- picoCTF
- OverTheWire
- UnderTheWire
- Hack This Site
- Microcorruption
- Smash The Stack
- https://defendtheweb.net/?hackthis (an interactive Cyber security platform)<== registration required. many articles and a playground with challenges
- https://www.root-me.org/?lang=en (free and paid accounts)
- Sans Holiday Hack Challenges
- https://ringzer0ctf.com/challenges/
- HackTheBox has a free membership level.
- http://www.gameofhacks.com/game
- http://www.try2hack.nl/ warned away by Google safe surfing. Site seems to be up, though and has challenges
- https://www.hellboundhackers.org/ <== this is a forum as well as hosting "simulated security challenges"
- https://www.tracelabs.org/getinvolved/ctf/ == finding missing people thru OS INT
- http://elseheartbreak.com/ is a hacking challenge of a game in which you win by hacking into the computers in-universe.
- https://store.steampowered.com/app/469920/hackmud/
- https://tomorrowcorporation.com/humanresourcemachine is a coding game that simulates coding in Assembly
- http://notpron.org/notpron/ Series of web page puzzles
List: https://blog.infosec.business/hands-on-learning-resources-cybersecurity/
-
https://blog.webernetz.net/wireshark-layer-2-3-pcap-analysis-w-challenges-ccnp-switch/
-
https://www.malware-traffic-analysis.net/2019/12/03/index.html
-
FROM DFIR (https://www.dfir.training/resources/downloads/ctf-forensic-test-images)
- http://ae27ff.meme.tips/about.php
- https://www.ashemery.com/dfir.html
- https://www.binary-zone.com/2015/09/16/digital-forensic-challenge-4/ (instructions unclear but site seems up)
- https://attackdefense.com/
- https://github.com/ctfs/write-ups-2017/tree/master/bsidessf-ctf-2017/forensics/ximage-300
- https://github.com/cyphernix/challenges
- https://betweentwodfirns.blogspot.com/2016/06/forensic-ctf-bobs-chili-burgers-website.html
- https://azeria-labs.com/part-3-stack-overflow-challenges/
- https://0xrick.github.io/binary-exploitation/bof5/
- https://www.xoru.net/bas-groothedde/article/picoctf-2018-writeup-shellcode-extended.html
- https://github.com/VulnHub/ctf-writeups/blob/master/2015/ringzer0/shellcoding.md
- https://medium.com/syscall59/solving-malwaretech-shellcode-challenges-with-some-radare2-magic-b91c85babe4b
- https://samsclass.info/127/proj/p3-lbuf1.htm
- http://security.cs.pub.ro/hexcellents/wiki/kb/exploiting/shellcode-walkthrough
- http://www.pythonchallenge.com/
- https://projecteuler.net/
- https://www.reddit.com/r/dailyprogrammer/
- https://alexnisnevich.github.io/untrusted/ (Javascript)
- https://www2.owasp.org/www-project-juice-shop/
- WebGoat
- NetGoat
- https://github.com/stripe-ctf/stripe-ctf-2.0 <-- Source Code for a Series of web challenges used in a CTF in 2012
- http://google-gruyere.appspot.com/
- https://github.com/webpwnized/mutillidae mutillidae is an open source PHP Application made deliberately vulnerable.
- https://portswigger.net/web-security
- https://community.securityinnovation.com/access-the-cyber-range/ has a three day three trial for one of their cyber -ranges which is a social media site with lots of vulnerabilities. It scores you as you uncover each vulnerability.
- https://crackmes.one/
- https://wiki.bytecode.club/CrackMes
- https://challenges.re/
- http://www.flare-on.com/ (fire-eye)
- reversing.kr (registration required)
- Copied from https://reverseengineering.stackexchange.com/questions/15774/crack-me-material and validated to make sure links were still alive
-
https://github.com/fdivrp/awesome-reversing/ (this is a very complete list of resources)
-
https://github.com/michalmalik/linux-re-101 (this is a list of articles and tutorials)
-
https://tuts4you.com/download.php -- duplicate
-
http://jackson.thuraisamy.me/re-resources.html blog. Not actual challenges
-
https://github.com/RPISEC/MBE Course materials including reversing challenges
-
https://github.com/Maijin/Workshop2015/tree/master/IOLI-crackme (10 crackmes for windows, linux, PocketPC)
-
https://hackcenter.com/sign-in (hmmmm. not sure if this one is being updated?)
-
https://www.root-me.org/en/Challenges/Cracking/ is alive but need to register and login
-
https://www.wechall.net/active_sites (clearinghouse for listing challenge sites)
-
http://www.wechall.net/challs/ (clearinghouse)
-
https://challenges.re/ yes it is alive
-
https://github.com/s7ephen/CSAW_2009 Source code to the Reverse Engineering Challenges for the CSAW 2009 competition
-
https://github.com/isislab/Hack-Night/ large course that includes RE slides and challenges
-
http://pwnable.kr/ wargames starting with "Toddler's Bottle". registration required.
-
https://w3challs.com/ Registration Required. Cracking challenges plus other categories.
-
http://io.netgarage.org/ wargames basic, Special, Reversing, misc
-
http://www.reteam.org/challenges.html mostly D34D no challenges found
-
https://github.com/rshipp/awesome-malware-analysis Massive List of Malware analysis and security resources
-
http://crackmes.cf (mirror of crackmes.de and so mostly duplicates of crackmes.one)
-
https://0x00sec.org/t/challenge-collection-reverse-engineering-and-crackme/3027 Nice Collection
-
https://github.com/holbertonschool/dont_hate_the_hacker_hate_the_code (set of three crackmes that have a writeup
- https://cryptopals.com/
- http://overthewire.org/wargames/krypton/
- https://www.root-me.org/en/Challenges/Cryptanalysis/
- https://www.mysterytwisterc3.org/en/
- https://cryptohack.org/ <-- Very applicable to CTF Crypto Challenges.
- https://www.wired.com/2014/08/defcon-2014-badges-revealed/ Article about LostBoy, designer of DefCon's hackable badges
- enigmagroup.org (untested) Site is up. unclear if it is free or paid)
Pentest Academy
https://ctf365.com/ (limited access for one free user. unlimited access = $46.00 per month for one user)
https://www.hacking-lab.com/ 49 EUR for one year.
https://www.hackthebox.eu/individuals premium = 10 pounds per month
https://www.tryhackme.com = $10.00 per month