| Aplicaciones web vulnerables
|
|
OWASP BWA
|
http://code.google.com/p/owaspbwa/
|
|
OWASP Hackademic
|
http://hackademic1.teilar.gr/
|
|
OWASP SiteGenerator
|
https://www.owasp.org/index.php/Owasp_SiteGenerator
|
|
OWASP Bricks
|
http://sourceforge.net/projects/owaspbricks/
|
|
OWASP Security Shepherd
|
https://www.owasp.org/index.php/OWASP_Security_Shepherd
|
|
Damn Vulnerable Web App (DVWA)
|
http://www.dvwa.co.uk/
|
|
Damn Vulnerable Web Services (DVWS)
|
http://dvws.professionallyevil.com/
|
|
WebGoat.NET
|
https://github.com/jerryhoff/WebGoat.NET/
|
|
PentesterLab
|
https://pentesterlab.com/
|
|
Butterfly Security Project
|
http://thebutterflytmp.sourceforge.net/
|
|
Foundstone Hackme Bank
|
http://www.mcafee.com/us/downloads/free-tools/hacme-bank.aspx
|
|
Foundstone Hackme Books
|
http://www.mcafee.com/us/downloads/free-tools/hacmebooks.aspx
|
|
Foundstone Hackme Casino
|
http://www.mcafee.com/us/downloads/free-tools/hacme-casino.aspx
|
|
Foundstone Hackme Shipping
|
http://www.mcafee.com/us/downloads/free-tools/hacmeshipping.aspx
|
|
Foundstone Hackme Travel
|
http://www.mcafee.com/us/downloads/free-tools/hacmetravel.aspx
|
|
LAMPSecurity
|
http://sourceforge.net/projects/lampsecurity/
|
|
Moth
|
http://www.bonsai-sec.com/en/research/moth.php
|
|
WackoPicko
|
https://github.com/adamdoupe/WackoPicko
|
|
BadStore
|
http://www.badstore.net/
|
|
WebSecurity Dojo
|
http://www.mavensecurity.com/web_security_dojo/
|
|
BodgeIt Store
|
http://code.google.com/p/bodgeit/
|
|
hackxor
|
http://hackxor.sourceforge.net/cgi-bin/index.pl
|
|
SecuriBench
|
http://suif.stanford.edu/~livshits/securibench/
|
|
SQLol
|
https://github.com/SpiderLabs/SQLol
|
|
CryptOMG
|
https://github.com/SpiderLabs/CryptOMG
|
|
XMLmao
|
https://github.com/SpiderLabs/XMLmao
|
|
Exploit KB Vulnerable Web App
|
http://exploit.co.il/projects/vuln-web-app/
|
|
PHDays iBank CTF
|
http://blog.phdays.com/2012/05/once-again-about-remote-banking.html
|
|
GameOver
|
http://sourceforge.net/projects/null-gameover/
|
|
Zap WAVE
|
http://code.google.com/p/zaproxy/downloads/detail?name=zap-wave-0.1.zip
|
|
PuzzleMall
|
http://code.google.com/p/puzzlemall/
|
|
VulnApp
|
http://www.nth-dimension.org.uk/blog.php?id=88
|
|
sqli-labs
|
https://github.com/Audi-1/sqli-labs
|
|
Drunk Admin Web Hacking Challenge
|
https://bechtsoudis.com/work-stuff/challenges/drunk-admin-web-hacking-challenge/
|
|
bWAPP
|
http://www.mmeit.be/bwapp/
http://sourceforge.net/projects/bwapp/files/bee-box/
|
|
NOWASP / Mutillidae 2
|
http://sourceforge.net/projects/mutillidae/
|
|
SocketToMe
|
http://digi.ninja/projects/sockettome.php
|
| Sistemas operativos vulnerables
|
|
Damn Vulnerable Linux
|
http://sourceforge.net/projects/virtualhacking/files/os/dvl/
|
|
Metasploitable
|
http://sourceforge.net/projects/virtualhacking/files/os/metasploitable/
|
|
LAMPSecurity
|
http://sourceforge.net/projects/lampsecurity/
|
|
UltimateLAMP
|
http://www.amanhardikar.com/mindmaps/practice-links.html
|
|
heorot: DE-ICE, hackerdemia
|
http://hackingdojo.com/downloads/iso/De-ICE_S1.100.iso
http://hackingdojo.com/downloads/iso/De-ICE_S1.110.iso
http://hackingdojo.com/downloads/iso/De-ICE_S1.120.iso
http://hackingdojo.com/downloads/iso/De-ICE_S2.100.iso
hackerdemia - http://hackingdojo.com/downloads/iso/De-ICE_S1.123.iso
|
|
pWnOS
|
http://www.pwnos.com/
|
|
Holynix
|
http://sourceforge.net/projects/holynix/files/
|
|
Kioptrix
|
http://www.kioptrix.com/blog/
|
|
exploit-exercises - nebula, protostar, fusion
|
http://exploit-exercises.com/download
|
|
PenTest Laboratory
|
http://pentestlab.org/lab-in-a-box/
|
|
RebootUser Vulnix
|
http://www.rebootuser.com/?page_id=1041
|
|
neutronstar
|
http://neutronstar.org/goatselinux.html
|
|
scriptjunkie.us
|
http://www.scriptjunkie.us/2012/04/the-hacker-games/
|
|
21LTR
|
http://21ltr.com/scenes/
|
|
SecGame # 1: Sauron
|
http://sg6-labs.blogspot.co.uk/2007/12/secgame-1-sauron.html
|
|
Pentester Lab
|
https://www.pentesterlab.com/exercises
|
|
Vulnserver
|
http://www.thegreycorner.com/2010/12/introducing-vulnserver.html
|
|
TurnKey Linux
|
http://www.turnkeylinux.org/
|
|
Bitnami
|
https://bitnami.com/stacks
|
|
Elastic Server
|
http://elasticserver.com
|
|
CentOS
|
http://www.centos.org/
|
| Sitios para descargar versiones antiguas de software
|
|
Exploit-DB
|
http://www.exploit-db.com/
|
|
Old Version
|
http://www.oldversion.com/
|
|
Old Apps
|
http://www.oldapps.com/
|
|
VirtualHacking Repo
|
sourceforge.net/projects/virtualhacking/files/apps%40realworld/
|
| Sitios por fabricante de software de testing de seguridad
|
|
Acunetix acuforum
|
http://testasp.vulnweb.com/
|
|
Acunetix acublog
|
http://testaspnet.vulnweb.com/
|
|
Acunetix acuart
|
http://testphp.vulnweb.com/
|
|
Cenzic crackmebank
|
http://crackme.cenzic.com
|
|
HP freebank
|
http://zero.webappsecurity.com
|
|
IBM altoromutual
|
http://demo.testfire.net/
|
|
Mavituna testsparker
|
http://aspnet.testsparker.com
|
|
Mavituna testsparker
|
http://php.testsparker.com
|
|
NTOSpider Test Site
|
http://www.webscantest.com/
|
| Sitios para mejorar tu perfil de hacking
|
|
EnigmaGroup
|
http://www.enigmagroup.org/
|
|
Exploit Exercises
|
http://exploit-exercises.com/
|
|
Google Gruyere
|
http://google-gruyere.appspot.com/
|
|
Gh0st Lab
|
http://www.gh0st.net/
|
|
Hack This Site
|
http://www.hackthissite.org/
|
|
HackThis
|
http://www.hackthis.co.uk/
|
|
HackQuest
|
http://www.hackquest.com/
|
|
Hack.me
|
https://hack.me
|
|
Hacking-Lab
|
https://www.hacking-lab.com
|
|
Hacker Challenge
|
http://www.dareyourmind.net/
|
|
Hacker Test
|
http://www.hackertest.net/
|
|
hACME Game
|
http://www.hacmegame.org/
|
|
Hax.Tor
|
http://hax.tor.hu/
|
|
OverTheWire
|
http://www.overthewire.org/wargames/
|
|
PentestIT
|
http://www.pentestit.ru/en/
|
|
pwn0
|
https://pwn0.com/home.php
|
|
RootContest
|
http://rootcontest.com/
|
|
Root Me
|
http://www.root-me.org/?lang=en
|
|
Security Treasure Hunt
|
http://www.securitytreasurehunt.com/
|
|
Smash The Stack
|
http://www.smashthestack.org/
|
|
TheBlackSheep and Erik
|
http://www.bright-shadows.net/
|
|
ThisIsLegal
|
http://thisislegal.com/
|
|
Try2Hack
|
http://www.try2hack.nl/
|
|
WabLab
|
http://www.wablab.com/hackme
|
|
XSS: Can You XSS This?
|
http://canyouxssthis.com/HTMLSanitizer/
|
|
XSS: ProgPHP
|
http://xss.progphp.com/
|
| Sitios de CTF / Archivos
|
|
CTFtime (Details of CTF Challenges)
|
http://ctftime.org/ctfs/
|
|
shell-storm Repo
|
http://shell-storm.org/repo/CTF/
|
|
CAPTF Repo
|
http://captf.com/
|
|
VulnHub
|
https://www.vulnhub.com
|
| Aplicaciones móviles
|
|
ExploitMe Mobile Android Labs
|
http://securitycompass.github.io/AndroidLabs/
|
|
ExploitMe Mobile iPhone Labs
|
http://securitycompass.github.io/iPhoneLabs/
|
|
OWASP iGoat
|
http://code.google.com/p/owasp-igoat/
|
|
OWASP Goatdroid
|
https://github.com/jackMannino/OWASP-GoatDroid-Project
|
|
Damn Vulnerable iOS App (DVIA)
|
http://damnvulnerableiosapp.com/
|
|
Damn Vulnerable Android App (DVAA)
|
https://code.google.com/p/dvaa/
|
|
Damn Vulnerable FirefoxOS Application (DVFA)
|
https://github.com/pwnetrationguru/dvfa/
|
|
NcN Wargame
|
http://noconname.org/evento/wargame/
|
|
Hacme Bank Android
|
http://www.mcafee.com/us/downloads/free-tools/hacme-bank-android.aspx
|
|
InsecureBank
|
http://www.paladion.net/downloadapp.html
|
| Miscelánea
|
|
VulnVPN
|
http://www.rebootuser.com/?page_id=1041
|
|
VulnVoIP
|
http://www.rebootuser.com/?page_id=1041
|
|
NETinVM
|
http://informatica.uv.es/~carlos/docencia/netinvm/
|
|
GNS3
|
http://sourceforge.net/projects/gns-3/
|
|
XAMPP
|
https://www.apachefriends.org/index.html |
