Open Web Application Security Project Broken Web Applications Project (OWASPBWA)
It is a collection of web applications with vulnerable scripts. Made for VMware, this web application suite comes with a large number of common web vulnerabilities to practice against
Damn Vulnerable Linux (DVL):
DVL is a Linux distro, which should have all the security issues, which a good Linux distro shouldn’t have. It consists of broken software and outdated scripts, so that the users could utilize the maximum out of it, and exploit it.
OWASP WebGoat is a J2EE based web application, containing numerous web application security vulnerabilities. The user may complete each of the level based on his knowledge of web application security, plus he could make a custom level for WebGoat too.
Some of the more vulnerable targets include
- Virtual Hacking Lab
- BodgeIt Store
- Hackademic Challenges
- OWASP Vicnum Project
- Stanford Securibench