EvilZone
Other => Found it on the Webs => : geXXos July 01, 2013, 07:02:45 PM
-
Here's a list of some CTF practice sites and tools or CTFs that are long-running.
http://captf.com/ (http://captf.com/) Capture the Flag
Live Online Games
Recommended
Whether they're being updated, contain high quality challenges, or just have a lot of depth, these are probably where you want to spend the most time.
http://hax.tor.hu/ (http://hax.tor.hu/)
https://pwn0.com/ (https://pwn0.com/)
http://www.smashthestack.org/ (http://www.smashthestack.org/)
http://www.hellboundhackers.org/ (http://www.hellboundhackers.org/)
http://www.overthewire.org/wargames/ (http://www.overthewire.org/wargames/)
http://counterhack.net/Counter_Hack/Challenges.html (http://counterhack.net/Counter_Hack/Challenges.html)
http://www.hackthissite.org/ (http://www.hackthissite.org/)
http://exploit-exercises.com/ (http://exploit-exercises.com/)
http://vulnhub.com/ (http://vulnhub.com/)
Others
http://damo.clanteam.com/ (http://damo.clanteam.com/)
http://p6drad-teel.net/~windo/wargame/ (http://p6drad-teel.net/~windo/wargame/)
http://roothack.org/ (http://roothack.org/)
http://bright-shadows.net/ (http://bright-shadows.net/)
http://www.mod-x.co.uk/main.php (http://www.mod-x.co.uk/main.php)
http://scanme.nmap.org/ (http://scanme.nmap.org/)
http://www.hackertest.net/ (http://www.hackertest.net/)
http://net-force.nl/ (http://net-force.nl/)
http://securityoverride.org/ (http://securityoverride.org/) Some good concepts, but "canned" vulnerabilities (string matching on input) will frustrate knowledgable hackers and teach newbies the wrong lessons
Meta
http://www.wechall.net/sites.php (http://www.wechall.net/sites.php) (excellent list of challenge sites)
http://ctf.forgottensec.com/wiki/ (http://ctf.forgottensec.com/wiki/) (good CTF wiki, though focused on CCDC)
http://repo.shell-storm.org/CTF/ (http://repo.shell-storm.org/CTF/) (great archive of recent CTFs)
Webapp Specific
http://demo.testfire.net/ (http://demo.testfire.net/)
http://wocares.com/xsstester.php (http://wocares.com/xsstester.php)
http://crackme.cenzic.com/ (http://crackme.cenzic.com/)
http://test.acunetix.com/ (http://test.acunetix.com/)
http://zero.webappsecurity.com/ (http://zero.webappsecurity.com/)
http://ha.ckers.org/challenge/ (http://ha.ckers.org/challenge/)
http://ha.ckers.org/challenge2/ (http://ha.ckers.org/challenge2/)
Forensics Specific
http://computer-forensics.sans.org/community/challenges (http://computer-forensics.sans.org/community/challenges)
http://www.dc3.mil/challenge/ (http://www.dc3.mil/challenge/)
http://forensicscontest.com/ (http://forensicscontest.com/)
Recruiting
http://rtncyberjobs.com/ (http://rtncyberjobs.com/)
http://0x41414141.com/ (http://0x41414141.com/)
Paid Training
http://heorot.net/ (http://heorot.net/)
Downloadable Offline Games
http://www.badstore.net/ (http://www.badstore.net/)
http://www.owasp.org/index.php/Category:OWASP_WebGoat_Project (http://www.owasp.org/index.php/Category:OWASP_WebGoat_Project)
http://www.owasp.org/index.php/Owasp_SiteGenerator (http://www.owasp.org/index.php/Owasp_SiteGenerator)
Damn Vulnerable Web App
Stanford SecureBench
Stanford SecureBench Micro
Damn Vulnerable Linux (not currently live? local mirror)
http://www.irongeek.com/i.php?page=security/mutillidae-deliberately-vulnerable-php-owasp-top-10 (http://www.irongeek.com/i.php?page=security/mutillidae-deliberately-vulnerable-php-owasp-top-10)
Inactive or Gone
Just around for historical sake, or on the off-chance they come back.
http://rootcontest.com/ (http://rootcontest.com/)
http://intruded.net/ (http://intruded.net/)
https://how2hack.net (https://how2hack.net)
WebMaven (Buggy Bank) (http://www.mavensecurity.com/WebMaven/)
http://www.foundstone.com/us/resources/proddesc/hacmetravel.htm (http://www.foundstone.com/us/resources/proddesc/hacmetravel.htm)
http://www.foundstone.com/us/resources/proddesc/hacmebooks.htm (http://www.foundstone.com/us/resources/proddesc/hacmebooks.htm)
http://www.foundstone.com/us/resources/proddesc/hacmecasino.htm (http://www.foundstone.com/us/resources/proddesc/hacmecasino.htm)
http://www.foundstone.com/us/resources/proddesc/hacmeshipping.htm (http://www.foundstone.com/us/resources/proddesc/hacmeshipping.htm)
http://hackme.ntobjectives.com/ (http://hackme.ntobjectives.com/)
http://testphp.acunetix.com/ (http://testphp.acunetix.com/)
http://testasp.acunetix.com/Default.asp (http://testasp.acunetix.com/Default.asp)
http://prequals.nuitduhack.com (http://prequals.nuitduhack.com)
http://www.gat3way.eu/index.php (http://www.gat3way.eu/index.php) (Russian)
-
You and Kulverstukas are on a rampage! I can't keep up with the applauds, unfortunately. Thanks for all the shares, I'll sure use most of them to practice and learn new things.
-
i vote yes for geXXos's VIP status. I mean jesus man you post at least 3 new links a day to check out. do you spend your entire day just surfing the web for new hacking sites?
edit: forgot to say obvious +1. love you!
-
Thanks Snayler and Darkvision nice you liked it guys love you too .
-
You and Kulverstukas are on a rampage! I can't keep up with the applauds, unfortunately. Thanks for all the shares, I'll sure use most of them to practice and learn new things.
Ya man, if you say, I'll marry you. ;D
Sorry, you can't repeat a karma action without waiting 1 hours.
Doesn't really matter, I still have to give you +2.
-
Hehe, thanks paradox, but i will say no to your proposal, i love only vagina's ....XD
Is nice to share, bro :)
-
nice list,
done most of these... some are proper lame tho.., (SO.ORG)
-
Fantastic share geXXos. +1