Clever Geek Handbook

Pentest sites in 2021. The most complete guide

Since I set out to organize, catalog and collect the most complete list of sites for pentesting, I decided to do it here, so as not to enjoy my work alone.





This list is the most complete list of sites for self-preparation for a pentest to date. Here are collected projects, both new and already, perhaps, rare. So let's go:





:







Hack the box





TOP list





, 127 , 65 CTF- AD. , , .





Hack The Box Hack The Box : - , , , .





Web-Security Academy





Burp Suite. Bug Bounty









OWASP Juice Shop





OWASP Juice Shop โ€”  - , , JavaScript. , .   , -.









Pentesterlab





PentesterLab- , , , - -. PRO, 200 . .









Root-Me





-, 200 50 . ,





VulnHub





VM









Tryhackme





. , , , TryHackMe , , .









Hacker 101









Hacker101- , HackerOne - BugBounty . - .









PentestIt









Pentestit.   Pentestit  .





PentesterAcademy





- . . - . 249$ . .









Atack&Defense





2176 ! , .





CTF Antichat





Antichat โ€” โ€”   CTF-  .





ctf.antichat.com โ€” ( , ) . , .





Avatao





600+ , 10+









Capture The Flag At UCF





.









Exploit Education





Exploit Education. Exploit Education , , , ,









CSAW 365





, .









Practical Pentest Labs





web- Windows. 43$ .









Hack Me





Hack.me - . ยซ ยป ,









XSS Game





Google XSS-









Hackerdom





RuCtf.









FreeHackQuest





KeVa









Hacking-Lab





. , CTF: , , -. VPN . , , .





Enigma Group





Enigma Group 300 -10 OWASP. 48000 CTF-, .





CTFlearn





CTFlearn- , , .





CTF Komodo





โ€“ Komodo Consulting. , , . , . , . , , , ,





RINGZER0 TEAM ONLINE





RingZer0 Team Online CTF 200 , โ€” , SQL-, . , , RingZer0 Team. , RingZer0Gold, .









Hack This Site





Hack This Site โ€” c . , , , , , , JavaScript, , .. , .





W3CHALLS





W3Challs โ€” , , , , , . โ€” . .









GAME OF HACKS





Game of Hacks , . , .









WebGoat Project





: . . . , . WebGoat โ€” , , Apache Tomcat Java SDK.





SQLI LABS





sql-injections. 65 , ( WAF, mysqlrealescape_string). PHP/MySQL .









PicoCTF





.









Defend the Web





Defend the Web- , . 60+ . , . , . .





OVERTHEWIRE





OverTheWire . Bandit, .





PWNABLE.TW





Pwnable.tw- wargame , . , , , . โ€ฆ









Command Challenge





Bash









IO





netgarage.org, , , , VR . 3 : IO, IO64 IOarm, IO . IO SSH .





Google Gruyere





Python, Gruyere , , "" .





CTFTIME





CTFtime , , , CTF-, . , CTF- , .













:







Mutillidae





opensource- -. โ€” sqlmap, burp suite .. bWAPP โ€” . PHP/MySQL .









Damn Vulnerable Web Application





โ€” - . , - . PHP/MySQL .





bWAPP





- . 100 , OWASP. , must have. โ€” bee-box.





Metasploitable 2





Metasploitable 2 โ€” ยซยป Metasploit Nmap. ,





Metasploitable 3





Metasploitable3 , Metasploit. , , : , , , , CTF .





:







ThreatGEN: Red vs. Blue





An excellent game to dive into the world of Red and Blue TEAM, master the basic concepts, see how the attack goes. In general, it's fun :)





HACKNET





Hacknet is a fun hacking simulator with a computer terminal interface. Follow the directions of the late hacker, whose death, contrary to media coverage, was not accidental.













List from Indians





Well, for whom this is not enough - I propose to independently consider the laboratory ones that were politely provided by colleagues from India :)





As I dive further and study, this guide will be updated and interesting projects will be added.











More articles:


All Articles