Training

AzureGoat is a deliberately vulnerable Azure cloud infrastructure that incorporates OWASP Top 10 vulnerabilities and Azure service misconfigurations for security training and penetration testing practice.

Free and open-source cybersecurity training classes with multi-class learning paths for high-skill, high-pay job skills.

Hack Night is a thirteen-week educational program by NYU Tandon's OSIRIS Lab that provides an accelerated introduction to offensive security concepts, techniques, and practical applications.

Root the Box is a real-time CTF scoring engine that provides a configurable platform for cybersecurity training through gamified wargames and competitions.

A training program that teaches security professionals how to conduct penetration testing and attack simulations against AWS and Azure cloud infrastructure.

Online hacking game with realistic hacking experience and player interaction.

ENISA Training Resources offers online training material for cybersecurity specialists, covering technical and artefact analysis fundamentals.

Live and on-demand cybersecurity training programs for all levels.

A deliberately vulnerable GraphQL application designed for security testing and educational purposes, containing multiple intentional flaws for learning GraphQL attack and defense techniques.

FARA is a repository of purposefully erroneous Yara rules for training security analysts.

Leading provider of free cybersecurity training resources

A hands-on cybersecurity laboratory environment for Gray Hat Hacking Chapter 29 that creates virtualized Docker and Kali Linux machines using Terraform for practical security training exercises.

A non-profit organization focused on improving the security of software through resources and training.

An educational codelab that demonstrates web application vulnerabilities including XSS, XSRF, and code execution attacks along with their corresponding defensive measures.

An educational workshop providing hands-on training materials, lab environments, and tools for learning local privilege escalation techniques on Windows and Linux systems.

DVXTE is a Docker-based training platform containing multiple vulnerable applications designed for cybersecurity education and skill development.

SANS Institute provides cyber security training, certifications, and degrees to empower cyber security practitioners and teams.

OWASP Hackademic Challenges is an educational web platform offering 10 realistic vulnerability scenarios for learning information security concepts through hands-on exploitation in a controlled environment.

MemLabs provides CTF-styled memory forensics challenges designed to teach students and security researchers how to analyze memory dumps using tools like Volatility.

A community-maintained glossary that defines and explains cybersecurity acronyms and terminology to help users understand security concepts beyond buzzwords.

InsecureBankv2 is an intentionally vulnerable Android application with a Python back-end server designed for educational purposes in mobile security testing and Android vulnerability research.

Cybrary is an online learning platform that provides accessible and affordable training in cybersecurity skills.

DVHMA is an intentionally vulnerable Android hybrid mobile app built with Apache Cordova for security testing and educational purposes.