Lista com aplicações e ambientes web para realização de testes de intrusão e estudos

Tags: , , , , ,

08/03/2015 → Gustavo Lima → Comentários: 1

Domingo produtivo este hein..

Pois é pessoal, trago para vc’s, leitores do blog, mais uma lista bem bacana e que servirá de sorte para aqueles que desejam aprender, e até mesmo, melhorar o seu skill no que diz respeito a testes de intrusão focados em aplicações Web.

Tem de tudo nesta lista e espero que vc’s gostem.

Vulnerable Web Applications
OWASP BWA http://code.google.com/p/owaspbwa/
OWASP Hackademic http://hackademic1.teilar.gr/
OWASP SiteGenerator https://www.owasp.org/index.php/Owasp_SiteGenerator
OWASP Bricks http://sourceforge.net/projects/owaspbricks/
OWASP Security Shepherd https://www.owasp.org/index.php/OWASP_Security_Shepherd
Damn Vulnerable Web App (DVWA) http://www.dvwa.co.uk/
Damn Vulnerable Web Services (DVWS) http://dvws.professionallyevil.com/
WebGoat.NET https://github.com/jerryhoff/WebGoat.NET/
PentesterLab https://pentesterlab.com/
Butterfly Security Project http://thebutterflytmp.sourceforge.net/
Foundstone Hackme Bank http://www.mcafee.com/us/downloads/free-tools/hacme-bank.aspx
Foundstone Hackme Books http://www.mcafee.com/us/downloads/free-tools/hacmebooks.aspx
Foundstone Hackme Casino http://www.mcafee.com/us/downloads/free-tools/hacme-casino.aspx
Foundstone Hackme Shipping http://www.mcafee.com/us/downloads/free-tools/hacmeshipping.aspx
Foundstone Hackme Travel http://www.mcafee.com/us/downloads/free-tools/hacmetravel.aspx
LAMPSecurity http://sourceforge.net/projects/lampsecurity/
Moth http://www.bonsai-sec.com/en/research/moth.php
WackoPicko https://github.com/adamdoupe/WackoPicko
BadStore http://www.badstore.net/
WebSecurity Dojo http://www.mavensecurity.com/web_security_dojo/
BodgeIt Store http://code.google.com/p/bodgeit/
hackxor http://hackxor.sourceforge.net/cgi-bin/index.pl
SecuriBench http://suif.stanford.edu/~livshits/securibench/
SQLol https://github.com/SpiderLabs/SQLol
CryptOMG https://github.com/SpiderLabs/CryptOMG
XMLmao https://github.com/SpiderLabs/XMLmao
Exploit KB Vulnerable Web App http://exploit.co.il/projects/vuln-web-app/
PHDays iBank CTF http://blog.phdays.com/2012/05/once-again-about-remote-banking.html
GameOver http://sourceforge.net/projects/null-gameover/
Zap WAVE http://code.google.com/p/zaproxy/downloads/detail?name=zap-wave-0.1.zip
PuzzleMall http://code.google.com/p/puzzlemall/
VulnApp http://www.nth-dimension.org.uk/blog.php?id=88
sqli-labs https://github.com/Audi-1/sqli-labs
Drunk Admin Web Hacking Challenge https://bechtsoudis.com/work-stuff/challenges/drunk-admin-web-hacking-challenge/
bWAPP http://www.mmeit.be/bwapp/
http://sourceforge.net/projects/bwapp/files/bee-box/
NOWASP / Mutillidae 2 http://sourceforge.net/projects/mutillidae/
SocketToMe http://digi.ninja/projects/sockettome.php
Vulnerable Operating System Installations
Damn Vulnerable Linux http://sourceforge.net/projects/virtualhacking/files/os/dvl/
Metasploitable http://sourceforge.net/projects/virtualhacking/files/os/metasploitable/
LAMPSecurity http://sourceforge.net/projects/lampsecurity/
UltimateLAMP http://www.amanhardikar.com/mindmaps/practice-links.html
heorot: DE-ICE, hackerdemia http://hackingdojo.com/downloads/iso/De-ICE_S1.100.iso
http://hackingdojo.com/downloads/iso/De-ICE_S1.110.iso
http://hackingdojo.com/downloads/iso/De-ICE_S1.120.iso
http://hackingdojo.com/downloads/iso/De-ICE_S2.100.iso
hackerdemia – http://hackingdojo.com/downloads/iso/De-ICE_S1.123.iso
pWnOS http://www.pwnos.com/
Holynix http://sourceforge.net/projects/holynix/files/
Kioptrix http://www.kioptrix.com/blog/
exploit-exercises – nebula, protostar, fusion http://exploit-exercises.com/download
PenTest Laboratory http://pentestlab.org/lab-in-a-box/
RebootUser Vulnix http://www.rebootuser.com/?page_id=1041
neutronstar http://neutronstar.org/goatselinux.html
scriptjunkie.us http://www.scriptjunkie.us/2012/04/the-hacker-games/
21LTR http://21ltr.com/scenes/
SecGame # 1: Sauron http://sg6-labs.blogspot.co.uk/2007/12/secgame-1-sauron.html
Pentester Lab https://www.pentesterlab.com/exercises
Vulnserver http://www.thegreycorner.com/2010/12/introducing-vulnserver.html
TurnKey Linux http://www.turnkeylinux.org/
Bitnami https://bitnami.com/stacks
Elastic Server http://elasticserver.com
CentOS http://www.centos.org/

VEJA TAMBÉM

 Mastering Nginx Nginx sem dúvidas é o webserver mais fantástico que existe no mercado. E os motivos para isso são claros: A sua arquitetura é simples e o seu processamento é bem diferente do velho índio, o Apache....
Hacking9 Extra Web Server Security Download A edição especial da Revista Hakin9 - Extra Web Server Security Download, trouxe uma série de reportagens interessantes quanto a segurança focada em servidores Web. Alguns tipos de ataque, módulos ...
Penetration Testing – para download É com grande felicidade qua anuncio que o pessoal do bookdl liberou para consulta o livro Penetration Testing, este publicado pela editora nostarch, e de leitura mais do que recomendada para todo prot...
COMPARTILHE ESTE ARTIGO

COMENTÁRIOS

Um comentário em “Lista com aplicações e ambientes web para realização de testes de intrusão e estudos

DEIXAR UM COMENTÁRIO

MENU