Penetration Testing Source WebSites

1. https://www.cyberizm.org/cyberizm-penetration-testing-uygulama-merkezi-acikli-sistemler-paylasimi.html
2.  
3. Penetration Testing Uygulama Merkezi Açıklı Sistemler Laboratuvarlar Paylaşımı
4.  
5. [img]http://i.hizliresim.com/8PWRX7.png[/img]
6.  
7. Kaynak => [hide][code]http://www.amanhardikar.com/mindmaps/Practice.html[/code][/hide]
8.  
9. Vulnerable Web Applications
10. ___________________________
11.  
12. [hide]BadStore http://www.badstore.net/
13. BodgeIt Store http://code.google.com/p/bodgeit/
14. Butterfly Security Project http://thebutterflytmp.sourceforge.net/
15. bWAPP http://www.mmeit.be/bwapp/
16. http://sourceforge.net/projects/bwapp/files/bee-box/
17. Commix https://github.com/stasinopoulos/commix-testbed
18. CryptOMG https://github.com/SpiderLabs/CryptOMG
19. Damn Vulnerable Node Application (DVNA) https://github.com/quantumfoam/DVNA/
20. Damn Vulnerable Web App (DVWA) http://www.dvwa.co.uk/
21. Damn Vulnerable Web Services (DVWS) http://dvws.professionallyevil.com/
22. Drunk Admin Web Hacking Challenge https://bechtsoudis.com/work-stuff/challenges/drunk-admin-web-hacking-challenge/
23. Exploit KB Vulnerable Web App http://exploit.co.il/projects/vuln-web-app/
24. Foundstone Hackme Bank http://www.mcafee.com/us/downloads/free-tools/hacme-bank.aspx
25. Foundstone Hackme Books http://www.mcafee.com/us/downloads/free-tools/hacmebooks.aspx
26. Foundstone Hackme Casino http://www.mcafee.com/us/downloads/free-tools/hacme-casino.aspx
27. Foundstone Hackme Shipping http://www.mcafee.com/us/downloads/free-tools/hacmeshipping.aspx
28. Foundstone Hackme Travel http://www.mcafee.com/us/downloads/free-tools/hacmetravel.aspx
29. GameOver http://sourceforge.net/projects/null-gameover/
30. hackxor http://hackxor.sourceforge.net/cgi-bin/index.pl
31. Hackazon https://github.com/rapid7/hackazon
32. LAMPSecurity http://sourceforge.net/projects/lampsecurity/
33. Moth http://www.bonsai-sec.com/en/research/moth.php
34. NOWASP / Mutillidae 2 http://sourceforge.net/projects/mutillidae/
35. OWASP BWA http://code.google.com/p/owaspbwa/
36. OWASP Hackademic http://hackademic1.teilar.gr/
37. OWASP SiteGenerator https://www.owasp.org/index.php/Owasp_SiteGenerator
38. OWASP Bricks http://sourceforge.net/projects/owaspbricks/
39. OWASP Security Shepherd https://www.owasp.org/index.php/OWASP_Security_Shepherd
40. PentesterLab https://pentesterlab.com/
41. PHDays iBank CTF http://blog.phdays.com/2012/05/once-again-about-remote-banking.html
42. SecuriBench http://suif.stanford.edu/~livshits/securibench/
43. SentinelTestbed https://github.com/dobin/SentinelTestbed
44. SocketToMe http://digi.ninja/projects/sockettome.php
45. sqli-labs https://github.com/Audi-1/sqli-labs
46. MCIR (Magical Code Injection Rainbow) https://github.com/SpiderLabs/MCIR
47. sqlilabs https://github.com/himadriganguly/sqlilabs
48. VulnApp http://www.nth-dimension.org.uk/blog.php?id=88
49. PuzzleMall http://code.google.com/p/puzzlemall/
50. WackoPicko https://github.com/adamdoupe/WackoPicko
51. WAED http://www.waed.info
52. WebGoat.NET https://github.com/jerryhoff/WebGoat.NET/
53. WebSecurity Dojo http://www.mavensecurity.com/web_security_dojo/
54. XVWA https://github.com/s4n7h0/xvwa
55. Zap WAVE http://code.google.com/p/zaproxy/downloads/detail?name=zap-wave-0.1.zip
56. Vulnerable Operating System Installations
57. 21LTR http://21ltr.com/scenes/
58. Damn Vulnerable Linux http://sourceforge.net/projects/virtualhacking/files/os/dvl/
59. exploit-exercises - nebula, protostar, fusion http://exploit-exercises.com/download
60. heorot: DE-ICE, hackerdemia http://hackingdojo.com/downloads/iso/De-ICE_S1.100.iso
61. http://hackingdojo.com/downloads/iso/De-ICE_S1.110.iso
62. http://hackingdojo.com/downloads/iso/De-ICE_S1.120.iso
63. http://hackingdojo.com/downloads/iso/De-ICE_S2.100.iso
64. hackerdemia - http://hackingdojo.com/downloads/iso/De-ICE_S1.123.iso
65. Holynix http://sourceforge.net/projects/holynix/files/
66. Kioptrix http://www.kioptrix.com/blog/
67. LAMPSecurity http://sourceforge.net/projects/lampsecurity/
68. Metasploitable http://sourceforge.net/projects/virtualhacking/files/os/metasploitable/
69. neutronstar http://neutronstar.org/goatselinux.html
70. PenTest Laboratory http://pentestlab.org/lab-in-a-box/
71. Pentester Lab https://www.pentesterlab.com/exercises
72. pWnOS http://www.pwnos.com/
73. RebootUser Vulnix http://www.rebootuser.com/?page_id=1041
74. SecGame # 1: Sauron http://sg6-labs.blogspot.co.uk/2007/12/secgame-1-sauron.html
75. scriptjunkie.us http://www.scriptjunkie.us/2012/04/the-hacker-games/
76. UltimateLAMP http://www.amanhardikar.com/mindmaps/practice-links.html
77. TurnKey Linux http://www.turnkeylinux.org/
78. Bitnami https://bitnami.com/stacks
79. Elastic Server http://elasticserver.com
80. OS Boxes http://www.osboxes.org
81. VirtualBoxes http://virtualboxes.org/images/
82. VirtualBox Virtual Appliances https://virtualboximages.com/
83. CentOS http://www.centos.org/
84. Default Windows Clients https://www.microsoft.com/en-us/evalcenter/evaluate-windows-10-enterprise
85. https://dev.windows.com/en-us/microsoft-edge/tools/vms/
86. Default Windows Server https://www.microsoft.com/en-us/evalcenter/evaluate-windows-server-technical-preview
87. Default VMWare vSphere http://www.vmware.com/products/vsphere/
88. Sites for Downloading Older Versions of Various Software
89. Exploit-DB http://www.exploit-db.com/
90. Old Apps http://www.oldapps.com/
91. Old Version http://www.oldversion.com/
92. VirtualHacking Repo sourceforge.net/projects/virtualhacking/files/apps%40realworld/
93. Sites by Vendors of Security Testing Software
94. Acunetix acuforum http://testasp.vulnweb.com/
95. Acunetix acublog http://testaspnet.vulnweb.com/
96. Acunetix acuart http://testphp.vulnweb.com/
97. Cenzic crackmebank http://crackme.cenzic.com
98. HP freebank http://zero.webappsecurity.com
99. IBM altoromutual http://demo.testfire.net/
100. Mavituna testsparker http://aspnet.testsparker.com
101. Mavituna testsparker http://php.testsparker.com
102. NTOSpider Test Site http://www.webscantest.com/
103. Sites for Improving Your Hacking Skills
104. Embedded Security CTF https://microcorruption.com
105. EnigmaGroup http://www.enigmagroup.org/
106. Escape http://escape.alf.nu/
107. Google Gruyere http://google-gruyere.appspot.com/
108. Gh0st Lab http://www.gh0st.net/
109. Hack This Site http://www.hackthissite.org/
110. HackThis http://www.hackthis.co.uk/
111. HackQuest http://www.hackquest.com/
112. Hack.me https://hack.me
113. Hacking-Lab https://www.hacking-lab.com
114. Hacker Challenge http://www.dareyourmind.net/
115. Hacker Test http://www.hackertest.net/
116. hACME Game http://www.hacmegame.org/
117. Halls Of Valhalla http://halls-of-valhalla.org/beta/challenges
118. Hax.Tor http://hax.tor.hu/
119. OverTheWire http://www.overthewire.org/wargames/
120. PentestIT http://www.pentestit.ru/en/
121. CSC Play on Demand https://pod.cybersecuritychallenge.org.uk/
122. pwn0 https://pwn0.com/home.php
123. RootContest http://rootcontest.com/
124. Root Me http://www.root-me.org/?lang=en
125. Security Treasure Hunt http://www.securitytreasurehunt.com/
126. Smash The Stack http://www.smashthestack.org/
127. SQLZoo http://sqlzoo.net/hack/
128. TheBlackSheep and Erik http://www.bright-shadows.net/
129. ThisIsLegal http://thisislegal.com/
130. Try2Hack http://www.try2hack.nl/
131. WabLab http://www.wablab.com/hackme
132. XSS: Can You XSS This? http://canyouxssthis.com/HTMLSanitizer/
133. XSS Game https://xss-game.appspot.com/
134. XSS: ProgPHP http://xss.progphp.com/
135. CTF Sites / Archives
136. CAPTF Repo http://captf.com/
137. CTFtime (Details of CTF Challenges) http://ctftime.org/ctfs/
138. CTF write-ups repository https://github.com/ctfs
139. Reddit CTF Announcements http://www.reddit.com/r/securityctf
140. shell-storm Repo http://shell-storm.org/repo/CTF/
141. VulnHub https://www.vulnhub.com
142. Mobile Apps
143. Damn Vulnerable Android App (DVAA) https://code.google.com/p/dvaa/
144. Damn Vulnerable FirefoxOS Application (DVFA) https://github.com/pwnetrationguru/dvfa/
145. Damn Vulnerable iOS App (DVIA) http://damnvulnerableiosapp.com/
146. ExploitMe Mobile Android Labs http://securitycompass.github.io/AndroidLabs/
147. ExploitMe Mobile iPhone Labs http://securitycompass.github.io/iPhoneLabs/
148. Hacme Bank Android http://www.mcafee.com/us/downloads/free-tools/hacme-bank-android.aspx
149. InsecureBank http://www.paladion.net/downloadapp.html
150. NcN Wargame http://noconname.org/evento/wargame/
151. OWASP iGoat http://code.google.com/p/owasp-igoat/
152. OWASP Goatdroid https://github.com/jackMannino/OWASP-GoatDroid-Project
153. Lab
154. binjitsu https://github.com/binjitsu/binjitsu
155. CTFd https://github.com/isislab/CTFd
156. Mellivora https://github.com/Nakiami/mellivora
157. NightShade https://github.com/UnrealAkama/NightShade
158. MCIR https://github.com/SpiderLabs/MCIR
159. Docker https://www.docker.com/
160. Vagrant https://www.vagrantup.com/
161. NETinVM http://informatica.uv.es/~carlos/docencia/netinvm/
162. SmartOS https://smartos.org/
163. SmartDataCenter https://github.com/joyent/sdc
164. vSphere Hypervisor https://www.vmware.com/products/vsphere-hypervisor/
165. GNS3 http://sourceforge.net/projects/gns-3/
166. OCCP https://opencyberchallenge.net/
167. XAMPP https://www.apachefriends.org/index.html
168. Miscellaneous
169. VulnVPN http://www.rebootuser.com/?page_id=1041
170. VulnVoIP http://www.rebootuser.com/?page_id=1041
171. Vulnserver http://www.thegreycorner.com/2010/12/introducing-vulnserver.html
172. NETinVM http://informatica.uv.es/~carlos/docencia/netinvm/
173. DVRF https://github.com/praetorian-inc/DVRF
174. HackSys Extreme Vulnerable Driver http://www.payatu.com/hacksys-extreme-vulnerable-driver/
175. VirtuaPlant https://github.com/jseidl/virtuaplant
176. Fosscomm https://github.com/nikosdano/fosscomm
177. Morning Catch http://blog.cobaltstrike.com/2014/08/06/introducing-morning-catch-a-phishing-paradise/
178. AWBO https://labs.snort.org/awbo/awbo.html[/hide]