An open API service indexing awesome lists of open source software.

https://github.com/haaroon/hacking-challenge-site-links

http://web.archive.org/web/20180121233134/http://www.blackroomsec.com/updated-hacking-challenge-site-links/
https://github.com/haaroon/hacking-challenge-site-links

Last synced: 2 months ago
JSON representation

http://web.archive.org/web/20180121233134/http://www.blackroomsec.com/updated-hacking-challenge-site-links/

Awesome Lists containing this project

README

        

# Hacking-Challenge-Site-Links
http://web.archive.org/web/20180121233134/http://www.blackroomsec.com/updated-hacking-challenge-site-links/

These are 70+ sites which offer free challenges for hackers to practice their skills. Some are web-based challenges, some require VPN access to private labs and some are downloadable ISOs and VMs. I’ve tested the links at the time of this posting and they work.

Most of them are at https://www.wechall.net but if I missed a few they will be there.

WeChall is a portal to hacking challenges where you can link your account to all the sites and get ranked. I’ve been a member since 2/2/14.

Internally to the site they have challenges there as well so make sure you check them out!

To find CTFs go to https://www.ctftime.org

On Twitter in the search field type CTF

Google is also your friend.

———————————————

Update 1/21/18 –

I’m going to be putting these in an alphabetically sorted list for you all but here are more sites I’ve been told about or came across in the last few days since I updated.

OWASP reached out to me and mentioned their Juice Shop
https://www.owasp.org/index.php/OWASP_Juice_Shop_Project

———————————————

Hacker Deep Troll mentioned these:

http://ctf.infosecinstitute.com/index.php

https://ructf.org/index.en.html

http://security.cs.rpi.edu/courses/binexp-spring2015/

———————————————

Hacker Muff Diddly told me about this:

https://labs.cydefe.com/

I checked this out last night and there’s a lot for beginners! I really like this site!

———————————————

Hacker opsxcq showed me their vulnerable projects which look very interesting!

https://github.com/opsxcq/

———————————————

Then there’s SecGen I tweeted about this last year but haven’t had time to play with it.

https://github.com/SecGen/SecGen

Thanks Brendan!

———————————————

Hacker shehackspurple showed me her project Devslop!

https://www.owasp.org/index.php/OWASP_DevSlop_Project

Install and start Docker and GitHub.

Type at your command prompt:

git clone https://github.com/thedeadrobots/pixi.git …

cd pixi

docker-compose up

In your browser: http://localhost:8000/login You’re all set!

———————————————

Then there’s hacker Yas3r’s VM that was featured on Hack The Box but you can download now that it’s been retired

https://yaserfaraj.github.io/vm/Nineveh-VM

Hacker Zach Dayton let me know about this

http://www.underthewire.tech/wargames.htm

———————————————

Update 1/17/18 – More links!

https://ctf.hackerfire.com

http://www.janosgyerik.com/hacking-contest-on-a-live-cd/

https://contained.af/

https://smashthestack.org

https://www.pentestpractice.com/challenges

https://ctf.saluslab.net/

https://demo.ctfd.io/

https://potatopla.net/crypto/

https://cryptopals.com/

———————————————

Update 1/16/18 –

This is a hacking site geared towards kids. I built my first pc at 16. I firmly believe in teaching these techniques to youngsters so they can build on solid foundations and grow with technology that is constantly changing!

https://ctf.hak4kidz.com/

———————————————

Update 1/15/18 –

Hacker Nellebot suggested this and while it’s not a hacking site, I agree that puzzles like this are important to strengthen your skills. In my upcoming hacking notes release, I talk about this very topic!

http://www.deathball.net/notpron/

———————————————

I also added the links mentioned in the responses in my Twitter thread. Thank you! If you know of more, DM me!

———————————————

Second update 1/15/18 – Hacker Evan Booth of Counter Hack suggested I add Holiday Hack. My apologies to Evan and our friends over at SANS/Counter Hack for not including it the first go around. I have IMMENSE respect for what you all do and love you guys and what you give to us! I just thought since it’s a yearly challenge it wouldn’t fit but my bad! They can technically be done all year round. Here it is!

https://www.holidayhackchallenge.com

———————————————–

Thanks to NetBiosX for mentioning

OWASP Hackademic: https://github.com/Hackademic/hackademic/

Make sure you check out all the individual projects on OWASP (there are many!) https://www.owasp.org

and definitely check out their Hacking Lab https://www.hacking-lab.com/index.html which has older challenges which still can be done and upcoming.

https://www.amanhardikar.com/mindmaps/Practice.html

https://www.brainquest.sk/

https://www.bright-shadows.net/

https://www.canyoucrackit.co.uk/

https://www.canyouhack.it/

https://www.captf.com/practice-ctf/

https://www.chall.stypr.com/

https://www.chall.tasteless.eu/

https://www.challengeland.co/

https://www.cmdchallenge.com/

https://www.codechef.com/contests/

https://www.counterhack.net/Counter_Hack/Challenges.html

https://www.cryptoclub.org/challenges/index.php

https://www.ctf.forgottensec.com/wiki/index.php

https://www.dareyourmind.net/

https://www.dftt.sourceforge.net/

https://www.en.hacktest.net/

https://www.enigmagroup.org/

https://www.exploit.co.il/projects/vuln

https://www.exploit-exercises.com

https://www.gendou.com/crypto/

https://hack.me/

https://www.hackburger.ee/

https://www.hackergateway.com/

https://www.hacking-challenges.de/

https://www.hacksplaining.com/exercises

https://www.hackthebox.eu/

https://www.hackthis.co.uk/

https://www.hackthissite.org/

https://www.halls-of-valhalla.org/beta/challenges

https://www.hellboundhackers.org/

https://www.ismellpackets.com/category/packet-challenge/

https://www.javaist.com/rosecode/problems.php

https://lab.pentestit.ru/

https://www.lost-chall.org/

https://www.me.hack.me/login

https://www.microcontest.com/

https://microcorruption.com/login

https://www.mod-x.co.uk/

https://www.net-force.nl/challenges/

https://www.netresec.com/

https://www.newbiecontest.org/index.php

https://www.noe.systems/

https://www.overthewire.org/wargames/

https://www.p0wnlabs.com/free/forensics

https://www.pentest.training/index.php

https://www.pentesterlab.com/exercises/

https://www.plaidctf.com/

https://www.practicalpentestlabs.com/

https://www.praetorian.com/challenges/pwnable

https://www.pwnable.kr/index.php

https://www.pwnable.tw/

http://pwnadventure.com/

https://www.questionengine.securitytreasurehunt.com/

https://www.rankk.org/

https://www.reversing.be/

https://www.reversing.kr/

https://www.root-me.org/?lang=en

https://www.ringzer0team.com

https://www.sabrefilms.co.uk/revolutionelite/

https://www.slavehack.com/

https://www.solveme.peng.kr/

https://www.spoj.com/problems/classical/

https://www.suninatas.com/

https://www.tdhack.com/

https://www.thisislegal.com

http://www.trythis0ne.com/index.php

https://www.trytodecrypt.com/

https://www.vulnhub.com

https://www.w3challs.com/

https://www.wargame.kr/challenge

https://www.wixxerd.com/

https://www.yashira.org/

https://www.yoire.com/