Penetration Testing Practice Lab - Vulnerable Apps/Systems
The Penetration Testing Practice Lab provides a collection of URLs for vulnerable web applications, operating system installations, old software, and war games sites for practicing cybersecurity skills.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
Parrot Security OS is a comprehensive, secure, and customizable operating system for cybersecurity professionals, offering over 600+ tools and utilities for red and blue team operations.
PyBOF is a Python library that enables in-memory loading and execution of Beacon Object Files (BOFs) with support for argument passing and function targeting.
BeEF is a specialized penetration testing tool for exploiting web browser vulnerabilities to assess security.
A digital archive of the internet, allowing users to capture and browse archived web pages.
SharpShares efficiently enumerates and maps network shares and resolves names within a domain.
Advanced command and control tool for red teaming and adversary simulation with extensive features and evasion capabilities.
Tool for enumerating proxy configurations and generating CobaltStrike-compatible shellcode.
Explore the top million websites, ranked by referring subnets, and gain insights into online influence and popularity.
PINNED
Proton Pass is a cross-platform password manager that provides encrypted storage, password generation, and security monitoring features with integrated 2FA and dark web monitoring capabilities.
NordVPN is a commercial VPN service that encrypts internet connections and hides IP addresses through a global network of servers, featuring integrated threat protection and multi-device support.
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.