Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

awesome-cyber-skills

A curated list of hacking environments where you can train your cyber skills legally and safely
https://github.com/joe-shenouda/awesome-cyber-skills

foleranser
LinkedIn - consult.org)
Joe Shenouda - _"Our work is no longer to secure computers alone, it's now about securing society."_
https://github.com/joe-shenouda/
![Donate with PayPal
Altoro Mutual
Arizona Cyber Warfare Range
AzureGoat
BodgeIt Store
bWAPP
Cyber Degrees
Commix testbed
CryptOMG
Cyber Security Base - Secure.|
Cybersecuritychallenge UK
CyberTraining 365
Cybrary.it
Damn Small Vulnerable Web
Damn Vulnerable Android App
Damn Vulnerable Hybrid Mobile App
Damn Vulnerable iOS App
Damn Vulnerable Linux - configured, outdated, and exploitable software that makes it vulnerable to attacks.|
Damn Vulnerable Router Firmware - world environment to help people learn about other CPU architectures outside of the x86_64 space. This project will also help people get into discovering new things about hardware.|
Damn Vulnerable Stateful Web App
Damn Vulnerable Thick Client App
Damn Vulnerable Web App
Damn Vulnerable Web Services - world web service vulnerabilities.|
Damn Vulnerable Web Sockets - server communication.|
Damnvulnerable.me - day app with lots of DOM-related bugs.|
Dareyourmind
DIVA Android
ENISA Training Material - on training sessions.|
exploit.co.il Vulnerable Web App
Exploit-exercises.com - exercises.com provides a variety of virtual machines, documentation and challenges that can be used to learn about a variety of computer security issues such as privilege escalation, vulnerability analysis, exploit development, debugging, reverse engineering, and general cyber security issues.|
ExploitMe Mobile
Game of Hacks
GameOver
Gh0stlab - minded individuals could work together towards the common goal of knowledge.|
GOAD (Game Of Active Directory)
GoatseLinux
Google Gruyere - site scripting vulnerabilities (XSS) and cross-site request forgery (XSRF). Also, you can find labs how to find, fix, and avoid these common vulnerabilities and other bugs that have a security impact, such as denial-of-service, information disclosure, or remote code execution.|
Gracefully Vulnerable Virtual Machine
Hack The Box - level challenge.|
Hack This Site
Hack Yourself First
Hack.me
Hackademic
Hackazon
Hackertest.net
Hacking-Lab - Lab is an online ethical hacking, computer network and security challenge platform, dedicated to finding and educating cyber security talents. Furthermore, Hacking-Lab is providing the CTF and mission style challenges for the European Cyber Security Challenge with Austria, Germany, Switzerland, UK, Spain, Romania and provides free OWASP TOP 10 online security labs.|
Hacksplaining
HackSys Extreme Vulnerable Driver
HackThis!!
Hackxor
Halls of Valhalla - oriented news and articles.|
Hax.Tor
Hellbound Hackers - on approach to computer security. Learn how hackers break in, and how to keep them out.|
Holynix
HSCTF3
Information Assurance Support Environment (IASE)
Java Vulnerable Lab
Juice Shop
LAMPSecurity Training
Magical Code Injection Rainbow
Metasploit Unleashed
Metasploitable 3
Microcorruption CTF
Morning Catch - side attacks and post-exploitation.|
Mutillidae - security enthusiast.|
MysteryTwister C3
National Institutes of Health (NIH)
OpenSecurityTraining.info
Overthewire - filled games.|
OWASP Broken Web Applications Project
OWASP GoatDroid - contained training environment for educating developers and testers on Android security. GoatDroid requires minimal dependencies and is ideal for both Android beginners as well as more advanced users.|
OWASP iGoat
OWASP Mutillidae II - application providing a target for web-security enthusiast.|
OWASP Security Shepherd
OWASP SiteGenerator
Pentesterlab
Pentestit.ru
Peruggia
PicoCTF
Professor Messer
Puzzlemall - A vulnerable web application for practicing session puzzling.|
Pwnable.kr - commercial wargame site which provides various pwn challenges regarding system exploitation. while playing pwnable.kr, you could learn/improve system hacking skills but that shouldn't be your only purpose.|
Pwnos
Reversing.kr
Ringzero
Root Me
Roppers Academy Training
RPISEC/MBE
RPISEC/Malware
SANS Cyber Aces
Scene One
SEED Labs
SentinelTestbed
SG6 SecGame
SlaveHack
SlaveHack 2 *BETA*
Smashthestack
SocketToMe
SQLI labs
Sqlilabs - up for learning SQL Injection Techniques.|
SQLzoo - by-step.|
Stanford SecuriBench / Securibench Micro
The ButterFly - Security Project
ThisIsLegal
Try2Hack - oriented challenges for your entertainment. The challenges are diverse and get progressively harder.|
TryHackMe - on virtual labs. Whether you are an expert or beginner, learn through a virtual room structure to understand theoretical and practical security elements.|
UltimateLAMP
Vicnum - site scripting, SQL injections, and session management issues.|
Vulnerable Node
Vulnhub - created solutions.|
Vulnix
Vulnserver - based threaded TCP server application that is designed to be exploited.|
W3Challs
WackoPicko
Web Attack and Exploitation Distro - configured with various real-world vulnerable web applications in a sandboxed environment. It includes pen testing tools as well.|
Web Security Dojo - alone training environment for Web Application Security.|
WebGoat
Wechall - related problems. You will find Cryptographic, Crackit, Steganography, Programming, Logic and Math/Science. The difficulty of these challenges varies as well.|
XSS-game
XVWA

Programming Languages

PHP 11 Java 5 HTML 4 JavaScript 4 Python 2 TypeScript 1 C 1 C# 1

Keywords

vulnerability 3 php 3 mysql 2 owasp 2 application-security 2 ctf 2 common-vulnerabilities 1 analyzer 1 sql-injection 1 restore-database 1 learning-sql-injection 1 wargame 1 exploitation 1 websockets 1 vulnerabilities 1 ratchet 1 vulnerable-application 1 cordova 1 android 1 vulnerable 1 vulnapp 1 security 1 pentesting 1 owasp-top-ten 1 owasp-top-10 1 javascript 1 hacking 1 appsec 1 24pullrequests 1 xvwa 1 learning-appsec 1 knowledge 1 whitebox 1 security-analyzers 1 nodejs 1 identified-vulnerabilities 1