PenTesting Challenges

https://www.amanhardikar.com/mindmaps/Practice.html

Following table gives the URLs of all the vulnerable web applications, operating system installations, old software and war games [hacking] sites. The URLs for individual applications that are part of other collection entities were not given as it is not necessary to download each of them and manually configure them if they are already available in a configured state. For technologies used in each web application, please refer to the mindmap above.

Vulnerable Web Applications

Butterfly Security Project

Damn Vulnerable Node Application (DVNA)

Damn Vulnerable Web App (DVWA)

Damn Vulnerable Web Services (DVWS)

Exploit KB Vulnerable Web App

MCIR (Magical Code Injection Rainbow)

Vulnerable Operating System Installations

exploit-exercises - nebula, protostar, fusion

VirtualBox Virtual Appliances

Sites for Downloading Older Versions of Various Software

Sites by Vendors of Security Testing Software

Cenzic crackmebank

Mavituna testsparker

Mavituna testsparker

NTOSpider Test Site

Sites for Improving Your Hacking Skills

Embedded Security CTF

TheBlackSheep and Erik

CTF Sites / Archives

CTFtime (Details of CTF Challenges)

CTF write-ups repository

Reddit CTF Announcements

Mobile Apps

Damn Vulnerable Android App (DVAA)

Damn Vulnerable FirefoxOS Application (DVFA)

Damn Vulnerable iOS App (DVIA)

Lab

Miscellaneous

There are other war games sites also. The sites whose core objective is hacking and available for free to all are in the above list. Rest of the sites focus mainly on software cracking, logic/puzzles and therefore not included in the hacking related list. More mindmaps and templates in the MindMaps section at http://www.amanhardikar.com/mindmaps.html

Last updated

Was this helpful?