List of Online and Live vulnerable web applications available for practicing [Penetration and Security Testing] -
- Acunetix:
- http://testasp.vulnweb.com (Forum - ASP)
- http://testaspnet.vulnweb.com (Blog - .NET)
- http://testphp.vulnweb.com (Art Shopping - PHP)
- Cenzic CrackMeBank: http://crackme.cenzic.com
- Google Gruyere (Python): http://google-gruyere.appspot.com/start
- Hacking-Lab (eg. OWASP Top 10): https://www.hacking-lab.com/events/registerform.html?eventid=245
- Hack.me (beta): https://hack.me
- HackThisSite (HTS - Basic & Realistic Web Security Testing Missions): http://www.hackthissite.org
- Hackxor online demo: http://hackxor.sourceforge.net/cgi-bin/index.pl#demo (algo/smurf)
- HP/SpiDynamics Free Bank Application Online: http://zero.webappsecurity.com (admin/admin)
- IBM/Watchfire AltoroMutual: http://demo.testfire.net (jsmith/Demo1234)
- NTOSpider Web Scanner Test Site: http://www.webscantest.com (testuser/testpass)
- OWASP Hackademic Challenges Project - Live (PHP - Joomla): http://hackademic1.teilar.gr
If you required any more information and help about any application please mail @ This email address is being protected from spambots. You need JavaScript enabled to view it.
CORE Impact Professional is the most comprehensive software solution for assessing and testing security vulnerabilities throughout your organization.
IBM Rational AppScan Enterprise is a scalable solution to help resolve application security vulnerabilities, offering recommendations to simplify remediation.
HP WebInspect gives security professionals and security novices alike the power and knowledge to quickly identify and validate critical, high-risk security vulnerabilities.
Acunetix Web Vulnerability Scanner (WVS) is an automated web application security testing tool that audits web applications by checking for hacking vulnerabilities.