Scribd
Upload
295 views

Vuln

This document lists numerous web applications, operating systems, and mobile applications that have been intentionally developed to contain vulnerabilities for testing purposes. It also provides links to sites that host vulnerable software, old and deprecated application versions, capture the flag games, and sites to improve hacking skills. The resources listed are useful for penetration testers, vulnerability researchers, and others seeking to enhance their skills in a legal, controlled environment.

Uploaded by

ivan
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
295 views

Vuln

This document lists numerous web applications, operating systems, and mobile applications that have been intentionally developed to contain vulnerabilities for testing purposes. It also provides links to sites that host vulnerable software, old and deprecated application versions, capture the flag games, and sites to improve hacking skills. The resources listed are useful for penetration testers, vulnerability researchers, and others seeking to enhance their skills in a legal, controlled environment.

Uploaded by

ivan
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 7

APLICACIONES WEB VULNERABLES

OWASP BWA
http://code.google.com/p/owaspbwa/

OWASP Hackademic
http://hackademic1.teilar.gr/

OWASP SiteGenerator
https://www.owasp.org/index.php/Owasp_SiteGenerator

OWASP Bricks
http://sourceforge.net/projects/owaspbricks/

OWASP Security Shepherd


https://www.owasp.org/index.php/OWASP_Security_Shepherd

Damn Vulnerable Web App (DVWA)


http://www.dvwa.co.uk/

Damn Vulnerable Web Services (DVWS)


http://dvws.professionallyevil.com/

WebGoat.NET
https://github.com/jerryhoff/WebGoat.NET/

PentesterLab
https://pentesterlab.com/

Butterfly Security Project


http://thebutterflytmp.sourceforge.net/

Foundstone Hackme Bank


http://www.mcafee.com/us/downloads/free-tools/hacme-bank.aspx

Foundstone Hackme Books


http://www.mcafee.com/us/downloads/free-tools/hacmebooks.aspx

Foundstone Hackme Casino


http://www.mcafee.com/us/downloads/free-tools/hacme-casino.aspx

Foundstone Hackme Shipping


http://www.mcafee.com/us/downloads/free-tools/hacmeshipping.aspx

Foundstone Hackme Travel


http://www.mcafee.com/us/downloads/free-tools/hacmetravel.aspx

LAMPSecurity
http://sourceforge.net/projects/lampsecurity/

Moth
http://www.bonsai-sec.com/en/research/moth.php

WackoPicko
https://github.com/adamdoupe/WackoPicko

BadStore
http://www.badstore.net/
WebSecurity Dojo
http://www.mavensecurity.com/web_security_dojo/

BodgeIt Store
http://code.google.com/p/bodgeit/

hackxor
http://hackxor.sourceforge.net/cgi-bin/index.pl

SecuriBench
http://suif.stanford.edu/~livshits/securibench/

SQLol
https://github.com/SpiderLabs/SQLol

CryptOMG
https://github.com/SpiderLabs/CryptOMG

XMLmao
https://github.com/SpiderLabs/XMLmao

Exploit KB Vulnerable Web App


http://exploit.co.il/projects/vuln-web-app/

PHDays iBank CTF


http://blog.phdays.com/2012/05/once-again-about-remote-banking.html

GameOver
http://sourceforge.net/projects/null-gameover/

Zap WAVE
http://code.google.com/p/zaproxy/downloads/detail?name=zap-wave-0.1.zip

PuzzleMall
http://code.google.com/p/puzzlemall/

VulnApp
http://www.nth-dimension.org.uk/blog.php?id=88

sqli-labs
https://github.com/Audi-1/sqli-labs

Drunk Admin Web Hacking Challenge


https://bechtsoudis.com/work-stuff/challenges/drunk-admin-web-hacking-challenge/

bWAPP
http://www.mmeit.be/bwapp/
http://sourceforge.net/projects/bwapp/files/bee-box/

NOWASP / Mutillidae 2
http://sourceforge.net/projects/mutillidae/

SocketToMe
http://digi.ninja/projects/sockettome.php

SISTEMAS OPERATIVOS VULNERABLES


Damn Vulnerable Linux
http://sourceforge.net/projects/virtualhacking/files/os/dvl/
Metasploitable
http://sourceforge.net/projects/virtualhacking/files/os/metasploitable/

LAMPSecurity
http://sourceforge.net/projects/lampsecurity/

UltimateLAMP
http://www.amanhardikar.com/mindmaps/practice-links.html

heorot: DE-ICE, hackerdemia


http://hackingdojo.com/downloads/iso/De-ICE_S1.100.iso
http://hackingdojo.com/downloads/iso/De-ICE_S1.110.iso
http://hackingdojo.com/downloads/iso/De-ICE_S1.120.iso
http://hackingdojo.com/downloads/iso/De-ICE_S2.100.iso

hackerdemia
http://hackingdojo.com/downloads/iso/De-ICE_S1.123.iso

pWnOS
http://www.pwnos.com/

Holynix
http://sourceforge.net/projects/holynix/files/

Kioptrix
http://www.kioptrix.com/blog/

exploit-exercises – nebula, protostar, fusion


http://exploit-exercises.com/download

PenTest Laboratory
http://pentestlab.org/lab-in-a-box/

RebootUser Vulnix
http://www.rebootuser.com/?page_id=1041

neutronstar
http://neutronstar.org/goatselinux.html

scriptjunkie.us
http://www.scriptjunkie.us/2012/04/the-hacker-games/

21LTR
http://21ltr.com/scenes/

SecGame # 1: Sauron
http://sg6-labs.blogspot.co.uk/2007/12/secgame-1-sauron.html

Pentester Lab
https://www.pentesterlab.com/exercises

Vulnserver
http://www.thegreycorner.com/2010/12/introducing-vulnserver.html

TurnKey Linux
http://www.turnkeylinux.org/

Bitnami
https://bitnami.com/stacks
Elastic Server
http://elasticserver.com

CentOS
http://www.centos.org/

SITIOS PARA DESCARGAR APLICACIONES VIEJAS

Exploit-DB
http://www.exploit-db.com/

Old Version
http://www.oldversion.com/

Old Apps
http://www.oldapps.com/

VirtualHacking Repo
sourceforge.net/projects/virtualhacking/files/apps%40realworld/

SITIOS DE VENDEDORES DE SOFTWARE DE SEGURIDAD


Acunetix acuforum
http://testasp.vulnweb.com/

Acunetix acublog
http://testaspnet.vulnweb.com/

Acunetix acuart
http://testphp.vulnweb.com/

Cenzic crackmebank
http://crackme.cenzic.com

HP freebank
http://zero.webappsecurity.com

IBM altoromutual
http://demo.testfire.net/

Mavituna testsparker
http://aspnet.testsparker.com

Mavituna testsparker
http://php.testsparker.com

NTOSpider Test Site


http://www.webscantest.com/

SITIOS PARA MEJORAR TUS HABILIDADES DE HACKER

EnigmaGroup
http://www.enigmagroup.org/

Exploit Exercises
http://exploit-exercises.com/

Google Gruyere
http://google-gruyere.appspot.com/
Gh0st Lab
http://www.gh0st.net/

Hack This Site


http://www.hackthissite.org/

HackThis
http://www.hackthis.co.uk/

HackQuest
http://www.hackquest.com/

Hack.me
https://hack.me

Hacking-Lab
https://www.hacking-lab.com

Hacker Challenge
http://www.dareyourmind.net/

Hacker Test
http://www.hackertest.net/

hACME Game
http://www.hacmegame.org/

Hax.Tor
http://hax.tor.hu/

OverTheWire
http://www.overthewire.org/wargames/

PentestIT
http://www.pentestit.ru/en/

pwn0
https://pwn0.com/home.php

RootContest
http://rootcontest.com/

Root Me
http://www.root-me.org/?lang=en

Security Treasure Hunt


http://www.securitytreasurehunt.com/

Smash The Stack


http://www.smashthestack.org/

TheBlackSheep and Erik


http://www.bright-shadows.net/

ThisIsLegal
http://thisislegal.com/

Try2Hack
http://www.try2hack.nl/

WabLab
http://www.wablab.com/hackme

XSS: Can You XSS This?


http://canyouxssthis.com/HTMLSanitizer/

XSS: ProgPHP
http://xss.progphp.com/

SITIOS DE “CAPTURA DE BANDERA” (CTF)

CTFtime (Details of CTF Challenges)


http://ctftime.org/ctfs/

shell-storm Repo
http://shell-storm.org/repo/CTF/

CAPTF Repo
http://captf.com/

VulnHub
https://www.vulnhub.com

APLICACIONES MOVILES

ExploitMe Mobile Android Labs


http://securitycompass.github.io/AndroidLabs/

ExploitMe Mobile iPhone Labs


http://securitycompass.github.io/iPhoneLabs/

OWASP iGoat
http://code.google.com/p/owasp-igoat/

OWASP Goatdroid
https://github.com/jackMannino/OWASP-GoatDroid-Project

Damn Vulnerable iOS App (DVIA)


http://damnvulnerableiosapp.com/

Damn Vulnerable Android App (DVAA)


https://code.google.com/p/dvaa/

Damn Vulnerable FirefoxOS Application (DVFA)


https://github.com/pwnetrationguru/dvfa/

NcN Wargame
http://noconname.org/evento/wargame/

Hacme Bank Android


http://www.mcafee.com/us/downloads/free-tools/hacme-bank-android.aspx

InsecureBank
http://www.paladion.net/downloadapp.html

OTRAS
VulnVPN
http://www.rebootuser.com/?page_id=1041

VulnVoIP
http://www.rebootuser.com/?page_id=1041

NETinVM
http://informatica.uv.es/~carlos/docencia/netinvm/

GNS3
http://sourceforge.net/projects/gns-3/

XAMPP
https://www.apachefriends.org/index.html

You might also like