From 47b058b847f310068df7352f4cf84175fb82c2ba Mon Sep 17 00:00:00 2001
From: Kai Iyer <24914913+kaiiyer@users.noreply.github.com>
Date: Wed, 16 Dec 2020 15:07:16 +0530
Subject: [PATCH] Update README.md (#28)

---
 README.md | 85 +++++++++++++++++++++++++++++++------------------------
 1 file changed, 48 insertions(+), 37 deletions(-)

diff --git a/README.md b/README.md
index 3b2aa7b..cabcc8b 100644
--- a/README.md
+++ b/README.md
@@ -47,34 +47,34 @@ Damn Vulnerable Web Services is an insecure web application with multiple vulner
 - [LAMPSecurity](http://sourceforge.net/projects/lampsecurity/) - LAMPSecurity training is designed to be a series of vulnerable virtual machine images along with complementary documentation designed to teach linux,apache,php,mysql security.
 - [OWASP Mantra](https://sourceforge.net/projects/getmantra/) - Free and Open Source Browser based Security Framework, is a collection of free and open source tools integrated into a web browser, which can become handy for penetration testers, web application developers, security professionals etc.
 - [NOWASP / Mutillidae 2](https://github.com/webpwnized/mutillidae) - OWASP Mutillidae II is a free, open source, deliberately vulnerable web-application providing a target for web-security enthusiast. 
-- [OWASP BWA 	](http://code.google.com/p/owaspbwa/) - A collection of vulnerable web applications that is distributed on a Virtual Machine in VMware format compatible with their no-cost VMware Player and VMware vSphere Hypervisor (ESXi) products (along with their older and commercial products).
-- [OWASP Hackademic 	](https://github.com/Hackademic/hackademic/) - Project helps you test your knowledge on web application security. You can use it to actually attack web applications in a realistic but also controllable and safe environment.
-- [OWASP SiteGenerator 	](https://www.owasp.org/index.php/Owasp_SiteGenerator) - OWASP SiteGenerator allows the creating of dynamic websites based on XML files and predefined vulnerabilities (some simple, some complex) covering .Net languages and web development architectures (for example, navigation: Html, Javascript, Flash, Java, etc). 
-- [OWASP Bricks 	](https://sourceforge.net/projects/owaspbricks/) -  Web application security learning platform built on PHP and MySQL 
+- [OWASP BWA ](http://code.google.com/p/owaspbwa/) - A collection of vulnerable web applications that is distributed on a Virtual Machine in VMware format compatible with their no-cost VMware Player and VMware vSphere Hypervisor (ESXi) products (along with their older and commercial products).
+- [OWASP Hackademic ](https://github.com/Hackademic/hackademic/) - Project helps you test your knowledge on web application security. You can use it to actually attack web applications in a realistic but also controllable and safe environment.
+- [OWASP SiteGenerator ](https://www.owasp.org/index.php/Owasp_SiteGenerator) - OWASP SiteGenerator allows the creating of dynamic websites based on XML files and predefined vulnerabilities (some simple, some complex) covering .Net languages and web development architectures (for example, navigation: Html, Javascript, Flash, Java, etc). 
+- [OWASP Bricks ](https://sourceforge.net/projects/owaspbricks/) -  Web application security learning platform built on PHP and MySQL 
 - [OWASP Security Shepherd 	](https://www.owasp.org/index.php/OWASP_Security_Shepherd) - OWASP Security Shepherd is a web and mobile application security training platform. Security Shepherd has been designed to foster and improve security awareness among a varied skill-set demographic
-- [PentesterLab 	](https://pentesterlab.com/) - We make learning web hacking easier!
+- [PentesterLab ](https://pentesterlab.com/) - We make learning web hacking easier!
 - [SecuriBench 	](https://suif.stanford.edu/~livshits/securibench/) - Stanford SecuriBench is a set of open source real-life programs to be used as a testing ground for static and dynamic security tools. Release .91a focuses on Web-based applications written in Java. 
 - [SentinelTestbed 	](https://github.com/dobin/SentinelTestbed) - Vulnerable web site. Used to test sentinel features.
-- [SocketToMe](http://digi.ninja/projects/sockettome.php) - It combines chat, a simple number guessing game and a few other hidden features. 
-- [sqli-labs](https://github.com/Audi-1/sqli-labs) - SQLI labs to test error based, Blind boolean based, Time based. 
-- [MCIR (Magical Code Injection Rainbow)](https://github.com/SpiderLabs/MCIR) - The Magical Code Injection Rainbow! MCIR is a framework for building configurable vulnerability testbeds. MCIR is also a collection of configurable vulnerability testbeds. 
-- [sqlilabs](https://github.com/himadriganguly/sqlilabs) - Lab set-up for learning SQL Injection Techniques 
+- [SocketToMe](http://digi.ninja/projects/sockettome.php) - It combines chat, a simple number guessing game and a few other hidden features
+- [sqli-labs](https://github.com/Audi-1/sqli-labs) - SQLI labs to test error based, Blind boolean based, Time based.
+- [MCIR (Magical Code Injection Rainbow)](https://github.com/SpiderLabs/MCIR) - The Magical Code Injection Rainbow! MCIR is a framework for building configurable vulnerability testbeds. MCIR is also a collection of configurable vulnerability testbeds
+- [Sqlilabs](https://github.com/himadriganguly/sqlilabs) - Lab set-up for learning SQL Injection Techniques 
 - [VulnApp](https://www.nth-dimension.org.uk/blog.php?id=88) - ASP.net application implementing some of the most common applications we come across on our penetration testing engagements
 - [PuzzleMall](https://code.google.com/p/puzzlemall/) - A vulnerable web application for practicing session puzzling
-- [WackoPicko](https://github.com/adamdoupe/WackoPicko) -  WackoPicko is a vulnerable web application used to test web application vulnerability scanners. 
+- [WackoPicko](https://github.com/adamdoupe/WackoPicko) -  WackoPicko is a vulnerable web application used to test web application vulnerability scanners
 - [WebGoat.NET](https://github.com/jerryhoff/WebGoat.NET/) - This web application is a learning platform that attempts to teach about common web security flaws. It contains generic security flaws that apply to most web applications
 - [WebSecurity Dojo](https://www.mavensecurity.com/web_security_dojo/) - A free open-source self-contained training environment for Web Application Security penetration testing. Tools + Targets = Dojo
 - [XVWA](https://github.com/s4n7h0/xvwa) - XVWA is a badly coded web application written in PHP/MySQL that helps security enthusiasts to learn application security.
 - [Zap WAVE](https://code.google.com/p/zaproxy/downloads/detail?name=zap-wave-0.1.zip) - An easy to use integrated penetration testing tool for finding vulnerabilities in web applications
-- [Web-Security Academy](https://portswigger.net/web-security) - A free platform for learining and testing your Web Application security skills with practice labs and learning materials by Portswigger.
-- [OWASP Juice Shop](https://juice-shop.herokuapp.com/) - An Open Source platform for testing Web-Application Security skills. The application contains a vast number of hacking challenges of varying difficulty level.
+- [Web-Security Academy](https://portswigger.net/web-security) - A free platform for learining and testing your Web Application security skills with practice labs and learning materials by Portswigger
+- [OWASP Juice Shop](https://juice-shop.herokuapp.com/) - An Open Source platform for testing Web-Application Security skills. The application contains a vast number of hacking challenges of varying difficulty level
 
 ### Sites for Downloading Older Versions of Various Software
-- [Exploit-DB 	](http://www.exploit-db.com/) - The Exploit Database is maintained by Offensive Security, an information security training company that provides various Information Security Certifications as well as high end penetration testing services.
-- [Old Apps 	](http://www.oldapps.com/) - Provide our users with a wide assortment of current versions of familiar software, and their predecessors for free.
+- [Exploit-DB 	](http://www.exploit-db.com/) - The Exploit Database is maintained by Offensive Security, an information security training company that provides various Information Security Certifications as well as high end penetration testing services
+- [Old Apps 	](http://www.oldapps.com/) - Provide our users with a wide assortment of current versions of familiar software, and their predecessors for free
 - [Old Version 	](http://www.oldversion.com/) - Pick a software title... to downgrade to the version you love!
 - [VirtualHacking Repo 	 ](https://sourceforge.net/projects/virtualhacking/files/apps@realworld/) - Virtual Hacking Lab
-- [All Version](http://www.PortableApps.com/) - PortableApps is the world's most popular portable software solution allowing you to take your favorite software with you.
+- [All Version](http://www.PortableApps.com/) - PortableApps is the world's most popular portable software solution allowing you to take your favorite software with you
 
 ## Sites by Vendors of Security Testing Software
 - [Acunetix acuforum 	](https://testasp.vulnweb.com/) - A forum deliberately vulnerable to SQL Injections, directory traversal, and other web-based attacks
@@ -84,11 +84,11 @@ Damn Vulnerable Web Services is an insecure web application with multiple vulner
 - [HP freebank 	](http://zero.webappsecurity.com) - The Free Online Bank Web site is published by Micro Focus Fortify for the sole purpose of demonstrating the functionality and effectiveness of Micro Focus Fortify’s WebInspect products in detecting and reporting Web application vulnerabilities.
 - [IBM altoromutual 	](http://demo.testfire.net/) - The AltoroJ website is published by IBM Corporation for the sole purpose of demonstrating the effectiveness of IBM products in detecting web application vulnerabilities and website defects
 - [Mavituna testsparker 	](http://aspnet.testsparker.com) -  This is a test and demonstration site for Netsparker
-- [Mavituna testsparker 	](http://php.testsparker.com) - This is a test and demonstration site for Netsparker , Next Generation Web Application Security Scanner. Start Netsparker to scan this web site and let it find the vulnerabilities. 
+- [Mavituna testsparker 	](http://php.testsparker.com) - This is a test and demonstration site for Netsparker , Next Generation Web Application Security Scanner. Start Netsparker to scan this web site and let it find the vulnerabilities
 - [NTOSpider Test Site 	](http://www.webscantest.com/) - This site is setup to test automated Web Application scanners like AppSpider
 
 ## Sites for Improving Your Hacking Skills
-- [Embedded Security CTF 	](https://microcorruption.com) - Scattered throughout the world in locked warehouses are briefcases filled with Cy Yombinator bearer bonds that could be worth billions comma billions of dollars. You will help steal the briefcases
+- [Embedded Security CTF ](https://microcorruption.com) - Scattered throughout the world in locked warehouses are briefcases filled with Cy Yombinator bearer bonds that could be worth billions comma billions of dollars. You will help steal the briefcases
 - [EnigmaGroup 	](http://www.enigmagroup.org/) -  Enigma Group has been providing its members a legal and safe security resource where they can develop their pen-testing skills on various challenges provided by this site
 - [Escape 	](http://escape.alf.nu/) - The code generates HTML in an unsafe way. Prove it by calling alert(1)
 - [Google Gruyere ](http://google-gruyere.appspot.com/) - This codelab shows how web application vulnerabilities can be exploited and how to defend against these attacks
@@ -97,44 +97,55 @@ Damn Vulnerable Web Services is an insecure web application with multiple vulner
 - <b>[Hack The Box](https://www.hackthebox.eu)</b> - An online platform allowing you to test your penetration testing skills and exchange ideas and methodologies with thousands of people in the security field
 - <b>[TryHackMe](https://tryhackme.com/)</b> - Cyber Security training made easy. A comfortable experience to learn by designing prebuilt courses which include virtual machines (VM) hosted in the cloud ready to be deployed
 - [Hack This Site 	](http://www.hackthissite.org/) - Hack This Site is a free, safe and legal training ground for hackers to test and expand their hacking skills
-- [HackThis 	](http://www.hackthis.co.uk/) - Defend the Web is an Interactive Cyber Security Platform
-- [HackQuest 	](http://www.hackquest.com/) - Anonymous Webhosting, Virtual Servers, Secure Email
+- [HackThis ](http://www.hackthis.co.uk/) - Defend the Web is an Interactive Cyber Security Platform
+- [HackQuest ](http://www.hackquest.com/) - Anonymous Webhosting, Virtual Servers, Secure Email
 - [Hack.me 	](https://hack.me) - Hacking-Lab is a service by Security Competence GmbH, a Swiss subsidiary of Compass Security AG.
 Compass Security is a well renowned European company specializing in penetration testing, incident response, digital forensics, and security trainings
 - [Hacking-Lab 	](https://www.hacking-lab.com) - Hack.me is a FREE, community based project powered by eLearnSecurity. The community can build, host and share vulnerable web application code for educational and research purposes
 - [Hacker Test 	](http://www.hackertest.net/) - HackerTest.net is your own online hacker simulation. This new real-life imitation will help you advance your security knowledge of JavaScript, PHP, HTML and graphic thinking
 - [Halls Of Valhalla 	](http://halls-of-valhalla.org/beta/challenges) - Valhalla is a place for sharing knowledge and ideas. Users can submit code, as well as science, technology, and engineering-oriented news and articles
 - [Hax.Tor 	](http://hax.tor.hu/) - HaX.ToR.Hu is a challenge site putting emphasis on teaching basic security related issues in a fun way
-- [Metasploit Unleashed     ](https://www.offensive-security.com/metasploit-unleashed/) - The Metasploit Unleashed (MSFU) course is provided free of charge by Offensive Security in order to raise awareness for underprivileged children in East Africa.
+- [Metasploit Unleashed     ](https://www.offensive-security.com/metasploit-unleashed/) - The Metasploit Unleashed (MSFU) course is provided free of charge by Offensive Security in order to raise awareness for underprivileged children in East Africa
 - [OverTheWire 	](http://www.overthewire.org/wargames/) - The wargames offered by the OverTheWire community can help you to learn and practice security concepts in the form of fun-filled games
-- [PentestIT 	](https://lab.pentestit.ru/) - Penetration testing laboratories "Test lab" emulate an IT infrastructure of real companies and are created for a legal pen testing and improving penetration testing skills.
-- <b>[CSC Play on Demand 	](https://pod.cybersecuritychallenge.org.uk/)</b> - The aim of this challenge is to identify the means by which an insider may accidentally or maliciously leak organisational secrets via seemingly innocent files.
+- [PentestIT 	](https://lab.pentestit.ru/) - Penetration testing laboratories "Test lab" emulate an IT infrastructure of real companies and are created for a legal pen testing and improving penetration testing skills
+- <b>[CSC Play on Demand ](https://pod.cybersecuritychallenge.org.uk/)</b> - The aim of this challenge is to identify the means by which an insider may accidentally or maliciously leak organisational secrets via seemingly innocent files
 - [Root Me 	](http://www.root-me.org/?lang=en) - The fast, easy, and affordable way to train your hacking skills
-- [Security Treasure Hunt 	](http://www.securitytreasurehunt.com/) - A new Packet Capture-based Web Vulnerability Analysis challenge is available through April 30th, 2013, sponsored by Cyber Aces
+- [Security Treasure Hunt ](http://www.securitytreasurehunt.com/) - A new Packet Capture-based Web Vulnerability Analysis challenge is available through April 30th, 2013, sponsored by Cyber Aces
 - [Smash The Stack 	](http://www.smashthestack.org/) - Wargaming Network
-- [SQLZoo 	](http://sqlzoo.net/hack/) - Exploiting an SQL Inject attack involves solving a puzzle that is a cross between Hangman and 20 Questions. It needs a little understanding of SQL and a great deal of cunning
-- [TheBlackSheep and Erik 	](http://www.bright-shadows.net/) - Offers you hundreds of challenges in the fields of programming, JavaScript, PHP, Java, steganography, cryptography and others
-- [ThisIsLegal 	](http://thisislegal.com/) - A hacker wargames site with much more such as forums and tutorials.
-- [Try2Hack 	](http://www.try2hack.nl/) - This site provides several security-oriented challenges for your entertainment. It is actually one of the oldest challenge sites still around
+- [SQLZoo](http://sqlzoo.net/hack/) - Exploiting an SQL Inject attack involves solving a puzzle that is a cross between Hangman and 20 Questions. It needs a little understanding of SQL and a great deal of cunning
+- [TheBlackSheep and Erik ](http://www.bright-shadows.net/) - Offers you hundreds of challenges in the fields of programming, JavaScript, PHP, Java, steganography, cryptography and others
+- [ThisIsLegal 	](http://thisislegal.com/) - A hacker wargames site with much more such as forums and tutorials
+- [Try2Hack ](http://www.try2hack.nl/) - This site provides several security-oriented challenges for your entertainment. It is actually one of the oldest challenge sites still around
 - [VulnHub	](https://vulnhub.com/) - A collection of vulnerable hosts and associated challenges to gain 'hands-on' experience in cyber security.
-- [XSS: Can You XSS This? 	](http://canyouxssthis.com/HTMLSanitizer/) - Use HTMLSanitizer to protect your Web Apps
-- [XSS Game 	](https://xss-game.appspot.com/) - Learn to find and exploit XSS bugs
-- [XSS: ProgPHP 	](http://xss.progphp.com/) - Next-Gen Domain Registration. Progphp.com is coming soon !
+- [XSS: Can You XSS This? ](http://canyouxssthis.com/HTMLSanitizer/) - Use HTMLSanitizer to protect your Web Apps
+- [XSS Game ](https://xss-game.appspot.com/) - Learn to find and exploit XSS bugs
+- [XSS: ProgPHP ](http://xss.progphp.com/) - Next-Gen Domain Registration. Progphp.com is coming soon!
+- [Pwnable.tw](http://pwnable.tw/) - A newer set of high quality pwnable challenges)
+- [Pwnable.kr](http://pwnable.kr/) - One of the more popular recent wargamming sets of challenges
+- [PicoCTF](https://picoctf.com/) - Designed for high school students while the event is usually new every year, it's left online and has a great difficulty progression
+- [CTF Learn](http://ctflearn.com/) - A new CTF based learning platform with user-contributed challenges
+- [Reversing.kr](http://reversing.kr/) - This site tests your ability to Cracking & Reverse Code Engineering
+- [w3challs](https://w3challs.com/) - Our challenges address several subsets of hacking, mostly oriented on the offensive. A multitude of technologies and architectures are waiting for you. Show us your mad skillz and pop some shells (or calcs)!
+- [RingZer0 Team](https://ringzer0team.com/) -  RingZer0 Team's online CTF offers you tons of challenges designed to test and improve your hacking skills through hacking challenges.
+- [HellBound Hackers](http://www.hellboundhackers.org/) -The hands-on approach to computer security and simulated security challenges
+- [Komodo Consulting](http://ctf.komodosec.com) -  Application Security Challenge designed to challenge your application hacking skills
+- [Maxkersten Binary Analysis](https://maxkersten.nl/binary-analysis-course/) - A practical binary analysis course
+- [PwnAdventure](https://pwnadventure.com) - Pwnie Island is a limited-release, first-person, true open-world MMORPG set on a beautiful island where anything could happen. That's because this game is intentionally vulnerable to all kinds of silly hacks! Flying, endless cash, and more are all one client change or network proxy away
 
 ### Labs
-- [CTFd 	](https://github.com/isislab/CTFd) - CTFs as you need them
-- [Mellivora 	](https://github.com/Nakiami/mellivora) - Mellivora is a CTF engine written in PHP 
+- [CTFd ](https://github.com/isislab/CTFd) - CTFs as you need them
+- [Mellivora ](https://github.com/Nakiami/mellivora) - Mellivora is a CTF engine written in PHP 
 - [Metasploitable2  ](https://sourceforge.net/projects/metasploitable/files/Metasploitable2/) - Metasploitable is an intentionally vulnerable Linux virtual machine 
-- [NightShade 	](https://github.com/UnrealAkama/NightShade) - A simple capture the flag framework. 
-- [MCIR 	](https://github.com/SpiderLabs/MCIR) - The Magical Code Injection Rainbow! MCIR is a framework for building configurable vulnerability testbeds. MCIR is also a collection of configurable vulnerability testbeds. 
+- [NightShade ](https://github.com/UnrealAkama/NightShade) - A simple capture the flag framework. 
+- [MCIR ](https://github.com/SpiderLabs/MCIR) - The Magical Code Injection Rainbow! MCIR is a framework for building configurable vulnerability testbeds. MCIR is also a collection of configurable vulnerability testbeds. 
 - [Vagrant 	](https://www.vagrantup.com/) - Development Environments Made Easy
 - [NETinVM 	](https://informatica.uv.es/~carlos/docencia/netinvm/) - A tool for teaching and learning about systems, networks and security
 - [SmartOS 	](https://smartos.org/) - SmartOS is a free and open-source SVR4 hypervisor based on the UNIX operating system that combines OpenSolaris technology with Linux's KVM virtualization.
 - [SmartDataCenter 	](https://github.com/joyent/sdc) - Joyent Triton DataCenter: a cloud management platform with first class support for containers. 
 - [vSphere Hypervisor 	](https://www.vmware.com/products/vsphere-hypervisor/) - vSphere Hypervisor is a bare-metal hypervisor that virtualizes servers; allowing you to consolidate your applications while saving time and money managing your IT infrastructure. 
-- [GNS3 	](http://sourceforge.net/projects/gns-3/) - Build, Design and Test your network in a risk-free virtual environment and access the largest networking community to help.
-- [OCCP 	](https://opencyberchallenge.net/) - A free, configurable, open-source virtualization platform for cyber security educators and challenge event coordinators.
-- [XAMPP 	](https://www.apachefriends.org/index.html) - XAMPP is a completely free, easy to install Apache distribution containing MariaDB, PHP, and Perl. The XAMPP open source package has been set up to be incredibly easy to install and to use.
+- [GNS3 ](http://sourceforge.net/projects/gns-3/) - Build, Design and Test your network in a risk-free virtual environment and access the largest networking community to help.
+- [OCCP ](https://opencyberchallenge.net/) - A free, configurable, open-source virtualization platform for cyber security educators and challenge event coordinators.
+- [XAMPP ](https://www.apachefriends.org/index.html) - XAMPP is a completely free, easy to install Apache distribution containing MariaDB, PHP, and Perl. The XAMPP open source package has been set up to be incredibly easy to install and to use.
 - [Kubernetes Goat](https://github.com/madhuakula/kubernetes-goat) - The Kubernetes Goat designed to be intentionally vulnerable cluster environment to learn and practice Kubernetes security.
 - [Offensive Security](https://www.offensive-security.com/labs/individual/) - Practice your pentesting skills in a standalone, private lab --environment with the additions of PG Play and PG Practice to Offensive Security’s Proving Grounds training labs.
 - [Game of Hacks](http://www.gameofhacks.com/) - Alright, this one isn’t exactly a vulnerable web app – but it’s another engaging way of learning to spot application security vulnerabilities, so we thought we’d throw it in