Skip to content

Instantly share code, notes, and snippets.

@sebnapi
Created May 30, 2014 21:32
Show Gist options
  • Star 3 You must be signed in to star a gist
  • Fork 2 You must be signed in to fork a gist
  • Save sebnapi/040a5225c24c25f12455 to your computer and use it in GitHub Desktop.
Save sebnapi/040a5225c24c25f12455 to your computer and use it in GitHub Desktop.
Penetration Test Laboratories [Vulnerable VM's, Web App's]
Axis2 Web service and Tomcat Manager
CVE-2012-6081: Moinmoin Code Execution
CVE-2008-1930: Wordpress 2.5 Cookie Integrity Protection Vulnerability
CVE-2012-2661: ActiveRecord SQL injection
CVE-2012-1823: PHP CGI
From SQL injection to Shell I
From SQL injection to Shell II
From SQL injection to Shell PostGreSQL Edition
Introduction to Linux Host Review
Rack Cookies and Commands Injection
PHP Include And Post Exploitation
Web For Pentester I
Web For Pentester II
Kioptrix http://www.kioptrix.com/blog/?page_id=135
Kioptrix VM Level 1
Kioptrix VM Level 1.1
Kioptrix VM Level 1.2
Kioptrix VM Level 1.3
OWASP Bricks http://sourceforge.net/projects/owaspbricks
Dakatua 2.0
Barak 1.9
Atrai - 1.8
Phalgu - 1.7
Raidak - 1.6
Lachen - 1.5
Punpun - 1.4
Torsa - 1.3
Feni - 1.2
Betwa - 1.1
Narmada - 1.0
De-ICE http://hackingdojo.com/dojo-media/
De-ICE S1.100
De-ICE S1.110
De-ICE S1.120
De-ICE S1.123
De-ICE S1.130
De-ICE S1.140
De-ICE S2.100
bWAPP - Buggy Web Application [1.7] http://www.itsecgames.com/
NOWASP (Mutillidae) http://sourceforge.net/projects/mutillidae/
Web Security Dojo [2.1] http://sourceforge.net/projects/websecuritydojo
OWASP Hackademic Challenges Project [0.1.1] https://www.owasp.org/index.php/OWASP_Hackademic_Challenges_Project
The Magical Code Injection Rainbow https://github.com/SpiderLabs/MCIR
Metasploitable [2.0] http://sourceforge.net/projects/metasploitable/
GameOver [0.1] https://sourceforge.net/projects/null-gameover/
Hackxor [1.1] http://sourceforge.net/projects/hackxor/
Stanford SecuriBench http://suif.stanford.edu/~livshits/securibench/
OWASP Vicnum Project [15] http://sourceforge.net/projects/vicnum/
The ButterFly - Security Project [1.0 Linux] http://sourceforge.net/projects/thebutterflytmp/
OWASP Hackademic Challenges Project [0.1.1] https://code.google.com/p/owasp-hackademic-challenges/
BodgeIt Store [1.4.0] http://code.google.com/p/bodgeit/
pWnOS [2.0.7] http://www.pwnos.com/
Gruyere http://google-gruyere.appspot.com/
OWASP WebGoat Project https://www.owasp.org/index.php/Category:OWASP_WebGoat_Project
Damn Vulnerable Web Application (DVWA) http://www.dvwa.co.uk/
OWASP Broken Web Applications Project [1.1.1] http://sourceforge.net/projects/owaspbwa/
WackoPicko https://github.com/adamdoupe/WackoPicko
Moth http://www.bonsai-sec.com/en/research/moth.php
exploit.co.il Vulnerable Web App http://sourceforge.net/projects/exploitcoilvuln
Holynix [2.0] http://sourceforge.net/projects/holynix
from http://www.reddit.com/r/hacking/comments/256g7l/penetration_test_laboratories_vulnerable_vms_web/
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment