- A repository for learning various heap exploitation techniques.
- Course materials for Modern Binary Exploitation by RPISEC.
Reverse Engineering Malware 101
- A fantastic 101 on malware by the one and only Malware Unicorn.
- A really ingenious and easy way to deploy multiple VM's and quickly spin up/down different testing labs.
Penetration Testing Practice Lab - VULNERABLE APPS / SYSTEMS
- A holy cow source for tons of vuln vms and a fantastic network map for those that want to deploy it all.
- Dynamically create vulnerable virtual machines with random security issues.
Damn Insecure and Vulnerable App: DIVA Android
- Vulnerable Android web app and training material.
- A deliberately vulnerable web application written in under 100 lines of code, created for educational purposes. It supports majority of (most popular) web application vulnerabilities together with appropriate attacks.
- A collection of vulnerable Arm binaries.
- Site that walks one through different web testing techniques.
Metasploit Vulnerability Emulator
Buscador Investigative Operating System
- Linux VM pre-configured for online investigators. Developed by David Westcott and Michael Bazzel.
- An article and powershell script describing how to set up a windows based Malware analysis VM.
- A Docker container with tools for binary reverse engineering and exploitation. It's primarily geared towards Capture The Flag competitions.
- Ready-to-play Qemu images for under-rated architectures (ARM, MIPS, PowerPC, SPARC, AARCH64) to play with, with all the tools builtin to understand memory corruption on non x86 environments.
- Security Operations and Forensics Elasticsearch, Logstash, Kibana.
Set up your own malware analysis lab with VirtualBox, INetSim and Burp
- A huge resource of CTF's that have taken place in the past. Organized nicely and easy to play.
- IE8 through MS Edge.