漏洞赏金和练习平台

技能练习

• DVWA - Damn Vulnerable Web Application

  • http://www.dvwa.co.uk/

• OWASP WebGoat - Learn the hack - Stop the attack

  • https://owasp.org/www-project-webgoat/

  • https://github.com/WebGoat/WebGoat/releases

• Root me

  • https://www.root-me.org/

• Hack The Box :: Penetration Testing Labs

  • https://www.hackthebox.eu/

• PentesterLab: Learn Web Penetration Testing: The Right Way

  • https://pentesterlab.com/

  • 要付费

• Pentester Academy: Learn Pentesting Online

  • https://www.pentesteracademy.com/

  • 要付费

漏洞赏金

• Directory: Report Vulnerabilities to Companies' Security Teams

  • https://hackerone.com/directory/programs

CTF

• testerting/hacker101-ctf: Hacker101 CTF Writeup

  • https://github.com/testerting/hacker101-ctf

  • Hacker101 CTF 的题解

• WebGoat 靶场题解 - Tr0y's Blog

  • https://www.tr0y.wang/2018/04/06/WebGoat/

  • WebGoat 题解，这个作者的博客也不错

• Webgoat学习笔记 - Alan.Li

  • https://wooyun.js.org/drops/Webgoat学习笔记.html