awesome-hacking-training

A continuous learning environment. New challenges are added monthly, to enable you to continuously learn, hack and improve.

A real life cyber range where you build their own servers and defend them while attacking other servers.

Test your skills by hacking your way through hundreds of challenges, and learn cybersecurity in community.

It is a kind of archive about CTF competitions.

Team competitions that consist of a set of computer security challenges involving reverse-engineering, memory corruption, cryptography, web technologies, and more.

Carefully crafted environments based on real vulnerabilities, released pentests and bug bounty findings.

A place for practicing XSS, in particular filter bypassing. It requires familiarity of JavaScript and URL encoding / HTML encoding.

DOM Security learning platform with different levels, each level targetting on different sources and sinks.

Learn return-oriented programming (ROP) through a series of challenges.

In this training program, you will learn to find and exploit XSS bugs.

Cybersecurity platform that presents a number of challenges in Cryptography and Steganography, Exploiting, Forensics, Networking, and Reversing.

Provides a variety of resources to learn about vulnerability analysis, exploit development, software debugging, binary analysis, and general cybersecurity topics.

A platform for learn in web hacking and bug bounties.

Cybersecurity training platform, includes academy, labs, CTFs, and job board.

A free training ground to test and expand their ethical hacking skills with challenges, CTFs, and more.

A cybersecurity upskilling platform with training, scenarios, labs, and warm-ups.

Cloud labs by Hack The Box for learning offensive and defensive security.

Learn AWS security by attacking and defending cloud environments.

Through a series of levels you'll learn about common mistakes and gotchas when using Amazon Web Services (AWS).

Put your knowledge into practice with gamified cyber security challenges.

This portal is your gateway to documented digital forensic image datasets.

Hands-On Blue Team Training with hands-on experience by investigating real cyber attacks inside a simulated SOC.

A PHP application with over 100 web vulnerabilities. It covers all major known web bugs, including all risks from the OWASP Top 10 project.

A PHP/MariaDB web application that is intentionally vulnerable, designed to help users test their skills and tools while enabling web developers to better understand how to secure web applications.

A platform to learn about major vulnerabilities affecting the technology stack and to practice hacking real vulnerable applications to understand how attacks work.

An open-source web application intentionally designed with vulnerabilities for educational and security testing purposes.

A highly configurable web application security training platform that can be used by a single local user, in a competitive classroom environment, or in an online hacking competition.

A framework designed for quickly configuring training virtual machines with tools and vulnerable application targets.

This is a simple place where you can download crackmes to improve your reverse engineering skills.

Introductory course to binary exploitation/reverse engineering based on CTF (Capture The Flag) challenges.

Reverse engineering exercises that include different architectures and operating systems.

A modern platform built on a microservices architecture that helps you understand the ten most critical API security risks. An OWASP project.

A vulnerable API made with Flask and it includes vulnerabilities from the OWASP top 10 vulnerabilities for APIs.

An API built with PHP and MySQL that simulates OWASP API Top 10 scenarios through practical exercises.

An API developed using .NET 7.0 and MongoDB, based on the findings listed in the OWASP 2019 API Security Top 10.