Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
awesome-cyber-skills
A curated list of hacking environments where you can train your cyber skills legally and safely
https://github.com/joe-shenouda/awesome-cyber-skills
- foleranser
- LinkedIn - consult.org)
- Joe Shenouda - _"Our work is no longer to secure computers alone, it's now about securing society."_
- https://github.com/joe-shenouda/
- ![Donate with PayPal
- Altoro Mutual
- Arizona Cyber Warfare Range
- AzureGoat
- BodgeIt Store
- bWAPP
- Cyber Degrees
- Commix testbed
- CryptOMG
- Cyber Security Base - Secure.|
- Cybersecuritychallenge UK
- CyberTraining 365
- Cybrary.it
- Damn Small Vulnerable Web
- Damn Vulnerable Android App
- Damn Vulnerable Hybrid Mobile App
- Damn Vulnerable iOS App
- Damn Vulnerable Linux - configured, outdated, and exploitable software that makes it vulnerable to attacks.|
- Damn Vulnerable Router Firmware - world environment to help people learn about other CPU architectures outside of the x86_64 space. This project will also help people get into discovering new things about hardware.|
- Damn Vulnerable Stateful Web App
- Damn Vulnerable Thick Client App
- Damn Vulnerable Web App
- Damn Vulnerable Web Services - world web service vulnerabilities.|
- Damn Vulnerable Web Sockets - server communication.|
- Damnvulnerable.me - day app with lots of DOM-related bugs.|
- Dareyourmind
- DIVA Android
- ENISA Training Material - on training sessions.|
- exploit.co.il Vulnerable Web App
- Exploit-exercises.com - exercises.com provides a variety of virtual machines, documentation and challenges that can be used to learn about a variety of computer security issues such as privilege escalation, vulnerability analysis, exploit development, debugging, reverse engineering, and general cyber security issues.|
- ExploitMe Mobile
- Game of Hacks
- GameOver
- Gh0stlab - minded individuals could work together towards the common goal of knowledge.|
- GOAD (Game Of Active Directory)
- GoatseLinux
- Google Gruyere - site scripting vulnerabilities (XSS) and cross-site request forgery (XSRF). Also, you can find labs how to find, fix, and avoid these common vulnerabilities and other bugs that have a security impact, such as denial-of-service, information disclosure, or remote code execution.|
- Gracefully Vulnerable Virtual Machine
- Hack The Box - level challenge.|
- Hack This Site
- Hack Yourself First
- Hack.me
- Hackademic
- Hackazon
- Hackertest.net
- Hacking-Lab - Lab is an online ethical hacking, computer network and security challenge platform, dedicated to finding and educating cyber security talents. Furthermore, Hacking-Lab is providing the CTF and mission style challenges for the European Cyber Security Challenge with Austria, Germany, Switzerland, UK, Spain, Romania and provides free OWASP TOP 10 online security labs.|
- Hacksplaining
- HackSys Extreme Vulnerable Driver
- HackThis!!
- Hackxor
- Halls of Valhalla - oriented news and articles.|
- Hax.Tor
- Hellbound Hackers - on approach to computer security. Learn how hackers break in, and how to keep them out.|
- Holynix
- HSCTF3
- Information Assurance Support Environment (IASE)
- Java Vulnerable Lab
- Juice Shop
- LAMPSecurity Training
- Magical Code Injection Rainbow
- Metasploit Unleashed
- Metasploitable 3
- Microcorruption CTF
- Morning Catch - side attacks and post-exploitation.|
- Mutillidae - security enthusiast.|
- MysteryTwister C3
- National Institutes of Health (NIH)
- OpenSecurityTraining.info
- Overthewire - filled games.|
- OWASP Broken Web Applications Project
- OWASP GoatDroid - contained training environment for educating developers and testers on Android security. GoatDroid requires minimal dependencies and is ideal for both Android beginners as well as more advanced users.|
- OWASP iGoat
- OWASP Mutillidae II - application providing a target for web-security enthusiast.|
- OWASP Security Shepherd
- OWASP SiteGenerator
- Pentesterlab
- Pentestit.ru
- Peruggia
- PicoCTF
- Professor Messer
- Puzzlemall - A vulnerable web application for practicing session puzzling.|
- Pwnable.kr - commercial wargame site which provides various pwn challenges regarding system exploitation. while playing pwnable.kr, you could learn/improve system hacking skills but that shouldn't be your only purpose.|
- Pwnos
- Reversing.kr
- Ringzero
- Root Me
- Roppers Academy Training
- RPISEC/MBE
- RPISEC/Malware
- SANS Cyber Aces
- Scene One
- SEED Labs
- SentinelTestbed
- SG6 SecGame
- SlaveHack
- SlaveHack 2 *BETA*
- Smashthestack
- SocketToMe
- SQLI labs
- Sqlilabs - up for learning SQL Injection Techniques.|
- SQLzoo - by-step.|
- Stanford SecuriBench / Securibench Micro
- The ButterFly - Security Project
- ThisIsLegal
- Try2Hack - oriented challenges for your entertainment. The challenges are diverse and get progressively harder.|
- TryHackMe - on virtual labs. Whether you are an expert or beginner, learn through a virtual room structure to understand theoretical and practical security elements.|
- UltimateLAMP
- Vicnum - site scripting, SQL injections, and session management issues.|
- Vulnerable Node
- Vulnhub - created solutions.|
- Vulnix
- Vulnserver - based threaded TCP server application that is designed to be exploited.|
- W3Challs
- WackoPicko
- Web Attack and Exploitation Distro - configured with various real-world vulnerable web applications in a sandboxed environment. It includes pen testing tools as well.|
- Web Security Dojo - alone training environment for Web Application Security.|
- WebGoat
- Wechall - related problems. You will find Cryptographic, Crackit, Steganography, Programming, Logic and Math/Science. The difficulty of these challenges varies as well.|
- XSS-game
- XVWA
Programming Languages
Keywords
vulnerability
3
php
3
mysql
2
owasp
2
application-security
2
ctf
2
common-vulnerabilities
1
analyzer
1
sql-injection
1
restore-database
1
learning-sql-injection
1
wargame
1
exploitation
1
websockets
1
vulnerabilities
1
ratchet
1
vulnerable-application
1
cordova
1
android
1
vulnerable
1
vulnapp
1
security
1
pentesting
1
owasp-top-ten
1
owasp-top-10
1
javascript
1
hacking
1
appsec
1
24pullrequests
1
xvwa
1
learning-appsec
1
knowledge
1
whitebox
1
security-analyzers
1
nodejs
1
identified-vulnerabilities
1