Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

awesome-sec-challenges

A curated list of Awesome Security Challenges.
https://github.com/mikeprivette/awesome-sec-challenges

Last synced: 4 days ago
JSON representation

  • Capture The Flag

    • AI/ML CTFs

    • Cloud-Focused

      • CloudFoxable - An intentionally vulnerable Amazon Web Services (AWS) environment.
      • CloudGoat - A vulnerable by design Amazon Web Services (AWS) deployment tool.
      • CONVEX - An open-source CTF platform that lets you spin up CTF events in your Microsoft Azure environment.
      • Damn Vulnerable Cloud Application - an intentionally vulnerable cloud application to teach privilege escalation on Amazon Web Services (AWS).
      • IAM Vulnerable - Use Terraform to deploy IAM resources to learn how to identify and exploit vulnerable IAM configurations.
      • Lambhack - A vulnerable serverless Amazon Web Services (AWS) lambda application.
      • ServerlessGoat - An Amazon Web Services (AWS) serverless application that demonstrates common serverless security flaws.
      • CloudSec Tidbits - Infrastructure as Code (IaC) laboratory reproducing interesting pentest findings by DoyenSec.
      • GCP Goat - An intentionally vulnerable GCP environment to learn and practice GCP security.
      • FLAWS - A CTF site based on common mistakes and gotchas when using Amazon Web Services (AWS).
      • FLAWS2 - The sequel to the flAWS.cloud CTF site with both an Attacker and Defender track using Amazon Web Services (AWS).
      • S3 CTF Challenges - A series of challenges focusing on Amazon Web Services (AWS) S3 misconfigurations.
      • The Big IAM Challenge by Wiz - A hosted Identity and Access Management (IAM) based CTF.
      • Thunder CTF - A CTF site based on attacking vulnerable cloud projects on Google Cloud Platform (GCP).
    • CTF Platforms

      • Facebook CTF - A CTF platform by Facebook to host Jeopardy and “King of the Hill” style Capture the Flag competitions.
      • HackThisSite - A CTF site to practice your ethical hacking skills.
      • OverTheWire - A series of CTFs to practice security concepts in the form of fun-filled games.
      • TryHackMe - An online CTF platform that teaches you about hacking and pentesting by way of gamified challenges.
    • Vulnerable Platforms

      • Damn Vulnerable Bank - An intentionally vulnerable Android banking application.
      • Damn Vulnerable Linux - A vulnerable Linux distribution designed to help sysadmins to better understand how to secure Linux.
      • Damn Vulnerable Web App - A vulnerable PHP/MySQL web application designed to help web developers better understand securing web apps.
      • OWASP Juice Shop - An insecure web application written in Node.js that is vulnerable to the [OWASP Top 10](https://owasp.org/www-project-top-ten/) web application security risks and other real-world vulnerabilities.
    • Introductory Education

      • Cyber Start - High School level introductory hacking courses.
  • Web 3

    • Introductory Education

      • DeFiVulnLabs - A site to learn about Web3 solidity security training on Foundry.
      • DeFiHackLabs - A site that uses real past DeFi hack incidents to let you recreate how the hacks happened and how to secure them.
  • Cryptography

    • Introductory Education

      • Cryptopals - A site to learn about cryptography through problem-solving and programming.
      • CryptoHack - A free platform for learning modern cryptography.
      • MysteryTwister C3 - A variety of tasks and riddles (challenges) at four levels of difficulty.