Update README.md

This commit is contained in:
Omar Santos 2020-08-13 22:43:22 -04:00 committed by GitHub
parent 759b2a2f01
commit d70c3f63ac
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -2,31 +2,50 @@
The following is a collection of vulnerable servers (VMs) or websites that you can use to practice your skills (sorted alphabetically). The following is a collection of vulnerable servers (VMs) or websites that you can use to practice your skills (sorted alphabetically).
- bWAPP : <https://sourceforge.net/projects/bwapp/files/bWAPP> - [bWAPP ](https://sourceforge.net/projects/bwapp/files/bWAPP)
- Damn Vulnerable ARM Router (DVAR): <http://blog.exploitlab.net/2018/01/dvar-damn-vulnerable-arm-router.html> - [CloudGoat](https://github.com/RhinoSecurityLabs/cloudgoat)
- Damn Vulnerable iOS Application (DVIA): <http://damnvulnerableiosapp.com> - [Damn Small Vulnerable Web](https://github.com/stamparm/DSVW)
- Damn Vulnerable Web App (DVWA): <https://github.com/ethicalhack3r/DVWA> - [Damn Vulnerable ARM Router (DVAR)](http://blog.exploitlab.net/2018/01/dvar-damn-vulnerable-arm-router.html)
- DOMXSS: <http://www.domxss.com/domxss/> - [Damn Vulnerable iOS Application (DVIA)](http://damnvulnerableiosapp.com)
- Game of Hacks: <http://www.gameofhacks.com> - [Damn Vulnerable Web App (DVWA)](https://github.com/ethicalhack3r/DVWA)
- Gruyere: <https://google-gruyere.appspot.com> - [Damn Vulnerable Web Services](https://github.com/snoopysecurity/dvws)
- Hack the Box: <https://www.hackthebox.eu/> - [Damn Vulnerable WordPress](https://github.com/vavkamil/dvwp)
- Hack This Site: <https://www.hackthissite.org> - [DOMXSS](http://www.domxss.com/domxss/)
- Hack This: <https://www.hackthis.co.uk> - [Extreme Vulnerable Node Application(XVNA)](https://github.com/vegabird/xvna)
- Hack Yourself first <https://hack-yourself-first.com/> - [Game of Hacks](http://www.gameofhacks.com)
- Hackazon : <https://github.com/rapid7/hackazon> - [Gruyere](https://google-gruyere.appspot.com)
- HellBound Hackers: <https://www.hellboundhackers.org> - [Hack This Site](https://www.hackthissite.org)
- Metasploitable2 : <https://community.rapid7.com/docs/DOC-1875> - [Hack This](https://www.hackthis.co.uk)
- Metasploitable3 : <https://blog.rapid7.com/2016/11/15/test-your-might-with-the-shiny-new-metasploitable3/> - [Hack Yourself first <https://hack-yourself-first.com/)
- Over The Wire Wargames: <http://overthewire.org/wargames> - [Hackazon ](https://github.com/rapid7/hackazon)
- OWASP Juice Shop : https://www.owasp.org/index.php/OWASP_Juice_Shop_Project - [HellBound Hackers](https://www.hellboundhackers.org)
- OWASP Mutillidae II: <https://sourceforge.net/projects/mutillidae> - [Kubernetes Goat](https://github.com/madhuakula/kubernetes-goat)
- Peruggia: <https://sourceforge.net/projects/peruggia> - [Metasploitable2 ](https://community.rapid7.com/docs/DOC-1875)
- RootMe: <https://www.root-me.org> - [Metasploitable3 ](https://blog.rapid7.com/2016/11/15/test-your-might-with-the-shiny-new-metasploitable3/)
- Samurai Web Testing Framework: <http://www.samurai-wtf.org/> - [Over The Wire Wargames](http://overthewire.org/wargames)
- Try2Hack: <http://www.try2hack.nl> - [OWASP Juice Shop ] https://www.owasp.org/index.php/OWASP_Juice_Shop_Project
- Vicnum: <http://vicnum.ciphertechs.com> - [OWASP Mutillidae II](https://sourceforge.net/projects/mutillidae)
- VulnHub:https://www.vulnhub.com - [Peruggia](https://sourceforge.net/projects/peruggia)
- Web Security Dojo: <https://www.mavensecurity.com/resources/web-security-dojo> - [PortSwigger Web Security Academy](https://portswigger.net/web-security)
- WebSploit Labs (created and maintained by Omar Ωr Santos): https://websploit.h4cker.org - [RootMe](https://www.root-me.org)
- WebGoat: <https://github.com/WebGoat/WebGoat> - [Samurai Web Testing Framework](http://www.samurai-wtf.org/)
- PortSwigger Web Security Academy: <https://portswigger.net/web-security> - [Server-Side Request Forgery (SSRF) vulnerable Lab](https://github.com/incredibleindishell/SSRF_Vulnerable_Lab)
- [Snyk exploit-workshop](https://github.com/snyk/exploit-workshop)
- [Try2Hack](http://www.try2hack.nl)
- [Vicnum](http://vicnum.ciphertechs.com)
- [Vulnerable Single Sign-On (SSO)](https://github.com/dogangcr/vulnerable-sso)
- [Web Security Dojo](https://www.mavensecurity.com/resources/web-security-dojo)
- [WebGoat](https://github.com/WebGoat/WebGoat)
- [XXE Lab](https://github.com/jbarone/xxelab)
## WebSploit Labs
- [WebSploit Labs (created and maintained by Omar Ωr Santos)](https://websploit.org)
- [Mayhem - vulnerable container part of WebSploit](https://websploit.org)
- [RTOV-Hackme - vulnerable container part of WebSploit](https://websploit.org)
- [RTV-Safemode - vulnerable container created by Omar Ωr for DEF CON Safemode](https://websploit.org)
## Learning Platforms and VMs
- [VulnHub](https://www.vulnhub.com)
- [Hack the Box](https://www.hackthebox.eu/)
- [TryHackMe](https://tryhackme.com/)
- [eLearn Security](https://www.elearnsecurity.com/)