From 61a2048685f5ffc33237723b21343d5638863cdb Mon Sep 17 00:00:00 2001
From: Boik <qazbnm456@gmail.com>
Date: Wed, 13 Dec 2017 22:45:57 +0900
Subject: [PATCH] more practice labs added

---
 README.md | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 0618f80..9e37ce3 100644
--- a/README.md
+++ b/README.md
@@ -471,6 +471,10 @@ Check out my [repos](https://github.com/qazbnm456) 🐾 or say *hi* on my [Twitt
 * [@hasegawayosuke](https://twitter.com/hasegawayosuke) - Japanese javascript security researcher.
 
 ## Practices
+<a name="practices-application"></a>
+### Application
+
+* [BadLibrary](https://github.com/SecureSkyTechnology/BadLibrary) - vulnerable web application for training - Written by [@SecureSkyTechnology](https://github.com/SecureSkyTechnology).
 
 <a name="practices-aws"></a>
 ### AWS
@@ -480,8 +484,11 @@ Check out my [repos](https://github.com/qazbnm456) 🐾 or say *hi* on my [Twitt
 <a name="practices-xss"></a>
 ### XSS
 
-* [alert(1) to win](https://alf.nu/alert1) - Series of XSS challenges - Written by [@steike](https://twitter.com/steike).
+* [XSS Thousand Knocks](https://knock.xss.moe/index) - XSS Thousand Knocks - Written by [@yagihashoo](https://twitter.com/yagihashoo).
+* [XSS game](https://xss-game.appspot.com/) - Google XSS Challenge - Written by Google.
 * [prompt(1) to win](http://prompt.ml/) - Complex 16-Level XSS Challenge held in summer 2014 (+4 Hidden Levels) - Written by [@cure53](https://github.com/cure53).
+* [alert(1) to win](https://alf.nu/alert1) - Series of XSS challenges - Written by [@steike](https://twitter.com/steike).
+* [XSS Challenges](http://xss-quiz.int21h.jp/) - Series of XSS challenges - Written by yamagata21.
 
 <a name="practices-modsecurity"></a>
 ### ModSecurity / OWASP ModSecurity Core Rule Set