渗透测试攻防练习实验室 （资源分享，国外在线教程）

Vulnerable Web Applications

Vulnerable Web ApplicationsBadStorehttp://www.badstore.net/BodgeIt Storehttp://code.google.com/p/bodgeit/Butterfly Security Projecthttp://thebutterflytmp.sourceforge.net/bWAPPhttp://www.mmeit.be/bwapp/
http://sourceforge.net/projects/bwapp/files/bee-box/Commixhttps://github.com/stasinopoulos/commix-testbedCryptOMGhttps://github.com/SpiderLabs/CryptOMGDamn Vulnerable Node Application (DVNA)https://github.com/quantumfoam/DVNA/Damn Vulnerable Web App (DVWA)http://www.dvwa.co.uk/Damn Vulnerable Web Services (DVWS)http://dvws.professionallyevil.com/Drunk Admin Web Hacking Challengehttps://bechtsoudis.com/work-stuff/challenges/drunk-admin-web-hacking-challenge/Exploit KB Vulnerable Web Apphttp://exploit.co.il/projects/vuln-web-app/Foundstone Hackme Bankhttp://www.mcafee.com/us/downloads/free-tools/hacme-bank.aspxFoundstone Hackme Bookshttp://www.mcafee.com/us/downloads/free-tools/hacmebooks.aspxFoundstone Hackme Casinohttp://www.mcafee.com/us/downloads/free-tools/hacme-casino.aspxFoundstone Hackme Shippinghttp://www.mcafee.com/us/downloads/free-tools/hacmeshipping.aspxFoundstone Hackme Travelhttp://www.mcafee.com/us/downloads/free-tools/hacmetravel.aspxGameOverhttp://sourceforge.net/projects/null-gameover/hackxorhttp://hackxor.sourceforge.net/cgi-bin/index.plHackazonhttps://github.com/rapid7/hackazonLAMPSecurityhttp://sourceforge.net/projects/lampsecurity/Mothhttp://www.bonsai-sec.com/en/research/moth.phpNOWASP / Mutillidae 2http://sourceforge.net/projects/mutillidae/OWASP BWAhttp://code.google.com/p/owaspbwa/OWASP Hackademichttp://hackademic1.teilar.gr/OWASP SiteGeneratorhttps://www.owasp.org/index.php/Owasp_SiteGeneratorOWASP Brickshttp://sourceforge.net/projects/owaspbricks/OWASP Security Shepherdhttps://www.owasp.org/index.php/OWASP_Security_ShepherdPentesterLabhttps://pentesterlab.com/PHDays iBank CTFhttp://blog.phdays.com/2012/05/once-again-about-remote-banking.htmlSecuriBenchhttp://suif.stanford.edu/~livshits/securibench/SentinelTestbedhttps://github.com/dobin/SentinelTestbedSocketToMehttp://digi.ninja/projects/sockettome.phpsqli-labshttps://github.com/Audi-1/sqli-labsMCIR (Magical Code Injection Rainbow)https://github.com/SpiderLabs/MCIRsqlilabshttps://github.com/himadriganguly/sqlilabsVulnApphttp://www.nth-dimension.org.uk/blog.php?id=88PuzzleMallhttp://code.google.com/p/puzzlemall/WackoPickohttps://github.com/adamdoupe/WackoPickoWAEDhttp://www.waed.infoWebGoat.NEThttps://github.com/jerryhoff/WebGoat.NET/WebSecurity Dojohttp://www.mavensecurity.com/web_security_dojo/XVWAhttps://github.com/s4n7h0/xvwaZap WAVEhttp://code.google.com/p/zaproxy/downloads/detail?name=zap-wave-0.1.zipVulnerable Operating System Installations21LTRhttp://21ltr.com/scenes/Damn Vulnerable Linuxhttp://sourceforge.net/projects/virtualhacking/files/os/dvl/exploit-exercises - nebula, protostar, fusionhttp://exploit-exercises.com/downloadheorot: DE-ICE, hackerdemiahttp://hackingdojo.com/downloads/iso/De-ICE_S1.100.iso
http://hackingdojo.com/downloads/iso/De-ICE_S1.110.iso
http://hackingdojo.com/downloads/iso/De-ICE_S1.120.iso
http://hackingdojo.com/downloads/iso/De-ICE_S2.100.iso
hackerdemia - http://hackingdojo.com/downloads/iso/De-ICE_S1.123.isoHolynixhttp://sourceforge.net/projects/holynix/files/Kioptrixhttp://www.kioptrix.com/blog/LAMPSecurityhttp://sourceforge.net/projects/lampsecurity/Metasploitablehttp://sourceforge.net/projects/virtualhacking/files/os/metasploitable/neutronstarhttp://neutronstar.org/goatselinux.htmlPenTest Laboratoryhttp://pentestlab.org/lab-in-a-box/Pentester Labhttps://www.pentesterlab.com/exercisespWnOShttp://www.pwnos.com/RebootUser Vulnixhttp://www.rebootuser.com/?page_id=1041SecGame # 1: Sauronhttp://sg6-labs.blogspot.co.uk/2007/12/secgame-1-sauron.htmlscriptjunkie.ushttp://www.scriptjunkie.us/2012/04/the-hacker-games/UltimateLAMPhttp://www.amanhardikar.com/mindmaps/practice-links.htmlTurnKey Linuxhttp://www.turnkeylinux.org/Bitnamihttps://bitnami.com/stacksElastic Serverhttp://elasticserver.comOS Boxeshttp://www.osboxes.orgVirtualBoxeshttp://virtualboxes.org/images/VirtualBox Virtual Applianceshttps://virtualboximages.com/CentOShttp://www.centos.org/Default Windows Clientshttps://www.microsoft.com/en-us/evalcenter/evaluate-windows-10-enterprise
https://dev.windows.com/en-us/microsoft-edge/tools/vms/Default Windows Serverhttps://www.microsoft.com/en-us/evalcenter/evaluate-windows-server-technical-previewDefault VMWare vSpherehttp://www.vmware.com/products/vsphere/Sites for Downloading Older Versions of Various SoftwareExploit-DBhttp://www.exploit-db.com/Old Appshttp://www.oldapps.com/Old Versionhttp://www.oldversion.com/VirtualHacking Reposourceforge.net/projects/virtualhacking/files/apps%40realworld/Sites by Vendors of Security Testing SoftwareAcunetix acuforumhttp://testasp.vulnweb.com/Acunetix acubloghttp://testaspnet.vulnweb.com/Acunetix acuarthttp://testphp.vulnweb.com/Cenzic crackmebankhttp://crackme.cenzic.comHP freebankhttp://zero.webappsecurity.comIBM altoromutualhttp://demo.testfire.net/Mavituna testsparkerhttp://aspnet.testsparker.comMavituna testsparkerhttp://php.testsparker.comNTOSpider Test Sitehttp://www.webscantest.com/Sites for Improving Your Hacking SkillsEmbedded Security CTFhttps://microcorruption.comEnigmaGrouphttp://www.enigmagroup.org/Escapehttp://escape.alf.nu/Google Gruyerehttp://google-gruyere.appspot.com/Gh0st Labhttp://www.gh0st.net/Hack This Sitehttp://www.hackthissite.org/HackThishttp://www.hackthis.co.uk/HackQuesthttp://www.hackquest.com/Hack.mehttps://hack.meHacking-Labhttps://www.hacking-lab.comHacker Challengehttp://www.dareyourmind.net/Hacker Testhttp://www.hackertest.net/hACME Gamehttp://www.hacmegame.org/Halls Of Valhallahttp://halls-of-valhalla.org/beta/challengesHax.Torhttp://hax.tor.hu/OverTheWirehttp://www.overthewire.org/wargames/PentestIThttp://www.pentestit.ru/en/CSC Play on Demandhttps://pod.cybersecuritychallenge.org.uk/pwn0https://pwn0.com/home.phpRootContesthttp://rootcontest.com/Root Mehttp://www.root-me.org/?lang=enSecurity Treasure Hunthttp://www.securitytreasurehunt.com/Smash The Stackhttp://www.smashthestack.org/SQLZoohttp://sqlzoo.net/hack/TheBlackSheep and Erikhttp://www.bright-shadows.net/ThisIsLegalhttp://thisislegal.com/Try2Hackhttp://www.try2hack.nl/WabLabhttp://www.wablab.com/hackmeXSS: Can You XSS This?http://canyouxssthis.com/HTMLSanitizer/XSS Gamehttps://xss-game.appspot.com/XSS: ProgPHPhttp://xss.progphp.com/CTF Sites / ArchivesCAPTF Repohttp://captf.com/CTFtime (Details of CTF Challenges)http://ctftime.org/ctfs/CTF write-ups repositoryhttps://github.com/ctfsReddit CTF Announcementshttp://www.reddit.com/r/securityctfshell-storm Repohttp://shell-storm.org/repo/CTF/VulnHubhttps://www.vulnhub.comMobile AppsDamn Vulnerable Android App (DVAA)https://code.google.com/p/dvaa/Damn Vulnerable FirefoxOS Application (DVFA)https://github.com/pwnetrationguru/dvfa/Damn Vulnerable iOS App (DVIA)http://damnvulnerableiosapp.com/ExploitMe Mobile Android Labshttp://securitycompass.github.io/AndroidLabs/ExploitMe Mobile iPhone Labshttp://securitycompass.github.io/iPhoneLabs/Hacme Bank Androidhttp://www.mcafee.com/us/downloads/free-tools/hacme-bank-android.aspxInsecureBankhttp://www.paladion.net/downloadapp.htmlNcN Wargamehttp://noconname.org/evento/wargame/OWASP iGoathttp://code.google.com/p/owasp-igoat/OWASP Goatdroidhttps://github.com/jackMannino/OWASP-GoatDroid-ProjectLabbinjitsuhttps://github.com/binjitsu/binjitsuCTFdhttps://github.com/isislab/CTFdMellivorahttps://github.com/Nakiami/mellivoraNightShadehttps://github.com/UnrealAkama/NightShadeMCIRhttps://github.com/SpiderLabs/MCIRDockerhttps://www.docker.com/Vagranthttps://www.vagrantup.com/NETinVMhttp://informatica.uv.es/~carlos/docencia/netinvm/SmartOShttps://smartos.org/SmartDataCenterhttps://github.com/joyent/sdcvSphere Hypervisorhttps://www.vmware.com/products/vsphere-hypervisor/GNS3http://sourceforge.net/projects/gns-3/OCCPhttps://opencyberchallenge.net/XAMPPhttps://www.apachefriends.org/index.htmlMiscellaneousVulnVPNhttp://www.rebootuser.com/?page_id=1041VulnVoIPhttp://www.rebootuser.com/?page_id=1041Vulnserverhttp://www.thegreycorner.com/2010/12/introducing-vulnserver.htmlNETinVMhttp://informatica.uv.es/~carlos/docencia/netinvm/DVRFhttps://github.com/praetorian-inc/DVRFHackSys Extreme Vulnerable Driverhttp://www.payatu.com/hacksys-extreme-vulnerable-driver/VirtuaPlanthttps://github.com/jseidl/virtuaplantFosscommhttps://github.com/nikosdano/fosscommMorning Catchhttp://blog.cobaltstrike.com/2014/08/06/introducing-morning-catch-a-phishing-paradise/AWBOhttps://labs.snort.org/awbo/awbo.html