Practice CTF List - Capture the Flag - WG.

[geXXos]

Here's a list of some CTF practice sites and tools or CTFs that are long-running.

http://captf.com/   Capture the Flag

Live Online Games


Recommended


Whether they're being updated, contain high quality challenges, or just have a lot of depth, these are probably where you want to spend the most time.


http://hax.tor.hu/
https://pwn0.com/
http://www.smashthestack.org/
http://www.hellboundhackers.org/
http://www.overthewire.org/wargames/
http://counterhack.net/Counter_Hack/Challenges.html
http://www.hackthissite.org/
http://exploit-exercises.com/
http://vulnhub.com/
Others


http://damo.clanteam.com/
http://p6drad-teel.net/~windo/wargame/
http://roothack.org/
http://bright-shadows.net/
http://www.mod-x.co.uk/main.php
http://scanme.nmap.org/
http://www.hackertest.net/
http://net-force.nl/
http://securityoverride.org/ Some good concepts, but "canned" vulnerabilities (string matching on input) will frustrate knowledgable hackers and teach newbies the wrong lessons
Meta


http://www.wechall.net/sites.php (excellent list of challenge sites)
http://ctf.forgottensec.com/wiki/ (good CTF wiki, though focused on CCDC)
http://repo.shell-storm.org/CTF/ (great archive of recent CTFs)
Webapp Specific


http://demo.testfire.net/
http://wocares.com/xsstester.php
http://crackme.cenzic.com/
http://test.acunetix.com/
http://zero.webappsecurity.com/
http://ha.ckers.org/challenge/
http://ha.ckers.org/challenge2/
Forensics Specific


http://computer-forensics.sans.org/community/challenges
http://www.dc3.mil/challenge/
http://forensicscontest.com/
Recruiting


http://rtncyberjobs.com/
http://0x41414141.com/
Paid Training


http://heorot.net/
Downloadable Offline Games


http://www.badstore.net/
http://www.owasp.org/index.php/Category:OWASP_WebGoat_Project
http://www.owasp.org/index.php/Owasp_SiteGenerator
Damn Vulnerable Web App
Stanford SecureBench
Stanford SecureBench Micro
Damn Vulnerable Linux (not currently live? local mirror)
http://www.irongeek.com/i.php?page=security/mutillidae-deliberately-vulnerable-php-owasp-top-10
Inactive or Gone


Just around for historical sake, or on the off-chance they come back.


http://rootcontest.com/
http://intruded.net/
https://how2hack.net
WebMaven (Buggy Bank)
http://www.foundstone.com/us/resources/proddesc/hacmetravel.htm
http://www.foundstone.com/us/resources/proddesc/hacmebooks.htm
http://www.foundstone.com/us/resources/proddesc/hacmecasino.htm
http://www.foundstone.com/us/resources/proddesc/hacmeshipping.htm
http://hackme.ntobjectives.com/
http://testphp.acunetix.com/
http://testasp.acunetix.com/Default.asp
http://prequals.nuitduhack.com
http://www.gat3way.eu/index.php (Russian)

[Snayler]

You and Kulverstukas are on a rampage! I can't keep up with the applauds, unfortunately. Thanks for all the shares, I'll sure use most of them to practice and learn new things.

[Darkvision]

i vote yes for geXXos's VIP status. I mean jesus man you post at least 3 new links a day to check out. do you spend your entire day just surfing the web for new hacking sites?


edit: forgot to say obvious +1. love you!

[geXXos]

Thanks Snayler and Darkvision nice you liked it guys love you too .

[parad0x]

You and Kulverstukas are on a rampage! I can't keep up with the applauds, unfortunately. Thanks for all the shares, I'll sure use most of them to practice and learn new things.

Ya man, if you say, I'll marry you.


Sorry, you can't repeat a karma action without waiting 1 hours.

Doesn't really matter, I still have to give you +2.

[geXXos]

Hehe, thanks paradox, but i will say no to your proposal, i love only vagina's ....XD

Is nice to share, bro

[imation]

nice list,

done most of these... some are proper lame tho.., (SO.ORG)

[Axon]

Fantastic share geXXos. +1