SecGen creates vulnerable virtual machines, lab environments, and hacking challenges using Vagrant, Puppet, and Ruby to facilitate learning security penetration testing techniques. It offers randomly vulnerable VMs for educational purposes or hosting CTF events. The latest version can be found at: http://github.com/cliffe/SecGen/. For a hosted solution, visit: https://hacktivity.leedsbeckett.ac.uk/. Computer security students and enthusiasts benefit from engaging in hacking challenges, making practical lab work and pre-configured hacking challenges essential in security education and as a pastime. Competitive hacking challenges like capture the flag (CTF) competitions are popular at industry conferences and online communities. VMs are effective for sharing hacking targets and testing attacker skills, with platforms like Vulnhub hosting pre-configured challenges.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A comprehensive server cryptographic protocol analyzer with API and CLI interface.
Mellivora Mellivora is a PHP-based CTF engine with a wide range of features for managing Capture The Flag competitions.
A library for validating and accessing environment variables in Node.js programs
A tool for SSH server auditing with comprehensive analysis capabilities.
Node package for preparing CTF events with OWASP Juice Shop challenges for popular CTF frameworks.
A lightweight CTF platform inspired by motherfuckingwebsite.com with a focus on challenge difficulty.
A collection of writeups of CTF challenges I solved, including explanations of the challenges and how I solved them.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.