Vulnerable Machines/Applications
| Description | |
|---|---|
| OWASP Juice Shop | Is a modern vulnerable web application written in Node.js, Express, and Angular which showcases the entire OWASP Top Ten along with many other real-world application security flaws. |
| Metasploitable 2 | Is a purposefully vulnerable Ubuntu Linux VM that can be used to practice enumeration, automated, and manual exploitation. |
| Metasploitable 3 | Is a template for building a vulnerable Windows VM configured with a wide range of vulnerabilities. |
| DVWA | This is a vulnerable PHP/MySQL web application showcasing many common web application vulnerabilities with varying degrees of difficulty. |
YouTube Channels
| Name | Description |
|---|---|
| IppSec | Provides an extremely in-depth walkthrough of every retired HTB box packed full of insight from his own experience, as well as videos on various techniques. |
| VbScrub | Provides HTB videos as well as videos on techniques, primarily focusing on Active Directory exploitation. |
| STÖK | Provides videos on various infosec related topics, mainly focusing on bug bounties and web application penetration testing. |
| LiveOverflow | Provides videos on a wide variety of technical infosec topics. |
Blogs
0xdf hacks stuff | CTF solutions, malware analysis, home lab development
Tutorial Websites
For practicing scripting skills.
UTW – Under the Wire… PowerShell Training for the People