Training

GRFICS is a Unity 3D-based framework that provides a virtual industrial control system environment for practicing ICS security attacks and defenses with visual feedback.

OWASP WrongSecrets is an educational game that teaches proper secrets management by demonstrating common mistakes through interactive challenges across various deployment platforms.

HTB Academy offers guided cybersecurity training with industry certifications to help you become a market-ready professional.

Mellivora Mellivora is a PHP-based CTF engine that provides comprehensive competition hosting capabilities with challenge management, team scoring, and administrative tools for cybersecurity competitions.

XVWA is an intentionally vulnerable PHP/MySQL web application designed for security education, containing multiple common web vulnerabilities for hands-on learning and practice.

SecGen is an open-source framework that automatically generates vulnerable virtual machines and hacking challenges for cybersecurity education and penetration testing training.

An educational project that teaches data analysis techniques for cybersecurity applications using Python tools like IPython, Pandas, and Scikit Learn through practical exercises and realistic scenarios.

An open-source introductory book about cryptography that provides educational content on fundamental cryptographic concepts and principles.

A deliberately vulnerable ARM/ARM64 application with 14 different vulnerability levels designed for CTF-style exploitation training and education.

A distributed systems simulator that creates intentionally vulnerable Kubernetes clusters in AWS for security training and attack scenario practice.

FBCTF is a platform for hosting Jeopardy and King of the Hill style Capture the Flag competitions with support for various scales and participation models.

Educational repository containing RPISEC's course materials for teaching modern binary exploitation, vulnerability research, and reverse engineering at Rensselaer Polytechnic Institute.

AHHHZURE is an automated deployment script that creates vulnerable Azure cloud lab environments for offensive security training and cloud penetration testing practice.

CloudGoat is a vulnerable-by-design AWS deployment tool that creates intentionally insecure cloud environments for hands-on cybersecurity training through capture-the-flag scenarios.

INE Security offers a range of cybersecurity certifications, including penetration testing, mobile and web application security, and incident response.

AzureGoat is a deliberately vulnerable Azure cloud infrastructure that incorporates OWASP Top 10 vulnerabilities and Azure service misconfigurations for security training and penetration testing practice.

Free and open-source cybersecurity training classes with multi-class learning paths for high-skill, high-pay job skills.

Hack Night is a thirteen-week educational program by NYU Tandon's OSIRIS Lab that provides an accelerated introduction to offensive security concepts, techniques, and practical applications.

Root the Box is a real-time CTF scoring engine that provides a configurable platform for cybersecurity training through gamified wargames and competitions.

A training program that teaches security professionals how to conduct penetration testing and attack simulations against AWS and Azure cloud infrastructure.

Online hacking game with realistic hacking experience and player interaction.

ENISA Training Resources offers online training material for cybersecurity specialists, covering technical and artefact analysis fundamentals.

Live and on-demand cybersecurity training programs for all levels.

A deliberately vulnerable GraphQL application designed for security testing and educational purposes, containing multiple intentional flaws for learning GraphQL attack and defense techniques.