Awesome-Mirrors/awesome-vulnerable
1
0
Fork 0
mirror of https://github.com/kaiiyer/awesome-vulnerable.git synced 2024-10-01 08:25:39 -04:00
Code Issues Packages Projects Releases Wiki Activity
1a6c7b35eb
awesome-vulnerable/README.md
Kai Iyer 1a6c7b35eb
Update README.md
2019-10-01 19:24:44 +05:30

166 lines
8.1 KiB
Markdown
Raw Blame History

# Awesome Vulnerable
[![Awesome](https://cdn.rawgit.com/sindresorhus/awesome/d7305f38d29fed78fa85652e3a63e154dd8e8829/media/badge.svg)](https://github.com/sindresorhus/awesome)
A curated list of VULNERABLE APPS and SYSTEMS which can be used as PENETRATION TESTING PRACTICE LAB. This list aims to help starters as well as pros to test out and enhance their penetration skills.
### Vulnerable Web Applications
- [BadStore](http://www.badstore.net/)
- [BodgeIt Store](http://code.google.com/p/bodgeit/)
- [Butterfly Security Project](http://thebutterflytmp.sourceforge.net/)
- [bWAPP ](http://www.mmeit.be/bwapp/)
- [bWAPP](http://sourceforge.net/projects/bwapp/files/bee-box/)
- [Commix ](https://github.com/stasinopoulos/commix-testbed)
- [CryptOMG ](https://github.com/SpiderLabs/CryptOMG)
- [Damn Vulnerable Node Application(DVNA)](https://github.com/quantumfoam/DVNA/)
- [Damn Vulnerable Web App (DVWA) ](http://www.dvwa.co.uk/)
- [Damn Vulnerable Web Services (DVWS) ](http://dvws.professionallyevil.com/)
- [Drunk Admin Web Hacking Challenge ](https://bechtsoudis.com/work-stuff/challenges/drunk-admin-web-hacking-challenge/)
- [Exploit KB Vulnerable Web App ](http://exploit.co.il/projects/vuln-web-app/)
- [Foundstone Hackme Bank ](http://www.mcafee.com/us/downloads/free-tools/hacme-bank.aspx)
- [Foundstone Hackme Books ](http://www.mcafee.com/us/downloads/free-tools/hacmebooks.aspx)
- [Foundstone Hackme Casino ](http://www.mcafee.com/us/downloads/free-tools/hacme-casino.aspx)
- [Foundstone Hackme Shipping ](http://www.mcafee.com/us/downloads/free-tools/hacmeshipping.aspx)
- [Foundstone Hackme Travel ](http://www.mcafee.com/us/downloads/free-tools/hacmetravel.aspx)
- [GameOver ](http://sourceforge.net/projects/null-gameover/)
- [hackxor ](http://hackxor.sourceforge.net/cgi-bin/index.pl)
- [Hackazon ](https://github.com/rapid7/hackazon)
- [LAMPSecurity](http://sourceforge.net/projects/lampsecurity/)
- [Moth](http://www.bonsai-sec.com/en/research/moth.php)
- [NOWASP / Mutillidae 2](http://sourceforge.net/projects/mutillidae/)
- [OWASP BWA ](http://code.google.com/p/owaspbwa/)
- [OWASP Hackademic ](http://hackademic1.teilar.gr/)
- [OWASP SiteGenerator ](https://www.owasp.org/index.php/Owasp_SiteGenerator)
- [OWASP Bricks ](http://sourceforge.net/projects/owaspbricks/)
- [OWASP Security Shepherd ](https://www.owasp.org/index.php/OWASP_Security_Shepherd)
- [PentesterLab ](https://pentesterlab.com/)
- [PHDays iBank CTF ](http://blog.phdays.com/2012/05/once-again-about-remote-banking.html)
- [SecuriBench ](http://suif.stanford.edu/~livshits/securibench/)
- [SentinelTestbed ](https://github.com/dobin/SentinelTestbed)
- [SocketToMe](http://digi.ninja/projects/sockettome.php)
- [sqli-labs](https://github.com/Audi-1/sqli-labs)
- [MCIR (Magical Code Injection Rainbow)](https://github.com/SpiderLabs/MCIR)
- [sqlilabs](https://github.com/himadriganguly/sqlilabs)
- [VulnApp](http://www.nth-dimension.org.uk/blog.php?id=88)
- [PuzzleMall](http://code.google.com/p/puzzlemall/)
- [WackoPicko](https://github.com/adamdoupe/WackoPicko)
- [WAED](http://www.waed.info)
- [WebGoat.NET](https://github.com/jerryhoff/WebGoat.NET/)
- [WebSecurity Dojo](http://www.mavensecurity.com/web_security_dojo/)
- [XVWA](https://github.com/s4n7h0/xvwa)
- [Zap WAVE](http://code.google.com/p/zaproxy/downloads/detail?name=zap-wave-0.1.zip)
### Sites for Downloading Older Versions of Various Software
- [Exploit-DB ](http://www.exploit-db.com/)
- [Old Apps ](http://www.oldapps.com/)
- [Old Version ](http://www.oldversion.com/)
- [VirtualHacking Repo ](sourceforge.net/projects/virtualhacking/files/apps%40realworld/)
### Sites by Vendors of Security Testing Software
- [Acunetix acuforum ](http://testasp.vulnweb.com/)
- [Acunetix acublog ](http://testaspnet.vulnweb.com/)
- [Acunetix acuart ](http://testphp.vulnweb.com/)
- [Cenzic crackmebank ](http://crackme.cenzic.com)
- [HP freebank ](http://zero.webappsecurity.com)
- [IBM altoromutual ](http://demo.testfire.net/)
- [Mavituna testsparker ](http://aspnet.testsparker.com)
- [Mavituna testsparker ](http://php.testsparker.com)
- [NTOSpider Test Site ](http://www.webscantest.com/)
### Sites for Improving Your Hacking Skills
- [Embedded Security CTF ](https://microcorruption.com)
- [EnigmaGroup ](http://www.enigmagroup.org/)
- [Escape ](http://escape.alf.nu/)
- [Google Gruyere ](http://google-gruyere.appspot.com/)
- [Gh0st Lab ](http://www.gh0st.net/)
- [Hack This Site ](http://www.hackthissite.org/)
- [HackThis ](http://www.hackthis.co.uk/)
- [HackQuest ](http://www.hackquest.com/)
- [Hack.me ](https://hack.me)
- [Hacking-Lab ](https://www.hacking-lab.com)
- [Hacker Challenge ](http://www.dareyourmind.net/)
- [Hacker Test ](http://www.hackertest.net/)
- [hACME Game ](http://www.hacmegame.org/)
- [Halls Of Valhalla ](http://halls-of-valhalla.org/beta/challenges)
- [Hax.Tor ](http://hax.tor.hu/)
- [OverTheWire ](http://www.overthewire.org/wargames/)
- [PentestIT ](http://www.pentestit.ru/en/)
- [CSC Play on Demand ](https://pod.cybersecuritychallenge.org.uk/)
- [pwn0 ](https://pwn0.com/home.php)
- [RootContest ](http://rootcontest.com/)
- [Root Me ](http://www.root-me.org/?lang=en)
- [Security Treasure Hunt ](http://www.securitytreasurehunt.com/)
- [Smash The Stack ](http://www.smashthestack.org/)
- [SQLZoo ](http://sqlzoo.net/hack/)
- [TheBlackSheep and Erik ](http://www.bright-shadows.net/)
- [ThisIsLegal ](http://thisislegal.com/)
- [Try2Hack ](http://www.try2hack.nl/)
- [WabLab ](http://www.wablab.com/hackme)
- [XSS: Can You XSS This? ](http://canyouxssthis.com/HTMLSanitizer/)
- [XSS Game ](https://xss-game.appspot.com/)
- [XSS: ProgPHP ](http://xss.progphp.com/)
### Lab
- [binjitsu ](https://github.com/binjitsu/binjitsu)
- [CTFd ](https://github.com/isislab/CTFd)
- [Mellivora ](https://github.com/Nakiami/mellivora)
- [NightShade ](https://github.com/UnrealAkama/NightShade)
- [MCIR ](https://github.com/SpiderLabs/MCIR)
- [Docker ](https://www.docker.com/)
- [Vagrant ](https://www.vagrantup.com/)
- [NETinVM ](http://informatica.uv.es/~carlos/docencia/netinvm/)
- [SmartOS ](https://smartos.org/)
- [SmartDataCenter ](https://github.com/joyent/sdc)
- [vSphere Hypervisor ](https://www.vmware.com/products/vsphere-hypervisor/)
- [GNS3 ](http://sourceforge.net/projects/gns-3/)
- [OCCP ](https://opencyberchallenge.net/)
- [XAMPP ](https://www.apachefriends.org/index.html)
### Mobile Apps
- [Damn Vulnerable Android App (DVAA) ](https://code.google.com/p/dvaa/)
- [Damn Vulnerable FirefoxOS Application (DVFA) ](https://github.com/pwnetrationguru/dvfa/)
- [Damn Vulnerable iOS App (DVIA) ](http://damnvulnerableiosapp.com/)
- [ExploitMe Mobile Android Labs ](http://securitycompass.github.io/AndroidLabs/)
- [ExploitMe Mobile iPhone Labs ](http://securitycompass.github.io/iPhoneLabs/)
- [Hacme Bank Android ](https://www.mcafee.com/us/downloads/free-tools/hacme-bank-android.aspx)
- [InsecureBank ](http://www.paladion.net/downloadapp.html)
- [NcN Wargame ](http://noconname.org/evento/wargame/)
- [OWASP iGoat ](http://code.google.com/p/owasp-igoat/)
- [OWASP Goatdroid ](https://github.com/jackMannino/OWASP-GoatDroid-Project)
Contributions are always welcome !
## How to contribute to this project
### Here are some of the ways to contribute to this project:
Add your name to the CONTRIBUTORS.md file
Add any new useful links to resources with respect to pentesting and vulnerable testintg environments
Make a pull request and wait for it to be merged!
## Getting started
Fork this repository (Click the Fork button in the top right of this page, click your Profile Image)
Clone your fork down to your local machine
git clone https://github.com/your-username/awesome-vulnerable.git
Create a branch
git checkout -b branch-name
Make your changes (choose from any task below)
Commit and push
git add .
git commit -m 'Commit message'
git push origin branch-name
Create a new pull request from your forked repository (Click the New Pull Request button located at the top of your repo)
Wait for your PR review and merge approval!
Star this repository if you had fun!
Thanks a bunch for your contributions !!!
Reference in New Issue View Git Blame Copy Permalink