# 漏洞赏金和练习平台

## 技能练习

* DVWA - Damn Vulnerable Web Application 
  * <http://www.dvwa.co.uk/>

* OWASP WebGoat - Learn the hack - Stop the attack&#x20;
  * <https://owasp.org/www-project-webgoat/>
  * <https://github.com/WebGoat/WebGoat/releases>

* Root me
  * <https://www.root-me.org/>

* Hack The Box :: Penetration Testing Labs&#x20;
  * <https://www.hackthebox.eu/>

* PentesterLab: Learn Web Penetration Testing: The Right Way&#x20;
  * <https://pentesterlab.com/>
  * 要付费

* Pentester Academy: Learn Pentesting Online&#x20;
  * <https://www.pentesteracademy.com/>
  * 要付费

## 漏洞赏金

* Directory: Report Vulnerabilities to Companies' Security Teams&#x20;
  * <https://hackerone.com/directory/programs>

## CTF&#x20;

* testerting/hacker101-ctf: Hacker101 CTF Writeup&#x20;
  * <https://github.com/testerting/hacker101-ctf>
  * Hacker101 CTF 的题解
* WebGoat 靶场题解 - Tr0y's Blog&#x20;
  * <https://www.tr0y.wang/2018/04/06/WebGoat/>
  * WebGoat 题解，这个作者的博客也不错
* Webgoat学习笔记 - Alan.Li&#x20;
  * [https://wooyun.js.org/drops/Webgoat学习笔记.html](https://wooyun.js.org/drops/Webgoat%E5%AD%A6%E4%B9%A0%E7%AC%94%E8%AE%B0.html)