Hello again dear reader. In this post, my objective is to provide a collection of links (not exhaustive of course) that will provide you with different public open source resources to practice your hacking skills, most likely from the comfort of your home lab. Without further ado, here is the list:
- AWSGoat – A Damn Vulnerable AWS Infrastructure
- AzureGoat – A Damn Vulnerable Azure Infrastructure
- GCP Goat – like above, for GCP
- Damn Vulnerable DeFi
- The original Damn Vulnerable Web Application
- Damn Vulnerable Node.js API/Application
- Damn Vulnerable Hybrid Mobile App
- CI/CD Goat – a vulnerable CI/CD pipeline
- Damn Vulnerable GraphQL Application
- Damn Vulnerable Web Services
- VAmPI – A vulnerable Python API
- Damn Vulnerable Serverless Application
- Damn Vulnerable Thick Client Application
- Damn Vulnerable Java Application
- Damn Vulnerable IoT Device
- Damn Vulnerable Python Web Application
- Damn Vulnerable WordPress Site
- Damn Vulnerable NodeJS Web Application
- Damn Vulnerable Rails App
- Damn Vulnerable Grade Management App (RoR)
- Damn Vulnerable Functions-as-a-Service
- Damn Vulnerable iOS App
- Damn Vulnerable iOS App 2
- Damn Vulnerable Router Firmware
- Damn Vulnerable Cloud (AWS) Application
- Damn Vulnerable C# API
- Tiredful API
- Damn Vulnerable Application Scanner
Phew, that was a lot of “Damn”s. Hope you enjoy the links provided and that they will be helpful in your hacking journey (please, let’s not get hang up on the semantics of the word “hacker”). ‘Till next time!
Athanasios Kostopoulos 