Difference between revisions of "Pentest"

From OnnoWiki
Jump to navigation Jump to search
Line 19: Line 19:
 
* http://www.felipemartins.info/2013/08/pentest-lab-making-a-vulnerable-windows-xp/4/
 
* http://www.felipemartins.info/2013/08/pentest-lab-making-a-vulnerable-windows-xp/4/
 
* http://damnvulnerableiosapp.com
 
* http://damnvulnerableiosapp.com
 
+
* BadStore http://www.badstore.net/
 
+
* BodgeIt Store http://code.google.com/p/bodgeit/
 +
* Butterfly Security Project http://thebutterflytmp.sourceforge.net/
 +
* bWAPP http://www.mmeit.be/bwapp/
 +
* http://sourceforge.net/projects/bwapp/files/bee-box/
 +
* Commix https://github.com/stasinopoulos/commix-testbed
 +
* CryptOMG https://github.com/SpiderLabs/CryptOMG
 +
* Damn Vulnerable Node Application (DVNA) https://github.com/quantumfoam/DVNA/
 +
* Damn Vulnerable Web App (DVWA) http://www.dvwa.co.uk/
 +
* Damn Vulnerable Web Services (DVWS) http://dvws.professionallyevil.com/
 +
* Drunk Admin Web Hacking Challenge https://bechtsoudis.com/work-stuff/challenges/drunk-admin-web-hacking-challenge/
 +
* Exploit KB Vulnerable Web App http://exploit.co.il/projects/vuln-web-app/
 +
* Foundstone Hackme Bank http://www.mcafee.com/us/downloads/free-tools/hacme-bank.aspx
 +
* Foundstone Hackme Books http://www.mcafee.com/us/downloads/free-tools/hacmebooks.aspx
 +
* Foundstone Hackme Casino http://www.mcafee.com/us/downloads/free-tools/hacme-casino.aspx
 +
* Foundstone Hackme Shipping http://www.mcafee.com/us/downloads/free-tools/hacmeshipping.aspx
 +
* Foundstone Hackme Travel http://www.mcafee.com/us/downloads/free-tools/hacmetravel.aspx
 +
* GameOver http://sourceforge.net/projects/null-gameover/
 +
* hackxor http://hackxor.sourceforge.net/cgi-bin/index.pl
 +
* Hackazon https://github.com/rapid7/hackazon
 +
* LAMPSecurity http://sourceforge.net/projects/lampsecurity/
 +
* Moth http://www.bonsai-sec.com/en/research/moth.php
 +
* NOWASP / Mutillidae 2 http://sourceforge.net/projects/mutillidae/
 +
* OWASP BWA http://code.google.com/p/owaspbwa/
 +
* OWASP Hackademic http://hackademic1.teilar.gr/
 +
* OWASP SiteGenerator https://www.owasp.org/index.php/Owasp_SiteGenerator
 +
* OWASP Bricks http://sourceforge.net/projects/owaspbricks/
 +
* OWASP Security Shepherd https://www.owasp.org/index.php/OWASP_Security_Shepherd
 +
* PentesterLab https://pentesterlab.com/
 +
* PHDays iBank CTF http://blog.phdays.com/2012/05/once-again-about-remote-banking.html
 +
* SecuriBench http://suif.stanford.edu/~livshits/securibench/
 +
* SentinelTestbed https://github.com/dobin/SentinelTestbed
 +
* SocketToMe http://digi.ninja/projects/sockettome.php
 +
* sqli-labs https://github.com/Audi-1/sqli-labs
 +
* MCIR (Magical Code Injection Rainbow) https://github.com/SpiderLabs/MCIR
 +
* sqlilabs https://github.com/himadriganguly/sqlilabs
 +
* VulnApp http://www.nth-dimension.org.uk/blog.php?id=88
 +
* PuzzleMall http://code.google.com/p/puzzlemall/
 +
* WackoPicko https://github.com/adamdoupe/WackoPicko
 +
* WAED http://www.waed.info
 +
* WebGoat.NET https://github.com/jerryhoff/WebGoat.NET/
 +
* WebSecurity Dojo http://www.mavensecurity.com/web_security_dojo/
 +
* XVWA https://github.com/s4n7h0/xvwa
 +
* Zap WAVE http://code.google.com/p/zaproxy/downloads/detail?name=zap-wave-0.1.zip
  
 
===Setup Pentest Lab===
 
===Setup Pentest Lab===

Revision as of 10:25, 14 February 2017

Referensi

Vulnerable Apps

Setup Pentest Lab

Metasploit


Capture The Flag

VoIP


Attack pWnOS


Password Attack

Wordlist