For newbies who don’t know where to start, we present a selection of sites where you can acquire and improve your hacking skills.
Approx. transl. The sites below are available in English only.
1.picoCTF
picoCTF is a cybersecurity research platform. On it, future ethical hackers can learn and compete in hacking skills.
2.OVERTHEWIRE
OverTheWire is suitable for everyone who wants to study the theory of information security and apply it in practice, regardless of their experience. Beginners should start with the Bandit level challenges as they are needed to further other challenges.
3.HACKING-LAB
Hacking-Labs provide CTF challenges for the European Cyber Security Challenge, but they also host regular competitions on their platform that anyone can participate in. Just register, set up a vpn and choose a task to your liking.
4.PWNABLE.KR
This site focuses on pwn-like CTF tasks, the essence of which is to find, read and send the flag files that are in each task. To access the contents of the files, you must use programming, reverse engineering, or vulnerability exploitation skills before you can submit a solution.
Problems are divided into 4 levels of difficulty: easy – for beginners, intermediate, difficult and hardcore, where tasks require non-standard approaches to solve.
5.IO
IO is a wargame from the creators of netgarage.org, a community where like-minded people share knowledge about security, artificial intelligence, VR and more. 3 versions of wargame were created: IO, IO64 and IOarm, of all IO is the most mature. Connect to IO via SSH and you can get to work.
6.SMASHTHESTACK
SmashTheStack consists of 7 different wargames: Amateria, Apfel (currently offline), Blackbox, Blowfish, CTF (currently offline), Logic, and Tux. Each wargame contains many tasks, ranging from standard vulnerabilities to reverse engineering tasks.
7.MICROCORRUPTION
Microcorruption is a CTF in which you have to reverse engineer Lockitall’s fictional electronic locking devices. Lockitall devices protect bonds held in warehouses owned by the fictional company Cy Yombinator. On the road to stealing bonds, you will learn assembly language, learn how to use the debugger, step through code, set breakpoints, and examine memory.
8.REVERSING.KR
Here you can find 26 challenges to test your hacking and reverse engineering skills . The site has not been updated since late 2014, but the tasks in hand are still valuable learning resources.
9.HACK THIS SITE
Hack This Site is a free wargame site to test and improve your hacking skills. We have a lot of hacking tasks in it in several categories, including basic tasks, realistic tasks, applications, programming, phreaking , JavaScript, forensics , steganography , etc. The site also boasts an active community with a large directory of hacker articles and a forum for discussing security-related issues. It was recently announced that the site’s codebase will be overhauled, so big improvements can be expected in the coming months.
10.W3CHALLS
W3Challs is a multi – tasking learning platform in a variety of categories, including hacking, wargaming, forensics, cryptography, steganography, and programming. The goal of the platform is to provide realistic challenges. Depending on the complexity of the problem solved, you get points. There is also a forum where you can discuss and solve problems with other members.
11.Hacker101 CTF
Hacker101 CTF is a Capture The Flag game, a classic challenge for hackers to gain access to a system and then find a flag (which is usually a string). There are several levels on the site, and there are hints for those who are stuck.
12.EXPLOIT EXERCISES
Exploit Exercises offers a variety of virtual machines, documentation, and tasks that will come in handy in learning privilege escalation, vulnerability analysis, exploit development, debugging, reverse engineering, and more.
13.RINGZER0 TEAM ONLINE CTF
RingZer0 Team Online CTF offers over 200 challenges that will test your hacking skills in multiple areas – from cryptography, malware analysis to SQL injection , shellcoding and more. After you have found a solution to the problem, you can send it to RingZer0 Team. If your decision is made, you will receive RingZer0Gold, which can be exchanged for hints while solving problems.
14.HELLBOUND HACKERS
On Hellbound Hackers you can find traditional tasks with exploits and such task formats that are not available on other resources. For example, application patching and time-limited tasks. In patching tasks, you are given a vulnerable piece of code and you need to propose a fix for this vulnerability.
15.HACKINGLOOPS
HACKINGLOOPS is a site where you can find many tutorials on various types of hacking, from mobile phones to websites. Also on the site there is an opportunity to pass tests to prepare for Security + certifications.
16.HACK.ME
Hack.me is a large collection of vulnerable web applications for putting your hacking skills into practice. All applications are provided by the community and each can be run on the fly in a secure, sandboxed sandbox.
17.HACKTHIS!!
HackThis !! consists of 50+ tasks of different levels, for solving each of which you get a certain number of points depending on the difficulty level. Similar to Hack This Site, HackThis !! There is also a lively community, numerous articles and news about hacking, and a forum where you can discuss security-related tasks and issues.
18.ENIGMA GROUP
Enigma Group contains over 300 tasks with a focus on the top 10 OWASP exploits. The site has nearly 48,000 active members and hosts weekly CTF contests as well as weekly and monthly contests.
19.GOOGLE GRUYERE
Google Gruyere shows you how to exploit vulnerabilities in web applications and how to protect against them. You can do real penetration testing and actually hack a real application using attacks like XSS and XSRF .
20.GAME OF HACKS
Game of Hacks shows you a set of code snippets in a quiz with multiple choices, and you must identify the correct vulnerability in the code. This site stands out a bit from this list, but nevertheless it’s a good game to spot vulnerabilities in your code.
21.ROOT ME
Root Me is a hacking site that offers over 200 challenges and over 50 virtual environments allowing you to practice your hacking skills in a variety of scenarios. This is definitely one of the best sites on this list.
22.CTFTIME
While CTFtime is not a hacking site like the others on this list, it is a great resource to stay up to date with CTF competitions happening around the world. Therefore, if you are interested in joining a CTF team or participating in a competition, you should take a look here.
23.PENTESTERLAB
PentesterLab is an easy and convenient way to learn pentesting . The site provides vulnerable systems that can be used to test and study vulnerabilities. In practice, you can work with real vulnerabilities both online and offline. However, online access is only open to those who have a PentesterLab Pro subscription, which costs $ 19.99 per month or $ 199.99 per year.
