| Aplicaciones web vulnerables |
| OWASP BWA | http://code.google.com/p/owaspbwa/ |
| OWASP Hackademic | http://hackademic1.teilar.gr/ |
| OWASP SiteGenerator | https://www.owasp.org/index.php/Owasp_SiteGenerator |
| OWASP Bricks | http://sourceforge.net/projects/owaspbricks/ |
| OWASP Security Shepherd | https://www.owasp.org/index.php/OWASP_Security_Shepherd |
| Damn Vulnerable Web App (DVWA) | http://www.dvwa.co.uk/ |
| Damn Vulnerable Web Services (DVWS) | http://dvws.professionallyevil.com/ |
| WebGoat.NET | https://github.com/jerryhoff/WebGoat.NET/ |
| PentesterLab | https://pentesterlab.com/ |
| Butterfly Security Project | http://thebutterflytmp.sourceforge.net/ |
| Foundstone Hackme Bank | http://www.mcafee.com/us/downloads/free-tools/hacme-bank.aspx |
| Foundstone Hackme Books | http://www.mcafee.com/us/downloads/free-tools/hacmebooks.aspx |
| Foundstone Hackme Casino | http://www.mcafee.com/us/downloads/free-tools/hacme-casino.aspx |
| Foundstone Hackme Shipping | http://www.mcafee.com/us/downloads/free-tools/hacmeshipping.aspx |
| Foundstone Hackme Travel | http://www.mcafee.com/us/downloads/free-tools/hacmetravel.aspx |
| LAMPSecurity | http://sourceforge.net/projects/lampsecurity/ |
| Moth | http://www.bonsai-sec.com/en/research/moth.php |
| WackoPicko | https://github.com/adamdoupe/WackoPicko |
| BadStore | http://www.badstore.net/ |
| WebSecurity Dojo | http://www.mavensecurity.com/web_security_dojo/ |
| BodgeIt Store | http://code.google.com/p/bodgeit/ |
| hackxor | http://hackxor.sourceforge.net/cgi-bin/index.pl |
| SecuriBench | http://suif.stanford.edu/~livshits/securibench/ |
| SQLol | https://github.com/SpiderLabs/SQLol |
| CryptOMG | https://github.com/SpiderLabs/CryptOMG |
| XMLmao | https://github.com/SpiderLabs/XMLmao |
| Exploit KB Vulnerable Web App | http://exploit.co.il/projects/vuln-web-app/ |
| PHDays iBank CTF | http://blog.phdays.com/2012/05/once-again-about-remote-banking.html |
| GameOver | http://sourceforge.net/projects/null-gameover/ |
| Zap WAVE | http://code.google.com/p/zaproxy/downloads/detail?name=zap-wave-0.1.zip |
| PuzzleMall | http://code.google.com/p/puzzlemall/ |
| VulnApp | http://www.nth-dimension.org.uk/blog.php?id=88 |
| sqli-labs | https://github.com/Audi-1/sqli-labs |
| Drunk Admin Web Hacking Challenge | https://bechtsoudis.com/work-stuff/challenges/drunk-admin-web-hacking-challenge/ |
| bWAPP | http://www.mmeit.be/bwapp/
http://sourceforge.net/projects/bwapp/files/bee-box/ |
| NOWASP / Mutillidae 2 | http://sourceforge.net/projects/mutillidae/ |
| SocketToMe | http://digi.ninja/projects/sockettome.php
|
| Sistemas operativos vulnerables |
| Damn Vulnerable Linux | http://sourceforge.net/projects/virtualhacking/files/os/dvl/ |
| Metasploitable | http://sourceforge.net/projects/virtualhacking/files/os/metasploitable/ |
| LAMPSecurity | http://sourceforge.net/projects/lampsecurity/ |
| UltimateLAMP | http://www.amanhardikar.com/mindmaps/practice-links.html |
| heorot: DE-ICE, hackerdemia | http://hackingdojo.com/downloads/iso/De-ICE_S1.100.iso http://hackingdojo.com/downloads/iso/De-ICE_S1.110.iso http://hackingdojo.com/downloads/iso/De-ICE_S1.120.iso http://hackingdojo.com/downloads/iso/De-ICE_S2.100.iso hackerdemia - http://hackingdojo.com/downloads/iso/De-ICE_S1.123.iso |
| pWnOS | http://www.pwnos.com/ |
| Holynix | http://sourceforge.net/projects/holynix/files/ |
| Kioptrix | http://www.kioptrix.com/blog/ |
| exploit-exercises - nebula, protostar, fusion | http://exploit-exercises.com/download |
| PenTest Laboratory | http://pentestlab.org/lab-in-a-box/ |
| RebootUser Vulnix | http://www.rebootuser.com/?page_id=1041 |
| neutronstar | http://neutronstar.org/goatselinux.html |
| scriptjunkie.us | http://www.scriptjunkie.us/2012/04/the-hacker-games/ |
| 21LTR | http://21ltr.com/scenes/ |
| SecGame # 1: Sauron | http://sg6-labs.blogspot.co.uk/2007/12/secgame-1-sauron.html |
| Pentester Lab | https://www.pentesterlab.com/exercises |
| Vulnserver | http://www.thegreycorner.com/2010/12/introducing-vulnserver.html |
| TurnKey Linux | http://www.turnkeylinux.org/ |
| Bitnami | https://bitnami.com/stacks |
| Elastic Server | http://elasticserver.com |
| CentOS | http://www.centos.org/ |
| Sitios para descargar versiones antiguas de software |
| Exploit-DB | http://www.exploit-db.com/ |
| Old Version | http://www.oldversion.com/ |
| Old Apps | http://www.oldapps.com/ |
| VirtualHacking Repo | sourceforge.net/projects/virtualhacking/files/apps%40realworld/ |
| Sitios por fabricante de software de testing de seguridad |
| Acunetix acuforum | http://testasp.vulnweb.com/ |
| Acunetix acublog | http://testaspnet.vulnweb.com/ |
| Acunetix acuart | http://testphp.vulnweb.com/ |
| Cenzic crackmebank | http://crackme.cenzic.com |
| HP freebank | http://zero.webappsecurity.com |
| IBM altoromutual | http://demo.testfire.net/ |
| Mavituna testsparker | http://aspnet.testsparker.com |
| Mavituna testsparker | http://php.testsparker.com |
| NTOSpider Test Site | http://www.webscantest.com/ |
| Sitios para mejorar tu perfil de hacking |
| EnigmaGroup | http://www.enigmagroup.org/ |
| Exploit Exercises | http://exploit-exercises.com/ |
| Google Gruyere | http://google-gruyere.appspot.com/ |
| Gh0st Lab | http://www.gh0st.net/ |
| Hack This Site | http://www.hackthissite.org/ |
| HackThis | http://www.hackthis.co.uk/ |
| HackQuest | http://www.hackquest.com/ |
| Hack.me | https://hack.me |
| Hacking-Lab | https://www.hacking-lab.com |
| Hacker Challenge | http://www.dareyourmind.net/ |
| Hacker Test | http://www.hackertest.net/ |
| hACME Game | http://www.hacmegame.org/ |
| Hax.Tor | http://hax.tor.hu/ |
| OverTheWire | http://www.overthewire.org/wargames/ |
| PentestIT | http://www.pentestit.ru/en/ |
| pwn0 | https://pwn0.com/home.php |
| RootContest | http://rootcontest.com/ |
| Root Me | http://www.root-me.org/?lang=en |
| Security Treasure Hunt | http://www.securitytreasurehunt.com/ |
| Smash The Stack | http://www.smashthestack.org/ |
| TheBlackSheep and Erik | http://www.bright-shadows.net/ |
| ThisIsLegal | http://thisislegal.com/ |
| Try2Hack | http://www.try2hack.nl/ |
| WabLab | http://www.wablab.com/hackme |
| XSS: Can You XSS This? | http://canyouxssthis.com/HTMLSanitizer/ |
| XSS: ProgPHP | http://xss.progphp.com/ |
| Sitios de CTF / Archivos |
| CTFtime (Details of CTF Challenges) | http://ctftime.org/ctfs/ |
| shell-storm Repo | http://shell-storm.org/repo/CTF/ |
| CAPTF Repo | http://captf.com/ |
| VulnHub | https://www.vulnhub.com |
| Aplicaciones móviles |
| ExploitMe Mobile Android Labs | http://securitycompass.github.io/AndroidLabs/ |
| ExploitMe Mobile iPhone Labs | http://securitycompass.github.io/iPhoneLabs/ |
| OWASP iGoat | http://code.google.com/p/owasp-igoat/ |
| OWASP Goatdroid | https://github.com/jackMannino/OWASP-GoatDroid-Project |
| Damn Vulnerable iOS App (DVIA) | http://damnvulnerableiosapp.com/ |
| Damn Vulnerable Android App (DVAA) | https://code.google.com/p/dvaa/ |
| Damn Vulnerable FirefoxOS Application (DVFA) | https://github.com/pwnetrationguru/dvfa/ |
| NcN Wargame | http://noconname.org/evento/wargame/ |
| Hacme Bank Android | http://www.mcafee.com/us/downloads/free-tools/hacme-bank-android.aspx |
| InsecureBank | http://www.paladion.net/downloadapp.html |
| Miscelánea |
| VulnVPN | http://www.rebootuser.com/?page_id=1041 |
| VulnVoIP | http://www.rebootuser.com/?page_id=1041 |
| NETinVM | http://informatica.uv.es/~carlos/docencia/netinvm/ |
| GNS3 | http://sourceforge.net/projects/gns-3/ |
| XAMPP | https://www.apachefriends.org/index.html |
