공부하시는 학생들에게 좋은 자료가 될 것 같습니다.
May 10th, 2011
It’s very difficult for the beginner security analyst, mainly the ones interested in the area of pentesting, to find good study pentesting resources. Starting from the principle that in pentesting there are many other sub areas of study, it becomes more and more difficult to choose and then find a proper pentesting study application.
As the beginner knows nearly nothing it became very difficult to prepare a Home Pentesting Lab for study, once that beginners has to know something about coding a vulnerable application fisrt, then exploit them.
Thinking about that i’ve decided to gather a list, the most complete I could, with all vulnerable pentesting tools I could find. They are categorized based on the type of application like Web Pentesting, War Games and Insecure Distributions. Due to the amount of tools I won’t be doing any previews because it would delay this post a lot and make it a little boring to read. I’m gonna review every tool with complete labs later on in future posts.
As I don’t know every pentesting tool in the planet, feel free to contact me if you remember any application, in fact I would much appreciate it. And I apologize if I miscategorized some of them, feel free to tell me when I’ve done that so i can correct that.
Note that this post intends to show only vulnerable applications used to be exploited, not the tools used to exploit them.
Web Pentesting
War Games
Application Name | Company / Developer | URL |
Hell Bound Hackers | Hell Bound Hackers | http://hellboundhackers.org/ |
Vulnerability Assessment | Kevin Orrey | http://www.vulnerabilityassessment.co.uk/ |
Smash the Stack | Smash the Stack | http://www.smashthestack.org/ |
Over the Wire | Over the Wire | http://www.overthewire.org/wargames/ |
Hack This Site | Hack This Site | http://www.hackthissite.org/ |
Hacking Lab | Hacking Lab | https://www.hacking-lab.com/ |
We Chall | We Chall | https://www.wechall.net/ |
REMnux | REMnux | http://zeltser.com/remnux/ |
Insecure Distributions
Application Name | Company / Developer | URL |
Damm Vulnerable Linux | DVL | http://www.damnvulnerablelinux.org/ |
Metasploitable | Offensive Security | http://blog.metasploit.com/2010/05/introducing-metasploitable.html |
de-ICE | Hacker Junkie | http://www.de-ice.net/ |
Moth | Bonsai Security Software | http://www.bonsai-sec.com/en/research/moth.php |
PwnOS | Niel Dickson | http://www.neildickson.com/os/ |
Holynix | Pynstrom | http://pynstrom.net/holynix.php |
Have fun !!!
[출처] http://www.felipemartins.info/2011/05/pentesting-vulnerable-study-frameworks-complete-list/
'수술_도구 > 실험샘플(Dummy)' 카테고리의 다른 글
Damn Vulnerable Web App (DVWA) (0) | 2011.09.01 |
---|---|
OWASP Top 10 Tools and Tactics (0) | 2011.09.01 |