team at the company he worked for. Needing to learn as much about penetration testing as quickly as possible, Thomas began looking for both tools and targets. He found a number of tools, but no usable targets to practice against. Eventually, in an attempt to narrow the learning gap, Thomas created PenTest scenarios using LiveCDs. 
Version/LevelsLevel 1 - Disk 1Level 1 - Disk 2Level 1 - Disk 3 (A & B)  Level 2 - Disk 1
Support/Walk-throughForumsWiki,   Level 1 - Disk 1Level 1 - Disk 2Level 1 - Disk 3Level 2 - Disk 1


Name: Hackademic
Homepagehttp://ghostinthelab.wordpress.com/
Brief descriptionDownload the target and get root.After all, try to read the contents of the file “key.txt” in the root directory.
Version/Levels: 2 ( Box 1Box 2)
Support/Walk-through: N/A


Name: Holynix
Homepagehttp://pynstrom.net/holynix.php
Brief descriptionHolynix is a Linux distribution that was deliberately built to have security holes for the purposes of penetration testing.
Version/Levels: 2
Support/Walk-throughForumSourceForge


Name: Kioptrix
Homepagehttp://www.kioptrix.com
Brief descriptionThis Kioptrix VM Image are easy challenges. The object of the game is to acquire
root access via any means possible (except actually hacking the VM server or player).
The purpose of these games are to learn the basic tools and techniques in vulnerability
assessment and exploitation. There are more ways then one to successfully complete the challenges.
Version/Levels: 3
Support/Walk-throughBlogLevel 1 - mod_sslLevel 2 - InjectionLevel 3


Name: Metasploitable
Homepagehttp://blog.metasploit.com/2010/05/introducing-metasploitable.html
Brief descriptionOne of the questions that we often hear is "What systems can i use to test against?" Based on this, we thought it would be a good idea throw together an exploitable VM that you can use for testing purposes.
Version/Levels: 1
Support/Walk-throughBlogDistCCMySQLPostgreSQLTikiWikiTomCat 


Name: NcN 2011
Homepagehttp://noconname.org
Brief descriptionThis machine has several users, one for each level, so that exploiting the various challenges pose the participant will be changing and increasing user privileges. 
Version/Levels: 6 levels
Support/Walk-throughDownload ( Mirror),  Rules


Name: NETinVM
Homepagehttp://informatica.uv.es/~carlos/docencia/netinvm/#id7
Brief descriptionNETinVM is a single VMware virtual machine image that contains, ready to run, a series ofUser-mode Linux (UML) virtual machines which, when started, conform a whole computer network inside theVMware virtual machine. Hence the name NETinVM, an acronym for NETwork in Virtual Machine. NETinVM has been conceived mainly as an educational tool for teaching and learning about operating systems, computer networks and system and network security, but other uses are certainly possible.
Version/Levels: 3 (2010-12-01)
Support/Walk-throughBlog


Name: pWnOS
Homepagehttp://forums.heorot.net/viewtopic.php?f=21&t=149
Brief descriptionIt's a linux virtual machine intentionally configured with exploitable services to provide you with a path to r00t. :) Currently, the virtual machine NIC is configured in bridged networking, so it will obtain a normal IP address on the network you are connected to. You can easily change this to NAT or Host Only if you desire. A quick ping sweep will show the IP address of the virtual machine. 
Version/Levels: 1
Support/Walk-throughForumsLevel 1


Name: RuCTFE 2010
Homepagehttp://ructf.org/e/2010/
Brief descriptionRuCTFE is a remote challenge in information security 
Version/Levels: 1
Support/Walk-throughNetwork Setup


(File)Name: vulnimage.zip
Homepagehttp://ds.mathematik.uni-marburg.de/~lbaumgaertner/vulnimage.zip
Brief descriptionNameless & No description!!!! 
Version/Levels: 1
Support/Walk-through: N/A



(Offline) Web Based
Name: BadStore
Homepagehttp://www.badstore.net/
Brief descriptionBadstore.net is dedicated to helping you understand how hackers prey on Web application vulnerabilities, and to showing you how to reduce your exposure. Our Badstore demonstration software is designed to show you common hacking techniques. 
Version/Levels: 1 (v1.2)
Support/Walk-throughPDF


Name: BodgeIT
Homepagehttps://code.google.com/p/bodgeit/
Brief descriptionThe BodgeIt Store is a vulnerable web application which is currently aimed at people who are new to pen testing. 
Version/Levels: 1 (v1.3.0)


Name: Damn Vulnerable Web App
Homepagehttp://www.dvwa.co.uk/
Brief descriptionDamn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and aid teachers/students to teach/learn web application security in a class room environment. 
Version/Levels: 1 (v1.0.7)
Support/Walk-throughPDF


Name: HackUS HackFest Web CTF
Homepagehttp://hackus.org/en/media/training/  http://www.h3xstream.com/codeView.jspx?key=4001
Brief descriptionThe Hackfest is an annual event held in Quebec city. For each event, a competition is held where participants competed at solving challenges related to security. For the 2010 edition, I got involved in the competition by creating the web portion of the competition.
Version/Levels: 1 (2010)
Support/Walk-throughBlogSolutionnaire ( English)


Name: Hacme
Homepagehttp://www.mcafee.com/us/downloads/free-tools/index.aspx
Brief descriptionFoundstone Hacme Casino™ is a learning platform for secure software development and is targeted at software developers, application penetration testers, software architects, and anyone with an interest in application security.
Version/Levels: 5 (2006)
Support/Walk-throughBankBookCasinoShippingTravel


Name: Hackxor
Homepagehttp://hackxor.sourceforge.net/cgi-bin/index.pl
Brief descriptionHackxor is a webapp hacking game where players must locate and exploit vulnerabilities to progress through the story. Think WebGoat but with a plot and a focus on realism&difficulty. Contains XSS, CSRF, SQLi, ReDoS, DOR, command injection, etc 
Version/Levels: 1
Support/Walk-throughOnline VersionCryptic spoiler-free hints


Name: LAMPSecurity
Homepagehttp://sourceforge.net/projects/lampsecurity/
Brief descriptionFoundstone Hacme Casino™ is a learning platform for secure software development and is targeted at software developers, application penetration testers, software architects, and anyone with an interest in application security.
Version/Levels: v6 (4x)
Support/Walk-throughSourceForge


Name: Moth
Homepagehttp://www.bonsai-sec.com/en/research/moth.php
Brief descriptionMoth is a VMware image with a set of vulnerable Web Applications and scripts.
Version/Levels: v6  
Support/Walk-throughSourceForge


Name: Mutillidae
Homepagehttp://www.irongeek.com/i.php?page=security/mutillidae-deliberately-vulnerable-php-owasp-top-10
Brief descriptionMutillidae: A Deliberately Vulnerable Set Of PHP Scripts That Implement The OWASP Top 10
Version/Levels: v1.5 
Support/Walk-through: N/A


Name: OWASP Broken Web Applications Project
Homepagehttps://code.google.com/p/owaspbwa/  or https://www.owasp.org/index.php/OWASP_Broken_Web_Applications_Project
Brief descriptionThis project includes applications from various sources (listed in no particular order). 
Intentionally Vulnerable Applications: 
Old Versions of Real Applications: 
  • WordPress 2.0.0 (PHP, released December 31, 2005, downloaded from www.oldapps.com)
  • phpBB 2.0.0 (PHP, released April 4, 2002, downloaded from www.oldapps.com)
  • Yazd version 1.0 (Java, released February 20, 2002)
  • gtd-php version 0.7 (PHP, released September 30, 2006)
  • OrangeHRM version 2.4.2 (PHP, released May 7, 2009)
  • GetBoo version 1.04 (PHP, released April 7, 2008)
Version/Levels: v0.92rc1
Support/Walk-through: N/A


Name: OWASP Hackademic Challenges Project
Homepagehttps://www.owasp.org/index.php/OWASP_Hackademic_Challenges_Project
Brief descriptionThe OWASP Hackademic Challenges Project is an open source project that helps you test your knowledge on web application security. You can use it to actually attack web applications in a realistic but also controlable and safe environment. 
Version/Levels1 (Live Version)
Support/Walk-throughGoogleCode (Download Offline Version)


Name: OWASP Insecure Web App Project
Homepagehttps://www.owasp.org/index.php/Category:OWASP_Insecure_Web_App_Project
Brief descriptionInsecureWebApp is a web application that includes common web application vulnerabilities. It is a target for automated and manual penetration testing, source code analysis, vulnerability assessments and threat modeling. 
Version/Levels: 1
Support/Walk-throughN/A


Name: OWASP Vicnum
Homepagehttp://vicnum.ciphertechs.com/
Brief descriptionA mirror of deliberately insecure applications and old softwares with known vulnerabilities. Used for proof-of-concept /security training/learning purposes. Available in either virtual images or live iso or standalone formats  
Version/Levels: 1.4 (2009)
Support/Walk-throughSourceForge (Download Offline Version)


Name: OWASP WebGoat
Homepagehttp://www.owasp.org/index.php/Category:OWASP_WebGoat_Project
Brief descriptionWebGoat is a deliberately insecure J2EE web application maintained by OWASP designed to teach web application security lessons. In each lesson, users must demonstrate their understanding of a security issue by exploiting a real vulnerability in the WebGoat application.
Version/Levels: 1 
Support/Walk-throughUser GuideGoogleCodeSourceForge


Name: PuzzleMall
Homepagehttps://code.google.com/p/puzzlemall/
Brief descriptionPuzzleMall is a vulnerable web application designed for training purposes.It is prone to a variety of different session puzzle exposures, which can be detected and exploited using different session puzzling sequences. 
Version/Levels: 1
Support/Walk-through: N/A


Name: SecuriBench
Homepagehttp://suif.stanford.edu/~livshits/securibench/
Brief descriptionStanford SecuriBench is a set of open source real-life programs to be used as a testing ground for static and dynamic security tools. Release .91a focuses on Web-based applications written in Java 
Version/LevelsNormalMicro 
Support/Walk-through: N/A


Name: The ButterFly
Homepagehttp://sourceforge.net/projects/thebutterflytmp/
Brief descriptionThe ButterFly project is an educational environment intended to give aninsight into common web application and PHP vulnerabilities. The environment alsoincludes examples demonstrating how such vulnerabilities are mitigated. 
Version/Levels: 1
Support/Walk-through: N/A


Name: UltimateLAMP
Homepagehttp://ronaldbradford.com/blog/ultimatelamp-2006-05-19/
Brief descriptionUltimateLAMP is a fully functional environment allowing you to easily try and evaluate a number of LAMP stack software products without requiring any specific setup or configuration of these products. UltimateLAMP runs as a Virtual Machine with VMware Player (FREE). This demonstration package also enables the recording of all user entered information for later reference, indeed you will find a wealth of information already available within a number of the Product Recommendations starting with the supplied Documentation.
Version/Levels: v0.2
Support/Walk-throughPasswords


Name: Virtual Hacking Lab
Homepagehttp://virtualhacking.sourceforge.net/
Brief descriptionA mirror of deliberately insecure applications and old softwares with known vulnerabilities. Used for proof-of-concept /security training/learning purposes. Available in either virtual images or live iso or standalone formats
Version/Levels: 1
Support/Walk-throughSourceForge


Name: WackoPicko
Homepagehttps://github.com/adamdoupe/WackoPicko
Brief descriptionWackoPicko is a vulnerable web application used to test web application vulnerability scanners.
Version/Levels: 1 
Support/Walk-through: N/A


Name: WAVSEP - Web Application Vulnerability Scanner Evaluation Project
Homepagehttps://code.google.com/p/wavsep/
Brief descriptionA vulnerable web application designed to help assessing the features, quality and accuracy of web application vulnerability scanners.This evaluation platform contains a collection of unique vulnerable web pages that can be used to test the various properties of web application scanners. 
Version/Levels: 1 
Support/Walk-through: N/A





Name: WebMaven/Buggy Bank
Homepagehttp://www.mavensecurity.com/WebMaven/
Brief descriptionWebMaven (better known as Buggy Bank) was an interactive learning environment for web application security. It emulated various security flaws for the user to find. This enabled users to safely & legally practice web application vulnerability assessment techniques. In addition, users could benchmark their security audit tools to ensure they perform as advertised. 
Version/Levels: v1.0.1 
Support/Walk-throughDownload



Name: Web Security Dojo
Homepagehttp://www.mavensecurity.com/web_security_dojo/
Brief descriptionA free open-source self-contained training environment for Web Application Security penetration testing. Tools + Targets = Dojo
Various web application security testing tools and vulnerable web applications were added to a clean install of Ubuntu v10.04.1, which is patched with the appropriate updates and VM additions for easy use.
Version 1.1 includes an exclusive speed-enhanced version of Burp Suite Free. Special thanks to PortSwigger .
Version/Levels: 1
Support/Walk-throughSourceForge



(Online) Web Based 
Name: Biscuit
Homepagehttp://heideri.ch/biscuit/
Brief descriptionGoal: alert(document.cookie) // extract the PHPSESSID, FF3.6 - 4 only!
Version/Levels: 1 
Support/Walk-through: N/A


Name: Gruyere / Jarlsberg
Homepagehttp://google-gruyere.appspot.com/
Brief descriptionThis codelab shows how web application vulnerabilities can be exploited and how to defend against these attacks. The best way to learn things is by doing, so you'll get a chance to do some real penetration testing, actually exploiting a real application
Version/Levels: 1 (v1.0.7)
Support/Walk-throughPDF  Download offline



Name: HackThis
Homepagehttp://www.hackthis.co.uk/
Brief descriptionWelcome to HackThis!!, this site was set up over 2 years ago as a safe place for internet users to learn the art of hacking in a controlled environment, teaching the most common flaws in internet security.
Version/Levels: 32 (40?)
Support/Walk-through: N/A


Name: hACME
Homepagehttp://www.hacmegame.org/hacmegame/main/welcome.html
Brief descriptionhACME game is software security learning game, mainly concerning web applications. The game is intended to help raise awareness and interest in the subject of software security as well as train developers. The purpose of the game is not to train hackers, but to make future software developers aware of how important security is.
Version/Levels: Lots
Support/Walk-through: N/A


Name: Hackxor
Homepagehttp://hackxor.sourceforge.net/cgi-bin/index.pl
Brief descriptionHackxor is a webapp hacking game where players must locate and exploit vulnerabilities to progress through the story. Think WebGoat but with a plot and a focus on realism&difficulty. Contains XSS, CSRF, SQLi, ReDoS, DOR, command injection, etc 
Version/Levels: 1
Support/Walk-throughOnline Versioncryptic spoiler-free hints


Name: OWASP Hackademic Challenges Project
Homepagehttps://www.owasp.org/index.php/OWASP_Hackademic_Challenges_Project
Brief descriptionThe OWASP Hackademic Challenges Project is an open source project that helps you test your knowledge on web application security. You can use it to actually attack web applications in a realistic but also controlable and safe environment. 
Version/Levels1 (Live Version)
Support/Walk-throughGoogleCode (Download Offline Version)


Name: OWASP Vicnum
Homepagehttp://vicnum.ciphertechs.com/
Brief descriptionA mirror of deliberately insecure applications and old softwares with known vulnerabilities. Used for proof-of-concept /security training/learning purposes. Available in either virtual images or live iso or standalone formats  
Version/Levels: 1.4 (2009)
Support/Walk-throughSourceForge (Download Offline Version)


Name: PCTechTips - pwn3d the login form.
Homepagehttp://pctechtips.org/hacker-challenge-pwn3d-the-login-form/
Brief description:   I came up with this pwn3d zit3 login form challenge, to kind of expose one of the many web application vulnerabilities; it consists of a login form which authenticates against a mysql backend database to give authorized access to the members only part of the web site (you must become a member first—>”REGISTER”)
Version/Levels: 1
Support/Walk-through: N/A


Name: XSSMe
Homepagehttp://xssme.html5sec.org/
Brief descriptionFind a way to steal document.cookie w/o user interaction
Version/Levels: 1
Support/Walk-through: N/A


Name: XSS Me!
Homepagehttp://html5sec.org/xssme.php
Brief descriptionXSS ME! (vulnerable param: GET['xss'])
Version/Levels: 1
Support/Walk-through: N/A


Name: Can You XSS This?
Homepagehttp://canyouxssthis.com/HTMLSanitizer/
Brief descriptionXSS ME! (vulnerable param: GET['xss'])
Version/Levels: 1
Support/Walk-through: N/A


Name: Test x5s
Homepagehttp://www.nottrusted.com/x5s/ 
Brief descriptionThis will give you a small working example of how to use x5s to find encoding and transformation issues that can lead to XSS vulnerability.
Version/Levels: 1
Support/Walk-through: N/A


Name: XSS Progphp
Homepagehttp://xss.progphp.com/
Brief descriptionThis site has a number of XSS problems. See if you can find them all.
Version/Levels: 1
Support/Walk-through: N/A


Name: XSS Quiz
Homepagehttp://xss-quiz.int21h.jp
Brief descriptionXSS it.
Version/Levels: Lots
Support/Walk-through: N/A



WarGames (VPN)
Name: Hacking-Lab
Homepagehttp://www.hacking-lab.com/
Brief descriptionThis ist the LiveCD project of Hacking-Lab (www.hacking-lab.com). It gives you OpenVPN access into Hacking-Labs Remote Security Lab. The LiveCD iso image runs very good natively on a host OS, or within a virtual environment (VMware, VirtualBox).
The LiveCD gives you OpenVPN access into Hacking-Lab Remote.You will gain VPN access if both of the two pre-requirements are fulfilled. 
Version/Levels: 1 (v5.30)
Support/Walk-throughDownload


Name: OverTheWire
Homepagehttp://www.overthewire.org/wargames/
Brief descriptionThe wargames offered by the OverTheWire community can help you to learn and practice security concepts in the form of funfilled games. 
Levels: 7
Support/Walk-through: N/A


Name: pwn0
Homepagehttps://pwn0.com/home.php
Brief descriptionJust sign up, connect to the VPN, and start hacking. 
Levels:1
Support/Walk-through: N/A



WarGames (Web Based)
Name: HackThisSite
Homepagehttp://www.hackthissite.org/
Brief descriptionHack This Site is a free, safe and legal training ground for hackers to test and expand their hacking skills. More than just another hacker wargames site, we are a living, breathing community with many active projects in development, with a vast selection of hacking articles and a huge forum where users can discuss hacking, network security, and just about everything. Tune in to the hacker underground and get involved with the project.
Version/Levels: Lots
Support/Walk-through: N/A


Name: Enigma Group - Training Missions
Homepagehttp://www.enigmagroup.org/pages/basics/
Brief descriptionHave you ever wanted to learn how to hack? Are you more of a hands on learner, then one that can learn from just reading out of a book? Are you interested in developing secure code by understanding how a hacker will attack your application? If you answered "yes" to any of these questions, then this site is for you. 
Version/Levels: Lots 
Support/Walk-through: N/A


Name: HellBoundHackers
Homepagehttp://www.hellboundhackers.org/
Brief descriptionThe hands-on approach to computer security.Learn how hackers break in, and how to keep them out.
Levels: Lots
Support/Walk-through: N/A


Name: SmashTheStack
Homepagehttp://www.smashthestack.org
Brief descriptionThe Smash the Stack Wargaming Network hosts several Wargames. A Wargame in our context can be described as an ethical hacking environment that supports the simulation of real world software vulnerability theories or concepts and allows for the legal execution of exploitation techniques. Software can be an Operating System, network protocol, or any userland application. 
Levels: Lots
Support/Walk-through: N/A


Name: Wechall
Homepagehttps://www.wechall.net
Brief descriptionFor the people not familiar with challenge sites, a challenge site is mainly a site focussed on offering computer-related problems. Users can register at such a site and start solving challenges. There exist lots of different challenge types. The most common ones are the following: Cryptographic, Crackit, Steganography, Programming, Logic and Math/Science. The difficulty of these challenges vary as well.
Version/Levels: Lots
Support/Walk-through: N/A


Name: VulnerabilityAssessment
Homepagehttp://www.vulnerabilityassessment.co.uk
Brief descriptionHopefully a valuable information source for Vulnerability Analysts and Penetration Testers alike. 
Version/Levels: Lots
Support/Walk-through: N/A


Name: Net-Force
Homepagehttp://net-force.nl
Brief descriptionN/A
Version/Levels: Lots
Support/Walk-through: N/A


Name: Hack Quest
Homepagehttp://hackquest.com
Brief descriptionThis site offers a unique hack challenge especially for beginners and intermediates.
Version/Levels: Lots
Support/Walk-through: N/A



Forensic
Name: Binary-Auditing
Homepagehttp://www.binary-auditing.com/
Brief descriptionLearn the fundamentals of Binary Auditing. Know how HLL mapping works, get more inner file understanding than ever.
Try to solve brain teasing puzzles with our collection of copy protection games. Increasing difficulty and unseen strange tricks.
Learn how to find and analyse software vulnerability. Dig inside Buffer Overflows and learn how exploits can be prevented.
Start to analyse your first viruses and malware the safe way. Learn about simple tricks and how viruses look like using real life examples.
Version/Levels: Lots
Support/Walk-through: N/A


Name: Digital Forensics Tool Testing Images
Homepagehttp://dftt.sourceforge.net/
Brief descriptionTo fill the gap between extensive tests from NIST and no public tests, I have been developing small test cases. The following are file system and disk images for testing digital (computer) forensic analysis and acquisition tools.
Version/Levels: 14
Support/Walk-through: N/A


Name: Digital Corpora - DiskImages & Scenarios
Homepagehttp://digitalcorpora.org/corpora/disk-images &  http://digitalcorpora.org/corpora/scenarios
Brief description:  We have many sources of disk images available for use in education and research. The easiest disk images to work with are the NPS Test Disk Images.   
Scenarios are collections of multiple disk images, memory dumps, network traffic, and/or data from portable devices.
Version/Levels: 3 + 7
Support/Walk-through: N/A


Name: DFRWS 2011 Forensics Challenge
Homepagehttp://www.dfrws.org/2011/challenge/
Brief descriptionGiven the variety and impending ubiquity of Android devices along with the wide range of crimes that can involve these systems as a source of evidence, the DFRWS has created two scenarios for the forensics challenge in 2011.
Version/Levels: 2
Support/Walk-through: N/A


Name: ForensicKB
Homepagehttp://www.forensickb.com/search/label/Forensic%20Practical
Brief descriptionWe have many sources of disk images available for use in education and research. The easiest disk images to work with are the NPS Test Disk Images. 
Version/LevelsLevel 1Level 2Level 3Level 4
Support/Walk-throughLevel 1 - Solution


Name: Honeynet Project Challenges
Homepagehttps://www.honeynet.org/challenges
Brief descriptionThe purpose of Honeynet Challenges is to take this learning one step farther. Instead of having the Honeynet Project analyze attacks and share their findings, Challenges give the security community the opportunity to analyze these attacks and share their findings. The end results is not only do individuals and organizations learn about threats, but how to learn and analyze them. Even better, individuals can see the write-ups from other individuals, learning new tools and technique for analyzing attacks. Best of all, these attacks are from the wild, real hacks.
Version/Levels: 8
Support/Walk-through: N/A


Name: SecuraLabs Challenge
Homepagehttp://www.securabit.com/
Brief descriptionPart 1 - What is the name of exploit kit being used in this pcap (not the verison, you may include the entire string on that line)?
Part 2 - the decryption key will be the main name of the exploit kit all in lower case without spaces, and without the version or anything else on that line in the file.
Part 3 - Submit a working key and serial. 
Version/Levels: Two ( OneTwo)
Support/Walk-through: N/A



Mobile Platforms
Name: ExploitMe
Homepagehttp://labs.securitycompass.com/tools/new-mobile-security-course-and-exploitme-mobile/
Brief descriptionIf your organization is working with mobile applications this course is a fantastic primer on how mobile apps can be hacked, and how your teams can defend against these software defects. 
Version/LevelsOne
Support/Walk-throughAndroidiPhone
Capture The Flag Competitions
Name: CSAW (Cyber Security Awareness Week) CTF
Homepagehttp://www.poly.edu/csaw2011
Brief description: N/A
Version/Levels2011
Support/Walk-through: N/A


Name: CodeGate 2011
Homepagehttp://www.codegate.org/Eng/
Brief description: N/A
Version/Levels2011
Support/Walk-throughWrite up


Name: Defcon 19
Homepagehttps://www.defcon.org
Brief description: N/A
Version/Levels2011
Support/Walk-through: N/A


Name: Hacklu
Homepagehttp://2011.hack.lu/index.php/Main_Page
Brief description: N/A
Version/Levels2011
Support/Walk-throughWrite Up


Name: ISEC CTF WarFare
Homepagehttp://isec2011.wowhacker.com
Brief description: N/A
Version/Levels2011
Support/Walk-through: N/A


Name: Plaid CTF
Homepagehttp://www.plaidctf.com
Brief description: N/A
Version/Levels2011
Support/Walk-throughWrite Ups



Name: RSSIL
Homepagehttp://www.rssil.org
Brief description: N/A
Version/Levels2011
Support/Walk-throughWrite Up

Name: Insomni'hack 2k11
Homepagehttps://blog.fortinet.com/insomnihack-2011/
Brief description: N/A
Version/Levels2011
Support/Walk-through: N/A



Other collections & lists
Practice Labs at Hacking Cisco -  http://packetlife.net/blog/2011/apr/15/practice-labs-hacking-cisco/

Vulnerable Web Applications for learning -  https://securitythoughts.wordpress.com/2010/03/22/vulnerable-web-applications-for-learning/

Pentesting Vulnerable Study Frameworks Complete List -  http://www.felipemartins.info/2011/05/pentesting-vulnerable-study-frameworks-complete-list/

RSnake's Vulnerability Lab -  http://ha.ckers.org/weird/ 

Pentest lab vulnerable servers-applications list -  http://bailey.st/blog/2010/09/14/pentest-lab-vulnerable-servers-applications-list/




Other useful pages on the 'subject'
Blindly Installing VMs and Using Live CDs -  http://www.digininja.org/blog/untrusted_vms.php

How to set up a penetration testing lab -  http://www.metasploit.com/learn-more/how-do-i-use-it/test-lab.jsp

Run your LiveCD directly on Windows -  http://mobalivecd.mobatek.net/en/

 Capture The Flag Daemon -  http://sourceforge.net/projects/ctfd/


2011-03-13

Vulnerable by Design

Pentest lab. "Hacker" training. Deliberately insecure applications challenge thingys.
Call it what you will, but what happens when you want to try out your new set of skills? Do you want to be compare results from a tool when it's used in different environments? What if you want to explore a system  (that is legal to do so!) that you have no knowledge about  (because you didn't set it up!)...
If any of that sounds helpful, below is a small collection of different environments, so if you want to go from "boot to root", "capture the flag" or just to dig around as much as you want to try out the odd thing here and there. These will allow you to do so and without getting in trouble for doing it!

The idea isn't to cheat, the aim is to learn a thing or two ;)

I'm sure there are a lot more out there, if you want to recommend any others - please so do! =)

'Complete' Operating System. The idea of going from boot to root via any which way you can. Most of them have multiple entry points (some are easier than others) so you can keep using it ;)  They are all Linux OS (either in ISO or VM form) with vulnerable/configured software installed. (If you haven't got any VM software,  VMware Player is free and will do the trick)

(Offline) Web based. Most of them you'll need to download, copy and load the files yourself on your own web server (if you haven't already got one,  xampp is great). A few of them are VM images that can be loaded in to Virtual machines as they come with all the software & settings needed.
(Online) Web based. Same as above, however if you don't want the hassle of setting it all up or to be able to do it where ever you have a Internet connection...

War Games (VPN).  These are computer break-in challenge, were you try and compete against other users. They are usually 'ranked' in which you collect points, over multiple levels to make your way onto a 'Hall Of Fame' (Top 10,25,50 or 100 Users). This all takes part on a separate private network, where you have to connect into it each time.
War Games (Web Based).  Same as above, however if you don't want the hassle of connecting every time you can compete using a web browse. 

Forensic.  The idea is to analysis event(s) to see if you can understand what either has been going or or happening currently. Some are complete disk images with scenarios, whereas some are 'single' exercises (e.g. 'Data Carving', 'Memory Dump Analysis' or 'Reserve Engineering').

Mobile Platforms. The same idea the subjects above, however these programs are designed for mobile use on smart phones. The increase of mobile phone usage is on the rise, along with smart phones. As more and more programs are being created for this platform, this makes the possibly of more 'poorly' coded programs and/or higher change of malware. These programs are meant to defend against these program 'defects'. 

Capture The Flag Competitions.  At various events, competitions are run to attack and defend computers and networks. Here is a list of resources which were used. 

Other collections & lists.  Other lists of different types of 'vulnerable' software
Other useful pages on the 'subject'.  'Helpful' information to look at. Worth a read! 




Complete Operating System
Name: Damn Vulnerable Linux
Homepagehttp://www.damnvulnerablelinux.org/
Brief descriptionDamn Vulnerable Linux (DVL) is everything a good Linux distribution isn’t. Its developers have spent hours stuffing it with broken, ill-configured, outdated, and exploitable software that makes it vulnerable to attacks. DVL isn’t built to run on your desktop – it’s a learning tool for security students.
Version/Levels: 1
Support/Walk-throughBrochure


Name: De-ICE
Homepagehttp://heorot.net/livecds/ or  http://www.de-ice.net
Brief descriptionThe PenTest LiveCDs are the creation of Thomas Wilhelm, who was transferred to a penetration test team at the company he worked for. Needing to learn as much about penetration testing as quickly as possible, Thomas began looking for both tools and targets. He found a number of tools, but no usable targets to practice against. Eventually, in an attempt to narrow the learning gap, Thomas created PenTest scenarios using LiveCDs. 
Version/LevelsLevel 1 - Disk 1Level 1 - Disk 2Level 1 - Disk 3 (A & B)  Level 2 - Disk 1
Support/Walk-throughForumsWiki,   Level 1 - Disk 1Level 1 - Disk 2Level 1 - Disk 3Level 2 - Disk 1


Name: Hackademic
Homepagehttp://ghostinthelab.wordpress.com/
Brief descriptionDownload the target and get root.After all, try to read the contents of the file “key.txt” in the root directory.
Version/Levels: 2 ( Box 1Box 2)
Support/Walk-through: N/A


Name: Holynix
Homepagehttp://pynstrom.net/holynix.php
Brief descriptionHolynix is a Linux distribution that was deliberately built to have security holes for the purposes of penetration testing.
Version/Levels: 2
Support/Walk-throughForumSourceForge


Name: Kioptrix
Homepagehttp://www.kioptrix.com
Brief descriptionThis Kioptrix VM Image are easy challenges. The object of the game is to acquire
root access via any means possible (except actually hacking the VM server or player).
The purpose of these games are to learn the basic tools and techniques in vulnerability
assessment and exploitation. There are more ways then one to successfully complete the challenges.
Version/Levels: 3
Support/Walk-throughBlogLevel 1 - mod_sslLevel 2 - InjectionLevel 3


Name: Metasploitable
Homepagehttp://blog.metasploit.com/2010/05/introducing-metasploitable.html
Brief descriptionOne of the questions that we often hear is "What systems can i use to test against?" Based on this, we thought it would be a good idea throw together an exploitable VM that you can use for testing purposes.
Version/Levels: 1
Support/Walk-throughBlogDistCCMySQLPostgreSQLTikiWikiTomCat 


Name: NcN 2011
Homepagehttp://noconname.org
Brief descriptionThis machine has several users, one for each level, so that exploiting the various challenges pose the participant will be changing and increasing user privileges. 
Version/Levels: 6 levels
Support/Walk-throughDownload ( Mirror),  Rules


Name: NETinVM
Homepagehttp://informatica.uv.es/~carlos/docencia/netinvm/#id7
Brief descriptionNETinVM is a single VMware virtual machine image that contains, ready to run, a series ofUser-mode Linux (UML) virtual machines which, when started, conform a whole computer network inside theVMware virtual machine. Hence the name NETinVM, an acronym for NETwork in Virtual Machine. NETinVM has been conceived mainly as an educational tool for teaching and learning about operating systems, computer networks and system and network security, but other uses are certainly possible.
Version/Levels: 3 (2010-12-01)
Support/Walk-throughBlog


Name: pWnOS
Homepagehttp://forums.heorot.net/viewtopic.php?f=21&t=149
Brief descriptionIt's a linux virtual machine intentionally configured with exploitable services to provide you with a path to r00t. :) Currently, the virtual machine NIC is configured in bridged networking, so it will obtain a normal IP address on the network you are connected to. You can easily change this to NAT or Host Only if you desire. A quick ping sweep will show the IP address of the virtual machine. 
Version/Levels: 1
Support/Walk-throughForumsLevel 1


Name: RuCTFE 2010
Homepagehttp://ructf.org/e/2010/
Brief descriptionRuCTFE is a remote challenge in information security 
Version/Levels: 1
Support/Walk-throughNetwork Setup


(File)Name: vulnimage.zip
Homepagehttp://ds.mathematik.uni-marburg.de/~lbaumgaertner/vulnimage.zip
Brief descriptionNameless & No description!!!! 
Version/Levels: 1
Support/Walk-through: N/A



(Offline) Web Based
Name: BadStore
Homepagehttp://www.badstore.net/
Brief descriptionBadstore.net is dedicated to helping you understand how hackers prey on Web application vulnerabilities, and to showing you how to reduce your exposure. Our Badstore demonstration software is designed to show you common hacking techniques. 
Version/Levels: 1 (v1.2)
Support/Walk-throughPDF


Name: BodgeIT
Homepagehttps://code.google.com/p/bodgeit/
Brief descriptionThe BodgeIt Store is a vulnerable web application which is currently aimed at people who are new to pen testing. 
Version/Levels: 1 (v1.3.0)


Name: Damn Vulnerable Web App
Homepagehttp://www.dvwa.co.uk/
Brief descriptionDamn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, help web developers better understand the processes of securing web applications and aid teachers/students to teach/learn web application security in a class room environment. 
Version/Levels: 1 (v1.0.7)
Support/Walk-throughPDF


Name: HackUS HackFest Web CTF
Homepagehttp://hackus.org/en/media/training/  http://www.h3xstream.com/codeView.jspx?key=4001
Brief descriptionThe Hackfest is an annual event held in Quebec city. For each event, a competition is held where participants competed at solving challenges related to security. For the 2010 edition, I got involved in the competition by creating the web portion of the competition.
Version/Levels: 1 (2010)
Support/Walk-throughBlogSolutionnaire ( English)


Name: Hacme
Homepagehttp://www.mcafee.com/us/downloads/free-tools/index.aspx
Brief descriptionFoundstone Hacme Casino™ is a learning platform for secure software development and is targeted at software developers, application penetration testers, software architects, and anyone with an interest in application security.
Version/Levels: 5 (2006)
Support/Walk-throughBankBookCasinoShippingTravel


Name: Hackxor
Homepagehttp://hackxor.sourceforge.net/cgi-bin/index.pl
Brief descriptionHackxor is a webapp hacking game where players must locate and exploit vulnerabilities to progress through the story. Think WebGoat but with a plot and a focus on realism&difficulty. Contains XSS, CSRF, SQLi, ReDoS, DOR, command injection, etc 
Version/Levels: 1
Support/Walk-throughOnline VersionCryptic spoiler-free hints


Name: LAMPSecurity
Homepagehttp://sourceforge.net/projects/lampsecurity/
Brief descriptionFoundstone Hacme Casino™ is a learning platform for secure software development and is targeted at software developers, application penetration testers, software architects, and anyone with an interest in application security.
Version/Levels: v6 (4x)
Support/Walk-throughSourceForge


Name: Moth
Homepagehttp://www.bonsai-sec.com/en/research/moth.php
Brief descriptionMoth is a VMware image with a set of vulnerable Web Applications and scripts.
Version/Levels: v6  
Support/Walk-throughSourceForge


Name: Mutillidae
Homepagehttp://www.irongeek.com/i.php?page=security/mutillidae-deliberately-vulnerable-php-owasp-top-10
Brief descriptionMutillidae: A Deliberately Vulnerable Set Of PHP Scripts That Implement The OWASP Top 10
Version/Levels: v1.5 
Support/Walk-through: N/A


Name: OWASP Broken Web Applications Project
Homepagehttps://code.google.com/p/owaspbwa/  or https://www.owasp.org/index.php/OWASP_Broken_Web_Applications_Project
Brief descriptionThis project includes applications from various sources (listed in no particular order). 
Intentionally Vulnerable Applications: 
Old Versions of Real Applications: 
  • WordPress 2.0.0 (PHP, released December 31, 2005, downloaded from www.oldapps.com)
  • phpBB 2.0.0 (PHP, released April 4, 2002, downloaded from www.oldapps.com)
  • Yazd version 1.0 (Java, released February 20, 2002)
  • gtd-php version 0.7 (PHP, released September 30, 2006)
  • OrangeHRM version 2.4.2 (PHP, released May 7, 2009)
  • GetBoo version 1.04 (PHP, released April 7, 2008)
Version/Levels: v0.92rc1
Support/Walk-through: N/A


Name: OWASP Hackademic Challenges Project
Homepagehttps://www.owasp.org/index.php/OWASP_Hackademic_Challenges_Project
Brief descriptionThe OWASP Hackademic Challenges Project is an open source project that helps you test your knowledge on web application security. You can use it to actually attack web applications in a realistic but also controlable and safe environment. 
Version/Levels1 (Live Version)
Support/Walk-throughGoogleCode (Download Offline Version)


Name: OWASP Insecure Web App Project
Homepagehttps://www.owasp.org/index.php/Category:OWASP_Insecure_Web_App_Project
Brief descriptionInsecureWebApp is a web application that includes common web application vulnerabilities. It is a target for automated and manual penetration testing, source code analysis, vulnerability assessments and threat modeling. 
Version/Levels: 1
Support/Walk-throughN/A


Name: OWASP Vicnum
Homepagehttp://vicnum.ciphertechs.com/
Brief descriptionA mirror of deliberately insecure applications and old softwares with known vulnerabilities. Used for proof-of-concept /security training/learning purposes. Available in either virtual images or live iso or standalone formats  
Version/Levels: 1.4 (2009)
Support/Walk-throughSourceForge (Download Offline Version)


Name: OWASP WebGoat
Homepagehttp://www.owasp.org/index.php/Category:OWASP_WebGoat_Project
Brief descriptionWebGoat is a deliberately insecure J2EE web application maintained by OWASP designed to teach web application security lessons. In each lesson, users must demonstrate their understanding of a security issue by exploiting a real vulnerability in the WebGoat application.
Version/Levels: 1 
Support/Walk-throughUser GuideGoogleCodeSourceForge


Name: PuzzleMall
Homepagehttps://code.google.com/p/puzzlemall/
Brief descriptionPuzzleMall is a vulnerable web application designed for training purposes.It is prone to a variety of different session puzzle exposures, which can be detected and exploited using different session puzzling sequences. 
Version/Levels: 1
Support/Walk-through: N/A


Name: SecuriBench
Homepagehttp://suif.stanford.edu/~livshits/securibench/
Brief descriptionStanford SecuriBench is a set of open source real-life programs to be used as a testing ground for static and dynamic security tools. Release .91a focuses on Web-based applications written in Java 
Version/LevelsNormalMicro 
Support/Walk-through: N/A


Name: The ButterFly
Homepagehttp://sourceforge.net/projects/thebutterflytmp/
Brief descriptionThe ButterFly project is an educational environment intended to give aninsight into common web application and PHP vulnerabilities. The environment alsoincludes examples demonstrating how such vulnerabilities are mitigated. 
Version/Levels: 1
Support/Walk-through: N/A


Name: UltimateLAMP
Homepagehttp://ronaldbradford.com/blog/ultimatelamp-2006-05-19/
Brief descriptionUltimateLAMP is a fully functional environment allowing you to easily try and evaluate a number of LAMP stack software products without requiring any specific setup or configuration of these products. UltimateLAMP runs as a Virtual Machine with VMware Player (FREE). This demonstration package also enables the recording of all user entered information for later reference, indeed you will find a wealth of information already available within a number of the Product Recommendations starting with the supplied Documentation.
Version/Levels: v0.2
Support/Walk-throughPasswords


Name: Virtual Hacking Lab
Homepagehttp://virtualhacking.sourceforge.net/
Brief descriptionA mirror of deliberately insecure applications and old softwares with known vulnerabilities. Used for proof-of-concept /security training/learning purposes. Available in either virtual images or live iso or standalone formats
Version/Levels: 1
Support/Walk-throughSourceForge


Name: WackoPicko
Homepagehttps://github.com/adamdoupe/WackoPicko
Brief descriptionWackoPicko is a vulnerable web application used to test web application vulnerability scanners.
Version/Levels: 1 
Support/Walk-through: N/A


Name: WAVSEP - Web Application Vulnerability Scanner Evaluation Project
Homepagehttps://code.google.com/p/wavsep/
Brief descriptionA vulnerable web application designed to help assessing the features, quality and accuracy of web application vulnerability scanners.This evaluation platform contains a collection of unique vulnerable web pages that can be used to test the various properties of web application scanners. 
Version/Levels: 1 
Support/Walk-through: N/A





Name: WebMaven/Buggy Bank
Homepagehttp://www.mavensecurity.com/WebMaven/
Brief descriptionWebMaven (better known as Buggy Bank) was an interactive learning environment for web application security. It emulated various security flaws for the user to find. This enabled users to safely & legally practice web application vulnerability assessment techniques. In addition, users could benchmark their security audit tools to ensure they perform as advertised. 
Version/Levels: v1.0.1 
Support/Walk-throughDownload



Name: Web Security Dojo
Homepagehttp://www.mavensecurity.com/web_security_dojo/
Brief descriptionA free open-source self-contained training environment for Web Application Security penetration testing. Tools + Targets = Dojo
Various web application security testing tools and vulnerable web applications were added to a clean install of Ubuntu v10.04.1, which is patched with the appropriate updates and VM additions for easy use.
Version 1.1 includes an exclusive speed-enhanced version of Burp Suite Free. Special thanks to PortSwigger .
Version/Levels: 1
Support/Walk-throughSourceForge



(Online) Web Based 
Name: Biscuit
Homepagehttp://heideri.ch/biscuit/
Brief descriptionGoal: alert(document.cookie) // extract the PHPSESSID, FF3.6 - 4 only!
Version/Levels: 1 
Support/Walk-through: N/A


Name: Gruyere / Jarlsberg
Homepagehttp://google-gruyere.appspot.com/
Brief descriptionThis codelab shows how web application vulnerabilities can be exploited and how to defend against these attacks. The best way to learn things is by doing, so you'll get a chance to do some real penetration testing, actually exploiting a real application
Version/Levels: 1 (v1.0.7)
Support/Walk-throughPDF  Download offline



Name: HackThis
Homepagehttp://www.hackthis.co.uk/
Brief descriptionWelcome to HackThis!!, this site was set up over 2 years ago as a safe place for internet users to learn the art of hacking in a controlled environment, teaching the most common flaws in internet security.
Version/Levels: 32 (40?)
Support/Walk-through: N/A


Name: hACME
Homepagehttp://www.hacmegame.org/hacmegame/main/welcome.html
Brief descriptionhACME game is software security learning game, mainly concerning web applications. The game is intended to help raise awareness and interest in the subject of software security as well as train developers. The purpose of the game is not to train hackers, but to make future software developers aware of how important security is.
Version/Levels: Lots
Support/Walk-through: N/A


Name: Hackxor
Homepagehttp://hackxor.sourceforge.net/cgi-bin/index.pl
Brief descriptionHackxor is a webapp hacking game where players must locate and exploit vulnerabilities to progress through the story. Think WebGoat but with a plot and a focus on realism&difficulty. Contains XSS, CSRF, SQLi, ReDoS, DOR, command injection, etc 
Version/Levels: 1
Support/Walk-throughOnline Versioncryptic spoiler-free hints


Name: OWASP Hackademic Challenges Project
Homepagehttps://www.owasp.org/index.php/OWASP_Hackademic_Challenges_Project
Brief descriptionThe OWASP Hackademic Challenges Project is an open source project that helps you test your knowledge on web application security. You can use it to actually attack web applications in a realistic but also controlable and safe environment. 
Version/Levels1 (Live Version)
Support/Walk-throughGoogleCode (Download Offline Version)


Name: OWASP Vicnum
Homepagehttp://vicnum.ciphertechs.com/
Brief descriptionA mirror of deliberately insecure applications and old softwares with known vulnerabilities. Used for proof-of-concept /security training/learning purposes. Available in either virtual images or live iso or standalone formats  
Version/Levels: 1.4 (2009)
Support/Walk-throughSourceForge (Download Offline Version)


Name: PCTechTips - pwn3d the login form.
Homepagehttp://pctechtips.org/hacker-challenge-pwn3d-the-login-form/
Brief description:   I came up with this pwn3d zit3 login form challenge, to kind of expose one of the many web application vulnerabilities; it consists of a login form which authenticates against a mysql backend database to give authorized access to the members only part of the web site (you must become a member first—>”REGISTER”)
Version/Levels: 1
Support/Walk-through: N/A


Name: XSSMe
Homepagehttp://xssme.html5sec.org/
Brief descriptionFind a way to steal document.cookie w/o user interaction
Version/Levels: 1
Support/Walk-through: N/A


Name: XSS Me!
Homepagehttp://html5sec.org/xssme.php
Brief descriptionXSS ME! (vulnerable param: GET['xss'])
Version/Levels: 1
Support/Walk-through: N/A


Name: Can You XSS This?
Homepagehttp://canyouxssthis.com/HTMLSanitizer/
Brief descriptionXSS ME! (vulnerable param: GET['xss'])
Version/Levels: 1
Support/Walk-through: N/A


Name: Test x5s
Homepagehttp://www.nottrusted.com/x5s/ 
Brief descriptionThis will give you a small working example of how to use x5s to find encoding and transformation issues that can lead to XSS vulnerability.
Version/Levels: 1
Support/Walk-through: N/A


Name: XSS Progphp
Homepagehttp://xss.progphp.com/
Brief descriptionThis site has a number of XSS problems. See if you can find them all.
Version/Levels: 1
Support/Walk-through: N/A


Name: XSS Quiz
Homepagehttp://xss-quiz.int21h.jp
Brief descriptionXSS it.
Version/Levels: Lots
Support/Walk-through: N/A



WarGames (VPN)
Name: Hacking-Lab
Homepagehttp://www.hacking-lab.com/
Brief descriptionThis ist the LiveCD project of Hacking-Lab (www.hacking-lab.com). It gives you OpenVPN access into Hacking-Labs Remote Security Lab. The LiveCD iso image runs very good natively on a host OS, or within a virtual environment (VMware, VirtualBox).
The LiveCD gives you OpenVPN access into Hacking-Lab Remote.You will gain VPN access if both of the two pre-requirements are fulfilled. 
Version/Levels: 1 (v5.30)
Support/Walk-throughDownload


Name: OverTheWire
Homepagehttp://www.overthewire.org/wargames/
Brief descriptionThe wargames offered by the OverTheWire community can help you to learn and practice security concepts in the form of funfilled games. 
Levels: 7
Support/Walk-through: N/A


Name: pwn0
Homepagehttps://pwn0.com/home.php
Brief descriptionJust sign up, connect to the VPN, and start hacking. 
Levels:1
Support/Walk-through: N/A



WarGames (Web Based)
Name: HackThisSite
Homepagehttp://www.hackthissite.org/
Brief descriptionHack This Site is a free, safe and legal training ground for hackers to test and expand their hacking skills. More than just another hacker wargames site, we are a living, breathing community with many active projects in development, with a vast selection of hacking articles and a huge forum where users can discuss hacking, network security, and just about everything. Tune in to the hacker underground and get involved with the project.
Version/Levels: Lots
Support/Walk-through: N/A


Name: Enigma Group - Training Missions
Homepagehttp://www.enigmagroup.org/pages/basics/
Brief descriptionHave you ever wanted to learn how to hack? Are you more of a hands on learner, then one that can learn from just reading out of a book? Are you interested in developing secure code by understanding how a hacker will attack your application? If you answered "yes" to any of these questions, then this site is for you. 
Version/Levels: Lots 
Support/Walk-through: N/A


Name: HellBoundHackers
Homepagehttp://www.hellboundhackers.org/
Brief descriptionThe hands-on approach to computer security.Learn how hackers break in, and how to keep them out.
Levels: Lots
Support/Walk-through: N/A


Name: SmashTheStack
Homepagehttp://www.smashthestack.org
Brief descriptionThe Smash the Stack Wargaming Network hosts several Wargames. A Wargame in our context can be described as an ethical hacking environment that supports the simulation of real world software vulnerability theories or concepts and allows for the legal execution of exploitation techniques. Software can be an Operating System, network protocol, or any userland application. 
Levels: Lots
Support/Walk-through: N/A


Name: Wechall
Homepagehttps://www.wechall.net
Brief descriptionFor the people not familiar with challenge sites, a challenge site is mainly a site focussed on offering computer-related problems. Users can register at such a site and start solving challenges. There exist lots of different challenge types. The most common ones are the following: Cryptographic, Crackit, Steganography, Programming, Logic and Math/Science. The difficulty of these challenges vary as well.
Version/Levels: Lots
Support/Walk-through: N/A


Name: VulnerabilityAssessment
Homepagehttp://www.vulnerabilityassessment.co.uk
Brief descriptionHopefully a valuable information source for Vulnerability Analysts and Penetration Testers alike. 
Version/Levels: Lots
Support/Walk-through: N/A


Name: Net-Force
Homepagehttp://net-force.nl
Brief descriptionN/A
Version/Levels: Lots
Support/Walk-through: N/A


Name: Hack Quest
Homepagehttp://hackquest.com
Brief descriptionThis site offers a unique hack challenge especially for beginners and intermediates.
Version/Levels: Lots
Support/Walk-through: N/A



Forensic
Name: Binary-Auditing
Homepagehttp://www.binary-auditing.com/
Brief descriptionLearn the fundamentals of Binary Auditing. Know how HLL mapping works, get more inner file understanding than ever.
Try to solve brain teasing puzzles with our collection of copy protection games. Increasing difficulty and unseen strange tricks.
Learn how to find and analyse software vulnerability. Dig inside Buffer Overflows and learn how exploits can be prevented.
Start to analyse your first viruses and malware the safe way. Learn about simple tricks and how viruses look like using real life examples.
Version/Levels: Lots
Support/Walk-through: N/A


Name: Digital Forensics Tool Testing Images
Homepagehttp://dftt.sourceforge.net/
Brief descriptionTo fill the gap between extensive tests from NIST and no public tests, I have been developing small test cases. The following are file system and disk images for testing digital (computer) forensic analysis and acquisition tools.
Version/Levels: 14
Support/Walk-through: N/A


Name: Digital Corpora - DiskImages & Scenarios
Homepagehttp://digitalcorpora.org/corpora/disk-images &  http://digitalcorpora.org/corpora/scenarios
Brief description:  We have many sources of disk images available for use in education and research. The easiest disk images to work with are the NPS Test Disk Images.   
Scenarios are collections of multiple disk images, memory dumps, network traffic, and/or data from portable devices.
Version/Levels: 3 + 7
Support/Walk-through: N/A


Name: DFRWS 2011 Forensics Challenge
Homepagehttp://www.dfrws.org/2011/challenge/
Brief descriptionGiven the variety and impending ubiquity of Android devices along with the wide range of crimes that can involve these systems as a source of evidence, the DFRWS has created two scenarios for the forensics challenge in 2011.
Version/Levels: 2
Support/Walk-through: N/A


Name: ForensicKB
Homepagehttp://www.forensickb.com/search/label/Forensic%20Practical
Brief descriptionWe have many sources of disk images available for use in education and research. The easiest disk images to work with are the NPS Test Disk Images. 
Version/LevelsLevel 1Level 2Level 3Level 4
Support/Walk-throughLevel 1 - Solution


Name: Honeynet Project Challenges
Homepagehttps://www.honeynet.org/challenges
Brief descriptionThe purpose of Honeynet Challenges is to take this learning one step farther. Instead of having the Honeynet Project analyze attacks and share their findings, Challenges give the security community the opportunity to analyze these attacks and share their findings. The end results is not only do individuals and organizations learn about threats, but how to learn and analyze them. Even better, individuals can see the write-ups from other individuals, learning new tools and technique for analyzing attacks. Best of all, these attacks are from the wild, real hacks.
Version/Levels: 8
Support/Walk-through: N/A


Name: SecuraLabs Challenge
Homepagehttp://www.securabit.com/
Brief descriptionPart 1 - What is the name of exploit kit being used in this pcap (not the verison, you may include the entire string on that line)?
Part 2 - the decryption key will be the main name of the exploit kit all in lower case without spaces, and without the version or anything else on that line in the file.
Part 3 - Submit a working key and serial. 
Version/Levels: Two ( OneTwo)
Support/Walk-through: N/A



Mobile Platforms
Name: ExploitMe
Homepagehttp://labs.securitycompass.com/tools/new-mobile-security-course-and-exploitme-mobile/
Brief descriptionIf your organization is working with mobile applications this course is a fantastic primer on how mobile apps can be hacked, and how your teams can defend against these software defects. 
Version/LevelsOne
Support/Walk-throughAndroidiPhone
Capture The Flag Competitions
Name: CSAW (Cyber Security Awareness Week) CTF
Homepagehttp://www.poly.edu/csaw2011
Brief description: N/A
Version/Levels2011
Support/Walk-through: N/A


Name: CodeGate 2011
Homepagehttp://www.codegate.org/Eng/
Brief description: N/A
Version/Levels2011
Support/Walk-throughWrite up


Name: Defcon 19
Homepagehttps://www.defcon.org
Brief description: N/A
Version/Levels2011
Support/Walk-through: N/A


Name: Hacklu
Homepagehttp://2011.hack.lu/index.php/Main_Page
Brief description: N/A
Version/Levels2011
Support/Walk-throughWrite Up


Name: ISEC CTF WarFare
Homepagehttp://isec2011.wowhacker.com
Brief description: N/A
Version/Levels2011
Support/Walk-through: N/A


Name: Plaid CTF
Homepagehttp://www.plaidctf.com
Brief description: N/A
Version/Levels2011
Support/Walk-throughWrite Ups



Name: RSSIL
Homepagehttp://www.rssil.org
Brief description: N/A
Version/Levels2011
Support/Walk-throughWrite Up

Name: Insomni'hack 2k11
Homepagehttps://blog.fortinet.com/insomnihack-2011/
Brief description: N/A
Version/Levels2011
Support/Walk-through: N/A



Other collections & lists
Practice Labs at Hacking Cisco -  http://packetlife.net/blog/2011/apr/15/practice-labs-hacking-cisco/

Vulnerable Web Applications for learning -  https://securitythoughts.wordpress.com/2010/03/22/vulnerable-web-applications-for-learning/

Pentesting Vulnerable Study Frameworks Complete List -  http://www.felipemartins.info/2011/05/pentesting-vulnerable-study-frameworks-complete-list/

RSnake's Vulnerability Lab -  http://ha.ckers.org/weird/ 

Pentest lab vulnerable servers-applications list -  http://bailey.st/blog/2010/09/14/pentest-lab-vulnerable-servers-applications-list/




Other useful pages on the 'subject'
Blindly Installing VMs and Using Live CDs -  http://www.digininja.org/blog/untrusted_vms.php

How to set up a penetration testing lab -  http://www.metasploit.com/learn-more/how-do-i-use-it/test-lab.jsp

Run your LiveCD directly on Windows -  http://mobalivecd.mobatek.net/en/

 Capture The Flag Daemon -  http://sourceforge.net/projects/ctfd/


whyrun
关注
bodgeit:BodgeIt Store是一个易受攻击的Web应用程序,当前针对的是笔测试新手
05-01
BodgeIt Store是一个易受攻击的Web应用程序,当前针对的是笔测试新手。 请注意,BodgeIt商店已不再使用 强烈建议您改用! 请注意,BodgeIt Store现在可以作为Docker映像使用: ://hub.docker.com/r/psiinon/bodgeit/ 它的一些特性和特征: 易于安装-仅需要Java和servlet引擎,例如Tomcat 自我包含(除了上面一行中的2之外,没有其他依赖项) 易于即时更改-所有功能都在JSP中实现,因此不需要IDE 跨平台 开源的 无需安装和配置单独的数据库-它使用在启动时自动(重新)初始化的“内存中”数据库 您需要做的就是下载并打开zip文件,然后将war文件解压缩到您喜欢的servlet引擎的webapps目录中。 然后将您的浏览器指向(例如) 您可能会发现使用笔测试工具查找漏洞更容易。 如果您没有喜欢的
渗透测试攻防练习实验室 (资源分享,国外在线教程)
热门推荐
关注互联网安全的小虾米一枚
07-26 2万+
Vulnerable Web Applications Vulnerable Web Applications BadStore http://www.badstore.net/ BodgeIt Store http://code.google.com/p/bodgeit/ Butterfly Security Project ht
JavaVulnerableLab 项目教程
最新发布
gitblog_01050的博客
09-02 663
JavaVulnerableLab 项目教程 JavaVulnerableLabVulnerable Java based Web Application项目地址:https://gitcode.com/gh_mirrors/ja/JavaVulnerableLab 1、项目介绍 JavaVulnerableLab 是一个基于 Java 的易受攻击的 Web 应用程序,由 Cyber Secur...
Kali(Docker)之 BodgeIt 靶场实战
single_g_l的博客
01-06 4463
目录 一、进入BodgeIt 主页面 1、启动BodgeIt 靶场 2、查看dockerfile文件,根据提示执行命令 3、访问http://127.0.0.1:8080/bodgeit 进入bodgelt 页面 二、BodgeIt实战----- 1、利用注入漏洞万能密码登录账号 2、XSS漏洞(反射型XSS和存储型XSS) 3、越权漏洞 4、CSRF漏洞 一、进入BodgeIt 主页面 1、启动BodgeIt 靶场 cd vulstudy/BodgeIt 2、查看..
bodgeito通关教程
玄道的网安博客
05-06 2005
首先给上我们的页面 我们来到搜索处输入<script> alert(/xss/)</script> 发现xss 让我们看看源码啊,获取q之后没有过滤xss代码就输出出来了 还有个存储xss在留言板处构造 <scri<script>pt> alert(/xss/)</sc</script>ript> ...
靶场地址及一些设置技巧
lm19770429的专栏
09-09 1041
在搜索时意外发现,因为想搜索Subgraph Vega输入了Vega,发现了vulnhub https://www.vulnhub.com/可以下载靶机。 JIS-CTF题目描述 靶场题目:JIS-CTF: VulnUpload 靶场地址:https://www.vulnhub.com/entry/jis-ctf-vulnupload,228/ 难度描述:包含5个Flag,初级难度,查找所有Flag平均需要1.5小时 靶场作者:Mohammad Khreesha 靶场描述:Descriptio
Java Vulnerable Lab
07-05
java程序可使用的漏洞靶场包
maven-vulnerable-app
03-19
【maven-vulnerable-app】是一个开源项目,主要目的是为了演示和学习Maven构建的应用程序中常见的安全漏洞。这个项目对于开发者、安全工程师以及热衷于软件安全的人来说具有很高的教育价值。通过研究和分析这个项目...
DIVA(Damn insecure and vulnerable App)
09-22
DIVA(Damn insecure and vulnerable App)是一个故意设计的存在很多漏洞的Android app,目的是为了让开发、安全工程师、QA等了解Android app常见的一些安全问题,类似dvwa,也可以把它当成一个漏洞演练系统。
Damn Vulnerable Web Application (DVWA)
07-12
Damn Vulnerable Web Application (DVWA)(译注:可以直译为:"该死的"不安全Web应用网站),是一个编码糟糕的、易受攻击的 PHP/MySQL Web应用程序。 它的主要目的是帮助安全专业人员在合法的环境中,测试他们的技能和...
vulnerable-hello-world
04-27
该项目是通过引导的。 您将在下面找到一些有关如何执行常见任务的信息。 您可以在找到本指南的最新版本。 目录 自动格式化代码 更改页面<title> 安装依赖项 导入组件 代码分割 添加样式表 ...met
CxFlowGithub
02-19
BodgeIt商店是一个易受攻击的Web应用程序,当前针对的是笔测试新手。 请注意,BodgeIt商店已不再使用 强烈建议您改用! 请注意,BodgeIt Store现在可以作为Docker映像使用: ://hub.docker.com/r/psiinon/bodgeit/ 它的一些特性和特征: 易于安装-仅需要Java和servlet引擎,例如Tomcat 自我包含(除了上面一行中的2之外,没有其他依赖项) 易于即时更改-所有功能都在JSP中实现,因此不需要IDE 跨平台 开源的 无需安装和配置单独的数据库-它使用在启动时自动(重新)初始化的“内存中”数据库 您需要做的就是下载并打开zip文件,然后将war文件解压缩到您喜欢的servlet引擎的webapps目录中。 然后将您的浏览器指向(例如) 您可能会发现使用笔测试工具更容易找到漏洞。 如果您没有喜欢的人,我建
SSRF_Vulnerable_Lab:本实验包含易受服务器端请求伪造攻击的示例代码
05-12
服务器端请求伪造(SSRF)易受攻击的实验室 该存储库包含容易受到服务器端请求伪造(SSRF)攻击PHP代码。 我想对@ albinowax,AKReddy,Vivek Sir(感谢一直以来支持我的杰出人物),Andrew Sir-@vanderaj(感谢他的鼓励)以及在DNS重新绑定攻击基础上共同努力的研究人员说谢谢 脆弱代码旨在针对以下5种情况演示SSRF: 1.提取并显示指定文件内容的应用程序代码 在编程语言中,有一些函数可以获取本地保存文件的内容。 这些功能可能能够从远程URL以及本地文件(例如PHP中的file_get_contents)中获取内容。 如果应用程序未在用户提供的数据之前添加任何字符串以从文件中获取内容,即应用程序未在提供用户提供的数据的目录名或路径,则该功能可能会被滥用。 在这种情况下,这些数据获取功能可以处理“ http://”或“ file://”之
Java Vulnerable Lab - Pentesting Lab:故意易受攻击的 Web 应用程序-开源
05-30
这是由网络安全和隐私基金会 (www.cysecurity.org) 为 Java 程序员开发的易受攻击的 Web 应用程序有关 Hacking and Securing Web Java Programs 的完整课程可在 https://www.udemy.com/hacking-securing -java-web-programming/ WAR 文件:---------- https://sourceforge.net/projects/javavulnerablelab/files/latest/JavaVulnerableLab.war/download Virtualbox VM 文件:----- --------------------- http://sourceforge.net/projects/javavulnerablelab/files/v0.1/JavaVulnerableLab.ova/download 虚拟机的凭据:- --------------- 用户名:root 密码:cspf 独立文件:(直接运行Jar文件)--------- ----- ht
JavaVulnerableLab6
03-28
这是由网络安全和隐私基金会( )开发的“易受攻击” Web应用程序。 该应用程序供Java程序员和其他希望了解Web应用程序漏洞并编写安全代码的人使用。 现在,可以在Github上免费获得完整的课程内容: 可以在以下网站上获得有关“黑客和保护Web Java程序安全”的完整课程: 警告:请勿在您的主机或在线服务器中运行此应用程序。 将其安装在Vitual Machine中。 如何使用/设置? 方法1.超级非常简单的方法:Docker使用Java Vulnerable的最简单方法是使用Docker,它通过1个命令行为您设置了所有内容 脚步: 1. Install Docker: https://docs.docker.com/engine/installation/ 2. Install docker-compose: https://docs.docker.com/comp
metasploit——How To Set Up A Penetration Testing Lab
张同光 (Tongguang Zhang):Hello everyone !
02-01 440
https://community.rapid7.com/docs/DOC-2196 If you don’t have access to a live test environment or cannot find systems to run penetration tests against, you will to need to learn how to
bodgeit测试平台
08-11 354
下载war安装包:https://code.google.com/archive/p/bodgeit/downloads http://resources.infosecinstitute.com/the-bodgeit-store-part-1-1/ 转载于:https://www.cnblogs.com/xiaozi/p/5759668.html...
6 个合法学习黑客技术网站,不用担心查水表!
ZL_1618的博客
03-11 1131
如果你想了解更多关于以前黑客是如何攻击和修补漏洞的,那这个网站就是为你准备的,你还可以下载上面的杂志,这些杂志涵盖了过去十几年里世界上最大规模的网络攻击。如果你想了解更多关于以前黑客是如何攻击和修补漏洞的,那这个网站就是为你准备的,你还可以下载上面的杂志,这些杂志涵盖了过去十几年里世界上最大规模的网络攻击。该网站专注于安全和道德黑客,实际上由四个主要的子域名组成,每个子域名都有一个特定的目的,即为世界各地的黑客服务。以上介绍分享的网站,均为外网,其所提供的资源纯属教育用途,不能用于任何违反法律用途。
Vulnerable API usage
01-05
Vulnerable API usage是指在应用程序中使用存在安全漏洞的API。这些漏洞可能会被攻击者利用,以执行恶意操作或导致应用程序以意外的方式运行。其中一种可能的动机是通过传递任意大的输入来使应用程序崩溃或变得不稳定。另一种可能的动机是修改应用程序的状态,例如通过向后续属性中插入无效数据来破坏应用程序的正常运行。 一个常见的漏洞是缓冲区溢出,它发生在应用程序试图将超过缓冲区容量的数据写入缓冲区时。这可能导致覆盖相邻内存区域的数据,从而导致应用程序崩溃或执行恶意代码。 另一个常见的漏洞是任意代码执行,它发生在应用程序在执行时允许攻击者执行任意代码。这可能会导致攻击者获取系统权限或执行其他恶意操作。 为了防止Vulnerable API usage,开发人员应该遵循安全最佳实践,例如验证输入的长度和内容,使用安全的API替代不安全的API,并对输入进行适当的过滤和验证。
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值