Link to this headingHacking Practice

https://imaginaryctf.org/

Introduction to topics:

• Intro to Security

Link to this headingBeginners Practice

• Development CTFs
• Beginners Quest from Google CTF
• A cybersecurity competition for high schoolers.
• Try Hackme Challenges

Link to this headingGeneral Security Knowledge

• HackTheBox Contains Web, Reversing, Mobile, OSINT, Hardware, Coding, Crypto, etc.
• Pwn College TODO
• RingZer0 Team Online CTF

Link to this headingCTFs

• Daily CTF Challenge Skip Wordle and do a real challenge
• 247ctf Crypto, Networking, Pwnable, reversible and web challenges
• https://github.com/ctfs
• List of CTFs
• Old repo of CTFs
• COBOL CTF

Link to this headingModern

• Plaid CTF
• Order of the Overflow
• Realworld CTF
• CSAW

Link to this headingBinary Exploitation

• Pwnable.tw
• OverTheWire Classic Wargames
• SmashTheStack
• The Exploit Series from VulnHub
• Pwnable.xyz

Link to this headingReverse Engineering/CrackMe Practice

• NetGarage.io
• ReverseMe CTF List List of CTF Reversing Challenges

Link to this headingARM

• Very vulnerable ARM application 14 level arm exploitation challenge

Link to this headingEmbedded

• MicroCorruption: Embedded Binary exploitation
• Riscure Hack Me embedded hardware CTF 2017-2018
• RHme+ 2016 challenge
• RHme+ 2015 challenge
• Deliberately insecure firmware based on OpenWrt

Link to this headingVulnerable VMs

• Pentesterlab
• Many CTF VMs

Link to this headingMetasploitable

• Metasploitable3 Linux and Windows
• Metasploit Vulnerability Emulator

Link to this headingAI

Link to this headingMPC

https://github.com/harishsg993010/damn-vulnerable-MCP-server

Link to this headingWeb Exploitation

• Web Security Academy
• HackerOne
• WebSec CTF
• Web Hacking Korean
• OWASP NodeGoat
• bWAPP

Link to this headingOATH

OAuth 2.0 Lab

Link to this headingExtensions

• https://github.com/infosecak/dvbe

Link to this headingAPI

• Insecure API

Link to this headingJava

• Java Deserialization

Link to this headingXSS

• XSS Game

Link to this headingJWT

• http://demo.sjoerdlangkemper.nl/jwtdemo/rs256.php
• http://demo.sjoerdlangkemper.nl/jwtdemo/hs256.php

Link to this headingCloud

• A deliberately vulnerable CI/CD environment.

Link to this headingAWS

• AWS (Amazon Web Services) security concepts 2
• AWS (Amazon Web Services) security concepts 1
• https://github.com/nccgroup/sadcloud

Link to this headingGoogle cloud

Link to this headingAzure

• https://github.com/Semperis/EntraGoat Vulnerable Microsoft Entra ID

Link to this headingOperating System Exploitation

• Root Me
• CTF 365

Link to this headingActive Directory

• GOAD is a pentest active directory LAB project

Link to this headingWindows

• The HackSys Extreme Vulnerable Driver (HEVD) is a Windows Kernel driver that is intentionally vulnerable. It has been developed for security researchers and enthusiasts to improve their skills in kernel-level exploitation.

Link to this headingCryptography Practice

• Beginner to Actual Challenges
• The Matasano Crypto Challenges
• MysteryTwister C3

Link to this headingCrypto-Currency CTFs

• Damn Vulnerable DeFi is the wargame to learn offensive security of DeFi smart contracts in Ethereum.

Link to this headingEthereum Challenges

• Web3/Solidity based wargame

Link to this headingMobile

• DIVA Android - Damn Insecure and vulnerable App for Android
• Damn Vulnerable iOS App (DVIA)
• https://github.com/OWASP/MSTG-Hacking-Playground

Link to this headingAndroid

Tools:

• https://github.com/MobSF/Mobile-Security-Framework-MobSF
• https://github.com/xtiankisutsa/MARA_Framework
• https://github.com/linkedin/qark/
• https://github.com/abhi-r3v0/Adhrit
• https://github.com/chaitin/passionfruit
• https://github.com/ac-pm/Inspeckage
• https://github.com/nightwatchcybersecurity/truegaze

Training:

• https://github.com/oversecured/ovaa

Info:

• https://github.com/vaib25vicky/awesome-mobile-security
• https://bitbucket.org/secure-it-i/android-app-vulnerability-benchmarks/src/master/

Link to this headingWireless

RFHS RF CTF

Link to this headingBluetooth

• A Bluetooth low energy capture the flag
• Advanced: Bluetooth low energy capture the flag

Link to this headingWIFI