PHP
| 名称 | 备注 | 链接 |
|---|---|---|
| bWAPP | 综合 | https://sourceforge.net/projects/bwapp/files/bWAPP/ |
| DVWA | 综合 | https://dvwa.co.uk/ |
| mutillidae | owasp top10漏洞 | https://github.com/webpwnized/mutillidae |
| pikachu | 综合 | https://github.com/zhuifengshaonianhanlu/pikachu |
| PHP_Code_Challenge | 代码审计 | https://github.com/yaofeifly/PHP_Code_Challenge |
| php-unserialize-lib | 反序列化靶场 | https://github.com/N0puple/php-unserialize-lib |
| sqli-labs | SQL漏洞 | https://github.com/Audi-1/sqli-labs |
| upload-labs魔改 | 文件上传 | https://github.com/admin360bug/upload-labs |
| upload-labs | 文件上传 | https://github.com/c0ny1/upload-labs |
| xss-labs | XSS漏洞 | https://github.com/do0dl3/xss-labs |
| xxe-lab | XXE漏洞 | https://github.com/c0ny1/xxe-lab |
| ZVulDrill | 综合 | https://github.com/710leo/ZVulDrill |
JAVA
| 名称 | 备注 | 链接 |
|---|---|---|
| SecExample | https://github.com/tangxiaofeng7/SecExample | |
| WebBug | https://github.com/mysticbinary/WebBug | |
| WebGoat | https://github.com/WebGoat/WebGoat |
Ruby
| 名称 | 备注 | 链接 |
|---|---|---|
| SecGen | 生成虚拟靶机 | https://github.com/SecGen/SecGen |
Docker
推荐在ubuntu系统中一键安装
1 | yum install docker-ce |
| 名称 | 备注 | 链接 |
|---|---|---|
| log4j_vuln | Apache Log4j漏洞 | https://github.com/fengxuangit/log4j_vuln |
| vulhub | 综合,基于docker | https://vulhub.org/ https://github.com/vulhub/vulhub |
| Vulfocus | 综合,基于docker | https://github.com/fofapro/vulfocus http://vulfocus.io/ https://hub.docker.com/u/vulfocus |
内网
| 名称 | 备注 | 链接 |
|---|---|---|
| vulnstack | 红日安全红队靶场 | http://vulnstack.qiyuanxuetang.net/vuln/ |
| GOAD | https://github.com/Orange-Cyberdefense/GOAD | |
工控
| 名称 | 备注 | 链接 |
|---|---|---|
| 工联众测 | https://www.caiisec.org.cn/#/ | |