Offense is the best defense, and the same applies to the world of information security. Here are 19 legitimate sites to practice your hacking skills, whether you’re a developer, a security engineer, a code auditor, or an penetration tester, with practice to become a good security researcher.

foreign

BWAPP is a free and open source Web application security project. It helps security enthusiasts and researchers find and prevent Web vulnerabilities.

Address: itsecgames

2. Damn Vulnerable iOS App (DVIA)

DVIA is an iOS secure app. Its main goal is to provide a legitimate platform for mobile security enthusiasts to learn iOS penetration testing techniques. The APP covers all common iOS security vulnerabilities. It is free and open source, with vulnerability tests and solutions covered in iOS 10.

DVIA (Damn Vulnerable iOS App) – A Vulnerable iOS App for pentesting

3. Damn Vulnerable Web Application (DVWA)

PHP – and mysql-based virtual Web applications, “built-in” common Web vulnerabilities, such as SQL injection, XSS, etc., can be built on their own computers

Address: Damn Vulnerable Web Application

4. Game of Hacks is a game-based test of your security skills, with a large amount of code for each task, which may or may not have security vulnerabilities!

Address: Game of Hacks

5. Google Gruyere – a low-looking but buggy web site designed to help people just starting to learn about application security.

Address: google-gruyere.appspot.com/

6, HackThis!!!!! Designed to teach you how to hack, dump and alter, as well as protect your website hacker tips, offers more than 50 different difficulty levels.

Address: www.hackthis.co.uk/

Hack This Site is a legal and secure Site to test your hacking skills, and contains hacker information, articles, forums and tutorials designed to help you learn hacking skills.

Hack This Site

Hellbound Hackers offers a variety of security practices and challenges designed to teach you how to spot attacks and patch your code. Topics include application encryption and cracking, social work, and rooting. With nearly 100,000 registered members, it is one of the largest hacker communities.

Address: Welcome to Hellbound Hackers

McAfee HacMe Sites provides a variety of hacker and security testing tools

Address: Free Tools | McAfee Downloads

10. Mutillidae mutillidaemutillidae is a free, open source Web application, providing specially permitted security test and intrusion. It includes a wealth of penetration testing items such as SQL injection, cross-site scripting, ClickJacking, local file inclusion, remote code execution, and more.

Address: OWASP Mutillidae II

OverTheWire is a game-based hacker site that lets you learn security techniques and concepts

Address: OverTheWire: Wargames

Peruggia is a hacker site that provides secure, legal attacks

Address: the chief

Root Me improves your hacking skills and network security knowledge with over 200 hacker challenges and 50 virtual environments

Apprentissage dediee au Hacking et a la Securite de l ‘information](link.zhihu.com/?target=htt…)

Try2Hack is one of the oldest hacker sites offering a variety of security challenges.

Address ::[www.try2hack.nl]::

15. One of Vicnum OWASP projects, a simple framework for different needs, and based on the way of games to guide security developers to learn security technology.

Welcome to Vicnum

WebGoat’s most popular project, OWASP, provides a real life security teaching environment to guide users in designing complex application security issues

Address: webappsecmovies.sourceforge.net/webgoat/

domestic

1, Spring and Autumn

It is a good online learning platform for safety knowledge in China, which reproduces complex operating system, tools and network environment completely on the web page, providing learners with an experimental platform that is completely close to the actual environment.

Address: network security training | information security training | hack-proof technologies – I preferred the spring and autumn

2. XCTF_OJ Practice platform

Xctf-oj (X Capture The Flag Online Judge) is a network security technology competition training platform developed by The XCTF organizing committee for PARTICIPANTS of The XCTF Tournament. Xctf-oj platform will collect the real question bank of CTF network security competition at home and abroad, and support the reproduction and recovery of some available online question interactive environment. Xctf-oj will also collect the offline file and online interactive environment of the question after the competition of XCTF League. To form the only site resource in the global CTF community that provides the practice environment for the repetition of the test questions.

Address: XCTF_OJ competition platform

Network information security attack and defense learning platform

Provide basic knowledge examination, vulnerability practice, tutorials and other materials. The actual combat exercises are based on Web topics, including basic level, script level, injection level, upload level, decryption level, comprehensive level, etc.

Address: the network security laboratory | network information security defense learning platform


Public id: Python big shots

Stay tuned for more information and Python technical updates daily!