Training

A wargame composed of 27 levels, with files needed in /vortex/ directory.

NightShade is a Django-based capture the flag framework that enables organizations to create and manage cybersecurity competitions with support for multiple contest formats and multi-tenant architecture.

Infosec Resources provides extensive cybersecurity training and certifications to boost cybersecurity skills and careers.

A comprehensive collection of free online laboratories and platforms for practicing penetration testing, CTF challenges, and cybersecurity skills development.

A collection of hands-on workshops and educational content focused on AWS security services, techniques, and best practices through practical scenarios.

DetectionLab is a pre-configured Windows domain environment with security tooling and logging designed for cybersecurity training and detection capability development.

A deliberately vulnerable Java web application designed for educational purposes to teach web application security concepts and common vulnerabilities.

Haaukins is an automated virtualization platform that provides hands-on cybersecurity education through capture the flag exercises in controlled vulnerable environments.

GRFICS is a Unity 3D-based framework that provides a virtual industrial control system environment for practicing ICS security attacks and defenses with visual feedback.

OWASP WrongSecrets is an educational game that teaches proper secrets management by demonstrating common mistakes through interactive challenges across various deployment platforms.

HTB Academy offers guided cybersecurity training with industry certifications to help you become a market-ready professional.

Mellivora Mellivora is a PHP-based CTF engine that provides comprehensive competition hosting capabilities with challenge management, team scoring, and administrative tools for cybersecurity competitions.

XVWA is an intentionally vulnerable PHP/MySQL web application designed for security education, containing multiple common web vulnerabilities for hands-on learning and practice.

SecGen is an open-source framework that automatically generates vulnerable virtual machines and hacking challenges for cybersecurity education and penetration testing training.

An educational project that teaches data analysis techniques for cybersecurity applications using Python tools like IPython, Pandas, and Scikit Learn through practical exercises and realistic scenarios.

SANS Blog provides extensive cybersecurity training and certifications tailored to a wide range of IT security areas and skill levels.

An open-source introductory book about cryptography that provides educational content on fundamental cryptographic concepts and principles.

A deliberately vulnerable ARM/ARM64 application with 14 different vulnerability levels designed for CTF-style exploitation training and education.

A distributed systems simulator that creates intentionally vulnerable Kubernetes clusters in AWS for security training and attack scenario practice.

FBCTF is a platform for hosting Jeopardy and King of the Hill style Capture the Flag competitions with support for various scales and participation models.

Educational repository containing RPISEC's course materials for teaching modern binary exploitation, vulnerability research, and reverse engineering at Rensselaer Polytechnic Institute.

AHHHZURE is an automated deployment script that creates vulnerable Azure cloud lab environments for offensive security training and cloud penetration testing practice.

CloudGoat is a vulnerable-by-design AWS deployment tool that creates intentionally insecure cloud environments for hands-on cybersecurity training through capture-the-flag scenarios.

INE Security offers a range of cybersecurity certifications, including penetration testing, mobile and web application security, and incident response.