Practice

OSCP Like VMs:

Practice Arena:

Others https://backdoor.sdslabs.co/ http://smashthestack.org/wargames.html http://hackthecause.info/ http://bright-shadows.net/ http://www.mod-x.co.uk/main.php http://scanme.nmap.org/ http://www.hackertest.net/ http://net-force.nl/ http://securityoverride.org/ It teaches good concepts, but some things are not realistic (like stored strings identical to the input) http://www.wechall.net/sites.php (great list of challenges) http://ctf.forgottensec.com/wiki/ (Good Wiki about CTFs) http://repo.shell-storm.org/CTF/ (Great archive of CTFs) Specific CTFs related to web applications http://demo.testfire.net/ http://wocares.com/xsstester.php http://crackme.cenzic.com/ http://test.acunetix.com/ http://zero.webappsecurity.com/ Forensic Specific Challenges http://computer-forensics.sans.org/community/challenges http://computer-forensics.sans.org/community/challenges http://forensicscontest.com/ Recruiting https://www.praetorian.com/challenges/pwnable/ http://rtncyberjobs.com/ http://0x41414141.com/ Paid Training http://heorot.net/ Offline challenges for download http://www.badstore.net/ http://www.owasp.org/index.php/Category:OWASP_WebGoat_Project http://www.owasp.org/index.php/Owasp_SiteGenerator Damn Vulnerable Web App Stanford SecureBench Micro http://www.irongeek.com/i.php?page=security/mutillidae-deliberately-vulnerable-php-owasp-top-10 Vulnerable Virtual Machines https://pentesterlab.com/exercises/ http://sourceforge.net/projects/metasploitable/files/Metasploitable2/ Damn Vulnerable Linux (Mirror)