Pen-testing List of Labs

Vulnerable Web Applications
OWASP BWA http://code.google.com/p/owaspbwa/
OWASP Hackademic http://hackademic1.teilar.gr/
OWASP SiteGenerator https://www.owasp.org/index.php/Owasp_SiteGenerator
OWASP Bricks http://sourceforge.net/projects/owaspbricks/
OWASP Security Shepherd https://www.owasp.org/index.php/OWASP_Security_Shepherd
Damn Vulnerable Web App (DVWA) http://www.dvwa.co.uk/
Damn Vulnerable Web Services (DVWS) http://dvws.professionallyevil.com/
WebGoat.NET https://github.com/jerryhoff/WebGoat.NET/
PentesterLab https://pentesterlab.com/
Butterfly Security Project http://thebutterflytmp.sourceforge.net/
Foundstone Hackme Bank http://www.mcafee.com/us/downloads/free-tools/hacme-bank.aspx
Foundstone Hackme Books http://www.mcafee.com/us/downloads/free-tools/hacmebooks.aspx
Foundstone Hackme Casino http://www.mcafee.com/us/downloads/free-tools/hacme-casino.aspx
Foundstone Hackme Shipping http://www.mcafee.com/us/downloads/free-tools/hacmeshipping.aspx
Foundstone Hackme Travel http://www.mcafee.com/us/downloads/free-tools/hacmetravel.aspx
LAMPSecurity http://sourceforge.net/projects/lampsecurity/
Moth http://www.bonsai-sec.com/en/research/moth.php
WackoPicko https://github.com/adamdoupe/WackoPicko
BadStore http://www.badstore.net/
WebSecurity Dojo http://www.mavensecurity.com/web_security_dojo/
BodgeIt Store http://code.google.com/p/bodgeit/
hackxor http://hackxor.sourceforge.net/cgi-bin/index.pl
SecuriBench http://suif.stanford.edu/~livshits/securibench/
SQLol https://github.com/SpiderLabs/SQLol
CryptOMG https://github.com/SpiderLabs/CryptOMG
XMLmao  https://github.com/SpiderLabs/XMLmao
Exploit KB Vulnerable Web App http://exploit.co.il/projects/vuln-web-app/
PHDays iBank CTF http://blog.phdays.com/2012/05/once-again-about-remote-banking.html
GameOver http://sourceforge.net/projects/null-gameover/
Zap WAVE http://code.google.com/p/zaproxy/downloads/detail?name=zap-wave-0.1.zip
PuzzleMall http://code.google.com/p/puzzlemall/
VulnApp http://www.nth-dimension.org.uk/blog.php?id=88
sqli-labs https://github.com/Audi-1/sqli-labs
Drunk Admin Web Hacking Challenge https://bechtsoudis.com/work-stuff/challenges/drunk-admin-web-hacking-challenge/
bWAPP http://www.mmeit.be/bwapp/
http://sourceforge.net/projects/bwapp/files/bee-box/
NOWASP / Mutillidae 2  http://sourceforge.net/projects/mutillidae/
SocketToMe http://digi.ninja/projects/sockettome.php
Vulnerable Operating System Installations
Damn Vulnerable Linux http://sourceforge.net/projects/virtualhacking/files/os/dvl/
Metasploitable http://sourceforge.net/projects/virtualhacking/files/os/metasploitable/
LAMPSecurity http://sourceforge.net/projects/lampsecurity/
UltimateLAMP http://www.amanhardikar.com/mindmaps/practice-links.html
heorot: DE-ICE, hackerdemia http://hackingdojo.com/downloads/iso/De-ICE_S1.100.iso
http://hackingdojo.com/downloads/iso/De-ICE_S1.110.iso
http://hackingdojo.com/downloads/iso/De-ICE_S1.120.iso
http://hackingdojo.com/downloads/iso/De-ICE_S2.100.iso
hackerdemia – http://hackingdojo.com/downloads/iso/De-ICE_S1.123.iso
pWnOS http://www.pwnos.com/
Holynix http://sourceforge.net/projects/holynix/files/
Kioptrix http://www.kioptrix.com/blog/
exploit-exercises – nebula, protostar, fusion http://exploit-exercises.com/download
PenTest Laboratory  http://pentestlab.org/lab-in-a-box/
RebootUser Vulnix http://www.rebootuser.com/?page_id=1041
neutronstar http://neutronstar.org/goatselinux.html
scriptjunkie.us  http://www.scriptjunkie.us/2012/04/the-hacker-games/
21LTR http://21ltr.com/scenes/
SecGame # 1: Sauron http://sg6-labs.blogspot.co.uk/2007/12/secgame-1-sauron.html
Pentester Lab https://www.pentesterlab.com/exercises
Vulnserver http://www.thegreycorner.com/2010/12/introducing-vulnserver.html
TurnKey Linux http://www.turnkeylinux.org/
Bitnami https://bitnami.com/stacks
Elastic Server http://elasticserver.com
CentOS http://www.centos.org/
Sites for Downloading Older Versions of Various Software
Exploit-DB http://www.exploit-db.com/
Old Version http://www.oldversion.com/
Old Apps  http://www.oldapps.com/
VirtualHacking Repo sourceforge.net/projects/virtualhacking/files/apps%40realworld/
Sites by Vendors of Security Testing Software
Acunetix acuforum http://testasp.vulnweb.com/
Acunetix acublog http://testaspnet.vulnweb.com/
Acunetix acuart http://testphp.vulnweb.com/
Cenzic crackmebank http://crackme.cenzic.com
HP freebank http://zero.webappsecurity.com
IBM altoromutual http://demo.testfire.net/
Mavituna testsparker http://aspnet.testsparker.com
Mavituna testsparker http://php.testsparker.com
NTOSpider Test Site http://www.webscantest.com/
Sites for Improving Your Hacking Skills
EnigmaGroup http://www.enigmagroup.org/
Exploit Exercises http://exploit-exercises.com/
Google Gruyere http://google-gruyere.appspot.com/
Gh0st Lab http://www.gh0st.net/
Hack A Server  https://hackaserver.com/
Hack This Site  http://www.hackthissite.org/
HackThis  http://www.hackthis.co.uk/
HackQuest http://www.hackquest.com/
Hack.me https://hack.me
Hacking-Lab https://www.hacking-lab.com
Hacker Challenge http://www.dareyourmind.net/
Hacker Test http://www.hackertest.net/
hACME Game http://www.hacmegame.org/
Hax.Tor http://hax.tor.hu/
OverTheWire http://www.overthewire.org/wargames/
PentestIT  http://www.pentestit.ru/en/
p0wnlabs  http://p0wnlabs.com/
pwn0 https://pwn0.com/home.php
RootContest http://rootcontest.com/
Root Me http://www.root-me.org/?lang=en
Security Treasure Hunt http://www.securitytreasurehunt.com/
Smash The Stack http://www.smashthestack.org/
TheBlackSheep and Erik  http://www.bright-shadows.net/
ThisIsLegal http://thisislegal.com/
Try2Hack http://www.try2hack.nl/
WabLab http://www.wablab.com/hackme
XSS: Can You XSS This? http://canyouxssthis.com/HTMLSanitizer/
XSS: ProgPHP http://xss.progphp.com/
CTF Sites / Archives
CTFtime (Details of CTF Challenges) http://ctftime.org/ctfs/
shell-storm Repo http://shell-storm.org/repo/CTF/
CAPTF Repo http://captf.com/
VulnHub https://www.vulnhub.com
CTF365 http://ctf365.com/
Hacker Cons http://hackercons.org/
Hat Force https://www.hatforce.com/
Intense School http://www.intenseschool.com/resources/
SECore https://secore.info/
Mobile Apps
ExploitMe Mobile Android Labs http://securitycompass.github.io/AndroidLabs/
ExploitMe Mobile iPhone Labs http://securitycompass.github.io/iPhoneLabs/
OWASP iGoat  http://code.google.com/p/owasp-igoat/
OWASP Goatdroid https://github.com/jackMannino/OWASP-GoatDroid-Project
Damn Vulnerable iOS App (DVIA) http://damnvulnerableiosapp.com/
Damn Vulnerable Android App (DVAA) https://code.google.com/p/dvaa/
Damn Vulnerable FirefoxOS Application (DVFA) https://github.com/pwnetrationguru/dvfa/
NcN Wargame http://noconname.org/evento/wargame/
Hacme Bank Android http://www.mcafee.com/us/downloads/free-tools/hacme-bank-android.aspx
InsecureBank http://www.paladion.net/downloadapp.html
Miscellaneous
VulnVPN http://www.rebootuser.com/?page_id=1041
VulnVoIP http://www.rebootuser.com/?page_id=1041
NETinVM http://informatica.uv.es/~carlos/docencia/netinvm/
GNS3 http://sourceforge.net/projects/gns-3/
XAMPP https://www.apachefriends.org/index.html

Thank you (zer0w0rm)

Published By : Zer0w0rm ~ Zer0w0rm

 

5 comments:

  1. I'm using Kaspersky security for many years now, I'd recommend this solution to all of you.

    ReplyDelete
  2. I specialize in hacking GSM cell phones and get them unlock then bring you results under 24 hours and also my services are cheap and affordable.

    I hope to do business with you soon.

    Contact Information

    E-Mail: cyberfiles.hacker@gmail.com

    my services are the best on this: Unlock iCloud iPhones, Android Fingerprint Unlock?, iPhones Fingerprint Unlock, Android Pattern Unlock...Etc and 100% security and discreet work is guaranteed.,...

    ReplyDelete
  3. I am very happy with the customer service from this company. I received the PSN gift card through email with absolutely no problems. Definitely going to keep using MyGiftCardSupply!
    and thanks to onlinehacker4hire @gmail. com who helped me when i had issues gaining access.
    Rocky J. / Canada
    whatsapp: +1 347 619 1304  

    ReplyDelete
  4. Talking about sites, I lost $7,000 to a bitcoin site just by signing up with my mail.. they hacked into my mail and did all sorts of scams including trying to get away with my hard earned unemployment benefit money which i have been saving from several months back.

    thanks to:
    termitehacking at protonmail dot com

    he brought down the site and helped recover my lost funds, though i had to forfeit that mail.

    ReplyDelete
  5. Casino Games - jtmhub.com
    Casino Games - Free Slot Online Games at JTGHub. 안양 출장안마 Casino Games – Free Slot Online 전라북도 출장샵 Games at JTGHub. Play Casino Games at 밀양 출장마사지 JTGHub. Free Slot Online Games at 아산 출장샵 JTGHub. 안산 출장안마 JTG

    ReplyDelete