Vulnerable Web Applications [43 unique web applications] |
| OWASP BWA | http://code.google.com/p/owaspbwa/ |
| OWASP Hackademic | http://hackademic1.teilar.gr/ |
| Butterfly Security Project | http://thebutterflytmp.sourceforge.net/ |
| Foundstone Hackme Bank | http://www.mcafee.com/us/downloads/free-tools/hacme-bank.aspx |
| Foundstone Hackme Books | http://www.mcafee.com/us/downloads/free-tools/hacmebooks.aspx |
| Foundstone Hackme Casino | http://www.mcafee.com/us/downloads/free-tools/hacme-casino.aspx |
| Foundstone Hackme Shipping | http://www.mcafee.com/us/downloads/free-tools/hacmeshipping.aspx |
| Foundstone Hackme Travel | http://www.mcafee.com/us/downloads/free-tools/hacmetravel.aspx |
| LAMPSecurity | http://sourceforge.net/projects/lampsecurity/ |
| Moth | http://www.bonsai-sec.com/en/research/moth.php |
| WackoPicko | https://github.com/adamdoupe/WackoPicko |
| BadStore | http://www.badstore.net/ |
| WebSecurity Dojo | http://www.mavensecurity.com/web_security_dojo/ |
| BodgeIt Store | http://code.google.com/p/bodgeit/ |
| hackxor | http://hackxor.sourceforge.net/cgi-bin/index.pl |
| SecuriBench | http://suif.stanford.edu/~livshits/securibench/ |
| SQLol | https://github.com/SpiderLabs/SQLol |
| CryptOMG | https://github.com/SpiderLabs/CryptOMG |
| XMLmao | https://github.com/SpiderLabs/XMLmao |
| Exploit KB Vulnerable Web App | http://exploit.co.il/projects/vuln-web-app/ |
| PHDays iBank CTF | http://blog.phdays.com/2012/05/once-again-about-remote-banking.html |
| GameOver | http://sourceforge.net/projects/null-gameover/ |
| Zap WAVE | http://code.google.com/p/zaproxy/downloads/detail?name=zap-wave-0.1.zip |
| PuzzleMall | http://code.google.com/p/puzzlemall/ |
Vulnerable Operating System Installations [19+ unique OS setups] |
| Damn Vulnerable Linux | http://sourceforge.net/projects/virtualhacking/files/os/dvl/ |
| Metasploitable v1 | http://www.metasploit.com/learn-more/how-do-i-use-it/test-lab.jsp |
| Metasploitable v2 | https://community.rapid7.com/docs/DOC-1875 |
| LAMPSecurity | http://sourceforge.net/projects/lampsecurity/ |
| UltimateLAMP | http://ronaldbradford.com/tmp/UltimateLAMP-0.2.zip |
| De-ICE, hackerdemia, pWnOS | http://forums.heorot.net/ |
| Holynix | http://pynstrom.net/holynix.php |
| Kioptrix | http://www.kioptrix.com/ |
|
| exploit-exercises - nebula, protostar, fusion | http://exploit-exercises.com/ |
| CentOS | http://www.centos.org/ |
Sites for Downloading Older Versions of Various Software [3 sources] |
| Old Apps | http://www.oldapps.com/ |
| Old Version | http://www.oldversion.com/ |
| Exploit-DB | http://www.exploit-db.com/ |
Sites by Vendors of Security Testing Software [8 unique sites] |
| Acunetix acuforum | http://testasp.vulnweb.com/ |
| Acunetix acublog | http://testaspnet.vulnweb.com/ |
| Acunetix acuart | http://testphp.vulnweb.com/ |
| Cenzic crackmebank | http://crackme.cenzic.com |
| HP freebank | http://zero.webappsecurity.com |
| IBM altoromutual | http://demo.testfire.net/ |
| Mavituna testsparker | http://aspnet.testsparker.com |
| Mavituna testsparker | http://php.testsparker.com |
Sites for Improving Your Hacking Skills [16 unique sites] |
| Google Gruyere | http://google-gruyere.appspot.com/ |
| Hack This Site | http://www.hackthissite.org/ |
| Hacker Challenge | http://www.dareyourmind.net/ |
| HackQuest | http://www.hackquest.com/ |
| Hax.Tor | http://hax.tor.hu/ |
| Hacker Test | http://www.hackertest.net/ |
| OverTheWire | http://www.overthewire.org/wargames/ |
| Root Me | http://www.root-me.org/?lang=en |
| Smash The Stack | http://www.smashthestack.org/ |
| TheBlackSheep and Erik | http://www.bright-shadows.net/ |
| ThisIsLegal | http://thisislegal.com/ |
| Try2Hack | http://www.try2hack.nl/ |
| EnigmaGroup | http://www.enigmagroup.org/ |
| hACME Game | http://www.hacmegame.org/ |
|
| Exploit Exercises | http://exploit-exercises.com/ |
|
| Hacking-Lab | https://www.hacking-lab.com |
|
