penetration testing


공부용 프레임워크 & war game 사이트 입니다. 해봤던 것들도 꽤 있네요 ㅎㅎ


원본 : http://www.felipemartins.info/2011/05/pentesting-vulnerable-study-frameworks-complete-list/



Web Pentesting

Application NameCompany/DeveloperURL
OWASP WebGoatOWASPhttp://www.owasp.org/index.php/OWASP_WebGoat_Project
OWASP VicnumOWASPhttp://www.owasp.org/index.php/Category:OWASP_Vicnum_Project
OWASP InsecureWebAppOWASPhttp://www.owasp.org/index.php/Category:OWASP_Insecure_Web_App_Project
Web Security DOJOMaven SecurityConsultinghttp://www.mavensecurity.com/web_security_dojo/
Gruyere (antigo Codelab / Jalsberg)Googlehttp://google-gruyere.appspot.com/
Hacme GameNTNUhttp://hacmegame.org/
SPI DynamicsSPI Dynamicshttp://zero.webappsecurity.com/
Acunetix 1Acunetixhttp://testphp.vulnweb.com/
Acunetix 2Acunetixhttp://testasp.vulnweb.com/
Acunetix 3Acunetixhttp://testaspnet.vulnweb.com/
PCTechtips ChallengePC Tech Tipshttp://pctechtips.org/hacker-challenge-pwn3d-the-login-form/
Damn VulnerableWeb ApplicationDVWAhttp://dvwa.co.uk/
MutillidaeIron Geekhttp://www.irongeek.com/i.php?page=security/mutillidae-deliberately-vulnerable-php-owasp-top-10
The ButterflySecurity ProjectThe Butterfly Securityhttp://sourceforge.net/projects/thebutterflytmp/
Hacme CasinoMcAfeehttp://www.mcafee.com/us/downloads/free-tools/hacme-casino.aspx
Hacme Bank 2.0McAfeehttp://www.mcafee.com/us/downloads/free-tools/hacme-bank.aspx
Updated HackmeBankMcAfeehttp://www.o2-ounceopen.com/technical-info/2008/12/8/updated-version-of-hacmebank.html
Hacme BooksMcAfeehttp://www.mcafee.com/us/downloads/free-tools/hacmebooks.aspx
Hacme TravelMcAfeehttp://www.mcafee.com/us/downloads/free-tools/hacmetravel.aspx
Hacme ShippingMcAfeehttp://www.mcafee.com/us/downloads/free-tools/hacmeshipping.aspx
MothBonsai Sechttp://www.bonsai-sec.com/en/research/moth.php
Stanford SecuriBenchStandfordhttp://suif.stanford.edu/%7Elivshits/securibench/
SecuriBench MicroStandfordhttp://suif.stanford.edu/%7Elivshits/work/securibench-micro/
BadStoreBadStorehttp://www.badstore.net/
WebMaven/Buggy BankMaven Securityhttp://www.mavensecurity.com/webmaven
EnigmaGroupEnigma Grouphttp://enigmagroup.org/
XSS Encoding Skills – x5s (Casaba Watcher)X5Shttp://www.nottrusted.com/x5s/
Exploit- DBExploit DBhttp://www.exploit-db.com/webapps
The Bodgeit StoreThe Bodgeit Storehttp://code.google.com/p/bodgeit/
LampSecurityMadIrishhttp://sourceforge.net/projects/lampsecurity/
hackxorHackxorhttp://hackxor.sourceforge.net/cgi-bin/index.pl
WackoPickoWackoPicko

https://github.com/adamdoupe/WackoPicko

RSnake’s Vulnerability LabRSnakehttp://ha.ckers.org/weird/

 

War Games

Application NameCompany / DeveloperURL
Hell Bound HackersHell Bound Hackershttp://hellboundhackers.org/
Vulnerability AssessmentKevin Orreyhttp://www.vulnerabilityassessment.co.uk/
Smash the StackSmash the Stackhttp://www.smashthestack.org/
Over the WireOver the Wirehttp://www.overthewire.org/wargames/
Hack This SiteHack This Sitehttp://www.hackthissite.org/
Hacking LabHacking Labhttps://www.hacking-lab.com/
We ChallWe Challhttps://www.wechall.net/
REMnuxREMnuxhttp://zeltser.com/remnux/

 

Insecure Distributions

Application NameCompany / DeveloperURL
Damm Vulnerable LinuxDVLhttp://www.damnvulnerablelinux.org/
MetasploitableOffensive Securityhttp://blog.metasploit.com/2010/05/introducing-metasploitable.html
de-ICEHacker Junkiehttp://www.de-ice.net/
MothBonsai Security Softwarehttp://www.bonsai-sec.com/en/research/moth.php
PwnOSNiel Dicksonhttp://www.neildickson.com/os/
HolynixPynstromhttp://pynstrom.net/holynix.php

+ Recent posts