Lista de «Malditas aplicaciones vulnerables» para jugar con el Pentesting.

Esta lista es una compilación de los diversos tipos de aplicaciones que intencionalmente inseguras y conocidas popularmente como «Malditas Aplicaciones Vulnerables». Estas aplicaciones están hechas para ayudar a los estudiantes de seguridad a aprender y mejorar sus habilidades en el campo de la seguridad de la información y el pentesting web, mobile, etc.

Los proyectos y el crédito completo es de los creadores de estos increíbles proyectos.

Web Applications

• PHP: https://github.com/ethicalhack3r/DVWA
• PHP – OWASP Mutillidae II – https://www.owasp.org/index.php/OWASP_Mutillidae_2_Project
• PHP – bWAP: http://www.itsecgames.com/ 
• Word Press : https://github.com/vianasw/dvwps
• Node JS : https://github.com/appsecco/dvna
• NodeJS – OWASP NodeJS Goat Project: https://www.owasp.org/index.php/OWASP_Node_js_Goat_Project
• XVNA (eXtreme Vulnerable NodeJS Application): https://github.com/vegabird/xvna
• Web Sockets : https://hub.docker.com/r/tssoffsec/dvws/
• Python : https://github.com/anxolerd/dvpwa

Web Service Applications

• Web Service : https://github.com/snoopysecurity/dvws
• API : https://github.com/payatu/Tiredful-API/

Source Code

• Source Code : https://github.com/h4x0r101/Damn-Vulnerable-Source-Code

Thick Client

• Thick Client Application : https://github.com/secvulture/dvta
• Java EE : https://github.com/appsecco/dvja

Mobile Application

• iOS Swift : https://github.com/prateek147/DVIA-v2
• iOS: https://github.com/prateek147/DVIA
• Android : https://github.com/payatu/diva-android
• Hybrid Mobile Application : https://github.com/logicalhacking/DVHMA

Crypto & Block Chain

• Crypto Wallet : https://gitlab.com/badbounty/dvcw
• Wallet : https://github.com/genecyber/Damn-Vulnerable-Wallet-App
• Block Chain : https://github.com/subashsn/dvba

OS Related

• Linux : https://www.vulnhub.com/series/damn-vulnerable-linux-dvl,1/
• Windows : https://sourceforge.net/projects/dawn-vulnerability-windows/
• Device Driver : https://github.com/pwk4m1/Damn_Vulnerable_Device_Driver

Cloud Infrastructure

• Cloud Application : https://github.com/m6a-UdS/dvca
• Cloud App (AWS) : https://github.com/RhinoSecurityLabs/cloudgoat
• Function-as-a-service (AWS Lambda) : https://github.com/we45/DVFaaS-Damn-Vulnerable-Functions-as-a-Service
• Serverless Application : https://github.com/OWASP/DVSA

IoT and Hardware

• IoT : https://github.com/Vulcainreo/DVID
• Router : https://github.com/praetorian-code/DVRF
• Safe : https://insinuator.net/2016/01/damn-vulnerable-safe/
• SCADA : https://www.slideshare.net/phdays/damn-vulnerable-chemical-process
• PI : https://whitedome.com.au/re4son/sticky-fingers-dv-pi/
• SS7 Network: https://www.blackhat.com/asia-17/arsenal.html#damn-vulnerable-ss7-network
• VoIP : https://www.vulnhub.com/entry/hacklab-vulnvoip,40/

Fuente: H4x0r101

Compartir