Cybersecurity, Cyber, IT, news, computer, security, hacker, whitehat, blackhat, gray hat, education, penetration tester, information security, hacking, video, operating system, OS, google,googledork, VM, online safety, internet security research, article, ethical, elearning, security+, technology, google hacking, windows administrator, tools, free tools, networking resources, SMB,help, cyber-security

Pentesting- General     How-To's       Tools       Scripts    Practice Sites  Links      New Interesting Exploit Code

 Educational Resources

Link Description
Bricks OWASP Project - Bricks project is a downloadable resource that is a deliberately vulnerable site for you to hone your web app penetration skills.  Find various PHP, MySQL, and general misconfigurations to exploit, upload exploit code, and backdoors...
Bodgeit   The BodgeIt Store is a self-contained vulnerable web application which is currently aimed at people who are new to pen testing.  Download the code and run on a local host / VM.
bWAPP bWAPP, which stands for Buggy Web Application, is "a free and open source deliberately insecure downloadable web application that includes over 100 common issues from the OWASP Top 10.
DVL   Damn Vulnerable Linux Build is a poorly configured Linux host riddled with exploitability.  Designed to be run in a VM as a target for honing you Linux hacking skills.
DVWA This web security platform was built with both more experienced security professionals as well as developers and students in mind.
Exploit-Exercises   A variety of VM's designed to provide an opportunity to develop and homn Linux hacking skills.  There are multiple exercises in each VM that get increasingly more difficult.  There are multiple VM's designed to explore an increasingly more complex skillset.
Game of Hacks Game of Hacks is the gamification of application hacking. The site presents users with vulnerable pieces of code.  The goal is to find which vulnerability exists in that code as quickly as possible
Google Gruyere Google Gruyere is site vulnerable site is full of holes.  This teaching tool is designed for those just starting to learn application security.
HackYourselfFirst HackYourselfFirst is a site designed to provide 50 different exploits to find.  This site is part of a commercial training course but open for your use.
McAfee HacMe Sites McAfee HacMe Sites was launched in 2006 and provides a host of sample sites in different vertices for pen testers and security professionals looking to increase their InfoSec chops. Each simulated app offers a "real-world" experience, built with "real-world" vulnerabilities. From mobile bank apps to apps designed to take reservations, these projects cover a wide array of security issues to help any security-minded professional stay ahead of the hackers.  Site are near to bottom of the page...
Metasploitable 3   Metasploitable3 is a VM that is built from the ground up with a large number of security vulnerabilities
Pentester Lab This exercise explains how you can, from a SQL injection, gain access to the administration console, then in the administration console, how you can run commands on the system.