InfosecTrainingLinks

1. hacking] sites. The URLs for individual applications that are part of other collection entities were not given as it is not necessary to download each of them and manually configure them if they are already available in a configured state. For technologies used in each web application, please refer to the mindmap above.
2.  
3. Vulnerable Web Applications
4. BadStore http://www.badstore.net/
5. BodgeIt Store http://code.google.com/p/bodgeit/
6. Butterfly Security Project http://thebutterflytmp.sourceforge.net/
7. bWAPP http://www.mmeit.be/bwapp/
8. http://sourceforge.net/projects/bwapp/files/bee-box/
9. Commix https://github.com/stasinopoulos/commix-testbed
10. CryptOMG https://github.com/SpiderLabs/CryptOMG
11. Damn Vulnerable Node Application (DVNA) https://github.com/quantumfoam/DVNA/
12. Damn Vulnerable Web App (DVWA) http://www.dvwa.co.uk/
13. Damn Vulnerable Web Services (DVWS) http://dvws.professionallyevil.com/
14. Drunk Admin Web Hacking Challenge https://bechtsoudis.com/work-stuff/challenges/drunk-admin-web-hacking-challenge/
15. Exploit KB Vulnerable Web App http://exploit.co.il/projects/vuln-web-app/
16. Foundstone Hackme Bank http://www.mcafee.com/us/downloads/free-tools/hacme-bank.aspx
17. Foundstone Hackme Books http://www.mcafee.com/us/downloads/free-tools/hacmebooks.aspx
18. Foundstone Hackme Casino http://www.mcafee.com/us/downloads/free-tools/hacme-casino.aspx
19. Foundstone Hackme Shipping http://www.mcafee.com/us/downloads/free-tools/hacmeshipping.aspx
20. Foundstone Hackme Travel http://www.mcafee.com/us/downloads/free-tools/hacmetravel.aspx
21. GameOver http://sourceforge.net/projects/null-gameover/
22. hackxor http://hackxor.sourceforge.net/cgi-bin/index.pl
23. Hackazon https://github.com/rapid7/hackazon
24. LAMPSecurity http://sourceforge.net/projects/lampsecurity/
25. Moth http://www.bonsai-sec.com/en/research/moth.php
26. NOWASP / Mutillidae 2 http://sourceforge.net/projects/mutillidae/
27. OWASP BWA http://code.google.com/p/owaspbwa/
28. OWASP Hackademic http://hackademic1.teilar.gr/
29. OWASP SiteGenerator https://www.owasp.org/index.php/Owasp_SiteGenerator
30. OWASP Bricks http://sourceforge.net/projects/owaspbricks/
31. OWASP Security Shepherd https://www.owasp.org/index.php/OWASP_Security_Shepherd
32. PentesterLab https://pentesterlab.com/
33. PHDays iBank CTF http://blog.phdays.com/2012/05/once-again-about-remote-banking.html
34. SecuriBench http://suif.stanford.edu/~livshits/securibench/
35. SentinelTestbed https://github.com/dobin/SentinelTestbed
36. SocketToMe http://digi.ninja/projects/sockettome.php
37. sqli-labs https://github.com/Audi-1/sqli-labs
38. MCIR (Magical Code Injection Rainbow) https://github.com/SpiderLabs/MCIR
39. sqlilabs https://github.com/himadriganguly/sqlilabs
40. VulnApp http://www.nth-dimension.org.uk/blog.php?id=88
41. PuzzleMall http://code.google.com/p/puzzlemall/
42. WackoPicko https://github.com/adamdoupe/WackoPicko
43. WAED http://www.waed.info
44. WebGoat.NET https://github.com/jerryhoff/WebGoat.NET/
45. WebSecurity Dojo http://www.mavensecurity.com/web_security_dojo/
46. XVWA https://github.com/s4n7h0/xvwa
47. Zap WAVE http://code.google.com/p/zaproxy/downloads/detail?name=zap-wave-0.1.zip
48. Vulnerable Operating System Installations
49. 21LTR http://21ltr.com/scenes/
50. Damn Vulnerable Linux http://sourceforge.net/projects/virtualhacking/files/os/dvl/
51. exploit-exercises - nebula, protostar, fusion http://exploit-exercises.com/download
52. heorot: DE-ICE, hackerdemia http://hackingdojo.com/downloads/iso/De-ICE_S1.100.iso
53. http://hackingdojo.com/downloads/iso/De-ICE_S1.110.iso
54. http://hackingdojo.com/downloads/iso/De-ICE_S1.120.iso
55. http://hackingdojo.com/downloads/iso/De-ICE_S2.100.iso
56. hackerdemia - http://hackingdojo.com/downloads/iso/De-ICE_S1.123.iso
57. Holynix http://sourceforge.net/projects/holynix/files/
58. Kioptrix http://www.kioptrix.com/blog/
59. LAMPSecurity http://sourceforge.net/projects/lampsecurity/
60. Metasploitable http://sourceforge.net/projects/virtualhacking/files/os/metasploitable/
61. neutronstar http://neutronstar.org/goatselinux.html
62. PenTest Laboratory http://pentestlab.org/lab-in-a-box/
63. Pentester Lab https://www.pentesterlab.com/exercises
64. pWnOS http://www.pwnos.com/
65. RebootUser Vulnix http://www.rebootuser.com/?page_id=1041
66. SecGame # 1: Sauron http://sg6-labs.blogspot.co.uk/2007/12/secgame-1-sauron.html
67. scriptjunkie.us http://www.scriptjunkie.us/2012/04/the-hacker-games/
68. UltimateLAMP http://www.amanhardikar.com/mindmaps/practice-links.html
69. TurnKey Linux http://www.turnkeylinux.org/
70. Bitnami https://bitnami.com/stacks
71. Elastic Server http://elasticserver.com
72. OS Boxes http://www.osboxes.org
73. VirtualBoxes http://virtualboxes.org/images/
74. VirtualBox Virtual Appliances https://virtualboximages.com/
75. CentOS http://www.centos.org/
76. Default Windows Clients https://www.microsoft.com/en-us/evalcenter/evaluate-windows-10-enterprise
77. https://dev.windows.com/en-us/microsoft-edge/tools/vms/
78. Default Windows Server https://www.microsoft.com/en-us/evalcenter/evaluate-windows-server-technical-preview
79. Default VMWare vSphere http://www.vmware.com/products/vsphere/
80. Sites for Downloading Older Versions of Various Software
81. Exploit-DB http://www.exploit-db.com/
82. Old Apps http://www.oldapps.com/
83. Old Version http://www.oldversion.com/
84. VirtualHacking Repo sourceforge.net/projects/virtualhacking/files/apps%40realworld/
85. Sites by Vendors of Security Testing Software
86. Acunetix acuforum http://testasp.vulnweb.com/
87. Acunetix acublog http://testaspnet.vulnweb.com/
88. Acunetix acuart http://testphp.vulnweb.com/
89. Cenzic crackmebank http://crackme.cenzic.com
90. HP freebank http://zero.webappsecurity.com
91. IBM altoromutual http://demo.testfire.net/
92. Mavituna testsparker http://aspnet.testsparker.com
93. Mavituna testsparker http://php.testsparker.com
94. NTOSpider Test Site http://www.webscantest.com/
95. Sites for Improving Your Hacking Skills
96. Embedded Security CTF https://microcorruption.com
97. EnigmaGroup http://www.enigmagroup.org/
98. Escape http://escape.alf.nu/
99. Google Gruyere http://google-gruyere.appspot.com/
100. Gh0st Lab http://www.gh0st.net/
101. Hack This Site http://www.hackthissite.org/
102. HackThis http://www.hackthis.co.uk/
103. HackQuest http://www.hackquest.com/
104. Hack.me https://hack.me
105. Hacking-Lab https://www.hacking-lab.com
106. Hacker Challenge http://www.dareyourmind.net/
107. Hacker Test http://www.hackertest.net/
108. hACME Game http://www.hacmegame.org/
109. Halls Of Valhalla http://halls-of-valhalla.org/beta/challenges
110. Hax.Tor http://hax.tor.hu/
111. OverTheWire http://www.overthewire.org/wargames/
112. PentestIT http://www.pentestit.ru/en/
113. CSC Play on Demand https://pod.cybersecuritychallenge.org.uk/
114. pwn0 https://pwn0.com/home.php
115. RootContest http://rootcontest.com/
116. Root Me http://www.root-me.org/?lang=en
117. Security Treasure Hunt http://www.securitytreasurehunt.com/
118. Smash The Stack http://www.smashthestack.org/
119. SQLZoo http://sqlzoo.net/hack/
120. TheBlackSheep and Erik http://www.bright-shadows.net/
121. ThisIsLegal http://thisislegal.com/
122. Try2Hack http://www.try2hack.nl/
123. WabLab http://www.wablab.com/hackme
124. XSS: Can You XSS This? http://canyouxssthis.com/HTMLSanitizer/
125. XSS Game https://xss-game.appspot.com/
126. XSS: ProgPHP http://xss.progphp.com/
127. CTF Sites / Archives
128. CAPTF Repo http://captf.com/
129. CTFtime (Details of CTF Challenges) http://ctftime.org/ctfs/
130. CTF write-ups repository https://github.com/ctfs
131. Reddit CTF Announcements http://www.reddit.com/r/securityctf
132. shell-storm Repo http://shell-storm.org/repo/CTF/
133. VulnHub https://www.vulnhub.com
134. Mobile Apps
135. Damn Vulnerable Android App (DVAA) https://code.google.com/p/dvaa/
136. Damn Vulnerable FirefoxOS Application (DVFA) https://github.com/pwnetrationguru/dvfa/
137. Damn Vulnerable iOS App (DVIA) http://damnvulnerableiosapp.com/
138. ExploitMe Mobile Android Labs http://securitycompass.github.io/AndroidLabs/
139. ExploitMe Mobile iPhone Labs http://securitycompass.github.io/iPhoneLabs/
140. Hacme Bank Android http://www.mcafee.com/us/downloads/free-tools/hacme-bank-android.aspx
141. InsecureBank http://www.paladion.net/downloadapp.html
142. NcN Wargame http://noconname.org/evento/wargame/
143. OWASP iGoat http://code.google.com/p/owasp-igoat/
144. OWASP Goatdroid https://github.com/jackMannino/OWASP-GoatDroid-Project
145. Lab
146. binjitsu https://github.com/binjitsu/binjitsu
147. CTFd https://github.com/isislab/CTFd
148. Mellivora https://github.com/Nakiami/mellivora
149. NightShade https://github.com/UnrealAkama/NightShade
150. MCIR https://github.com/SpiderLabs/MCIR
151. Docker https://www.docker.com/
152. Vagrant https://www.vagrantup.com/
153. NETinVM http://informatica.uv.es/~carlos/docencia/netinvm/
154. SmartOS https://smartos.org/
155. SmartDataCenter https://github.com/joyent/sdc
156. vSphere Hypervisor https://www.vmware.com/products/vsphere-hypervisor/
157. GNS3 http://sourceforge.net/projects/gns-3/
158. OCCP https://opencyberchallenge.net/
159. XAMPP https://www.apachefriends.org/index.html
160. Miscellaneous
161. VulnVPN http://www.rebootuser.com/?page_id=1041
162. VulnVoIP http://www.rebootuser.com/?page_id=1041
163. Vulnserver http://www.thegreycorner.com/2010/12/introducing-vulnserver.html
164. NETinVM http://informatica.uv.es/~carlos/docencia/netinvm/
165. DVRF https://github.com/praetorian-inc/DVRF
166. HackSys Extreme Vulnerable Driver http://www.payatu.com/hacksys-extreme-vulnerable-driver/
167. VirtuaPlant https://github.com/jseidl/virtuaplant
168. Fosscomm https://github.com/nikosdano/fosscomm
169. Morning Catch http://blog.cobaltstrike.com/2014/08/06/introducing-morning-catch-a-phishing-paradise/
170. AWBO https://labs.snort.org/awbo/awbo.html
171.  
172. There are other war games sites also. The sites whose core objective is hacking and available for free to all are in the above list. Rest of the sites focus mainly on software cracking, logic/puzzles and therefore not included in the hacking related list.