machine
OWASP Juice Shop Is a modern vulnerable web application written in Node.js, Express, and Angular which showcases the entire OWASP Top Ten along with many other real-world application security flaws.
Metasploitable 2 Is a purposefully vulnerable Ubuntu Linux VM that can be used to practice enumeration, automated, and manual exploitation.
Metasploitable 3 Is a template for building a vulnerable Windows VM configured with a wide range of vulnerabilities.
DVWA This is a vulnerable PHP/MySQL web application showcasing many common web application vulnerabilities with varying degrees of difficulty.
VAPI vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios in the means of Exercises.
https://overthewire.org/wargames/ The wargames offered by the OverTheWire community can help you to learn and practice security concepts in the form of fun-filled games. Linux
https://underthewire.tech/wargames The wargames offered by the OverTheWire community can help you to learn and practice security concepts in the form of fun-filled games. Windows

Pro Lab has a specific scenario and level of difficulty:

Lab Scenario
Dante Beginner-friendly to learn common pentesting techniques and methodologies, common pentesting tools, and common vulnerabilities.
Offshore Active Directory lab that simulates a real-world corporate network.
Cybernetics Simulates a fully-upgraded and up-to-date Active Directory network environment, which is hardened against attacks. It is aimed at experienced penetration testers and Red Teamers.
RastaLabs Red Team simulation environment, featuring a combination of attacking misconfigurations and simulated users.
APTLabs This lab simulates a targeted attack by an external threat agent against an MSP (Managed Service Provider) and is the most advanced Pro Lab offered at this time.
Last update: 2024-06-06
Created: June 6, 2024 18:58:11