Here you can find a list of exercises regarding all aspects of Cyber Security.

  • cyber-gym is an array of vulnerable Web pages to test security tools or manual assessment.It has mainly developed by avalz. Just follow the instructions to setup the entire environment.
  • Amazena, a small, (deliberately) vulnerable e-commerce site that showcases the pitfalls of client-side input validation. It also shows how a bad PayPal implementation on your side could lead to unexpected results (Amazena uses, not the actual website; you won’t be charged for “purchases” on Amazena).
  • OverTheWire contains *nix commands / exploitation / web exercises.
    Nothing has to be installed: problems need to be solved on a remote server using ssh.
    No registration needed.
  • W3Challs is a penetration testing training platform, which offers various computer challenges, in categories related to security: Hacking, Cracking, Wargame, Forensic, Cryptography, Steganography and Programming.
    You have to be registered to access challenges.
  • CTFTime is a collector of CTFs that are running all around the globe. You can browse old CTFs and practice with already solved tasks.
    There are writeups for most of the task.
    You need to be registered to submit writeups for a given task.
  • SEED Labs hosts over 30 labs that cover a wide range of topics in computer and information security, including software security, network security, web security, operating system security and mobile app security. No registration needed.
  • Exploit Exercises contains a set of virtual machine set up for exploitation. No registration needed.
  • hacker101 Hacker101 is structured as a set of video lessons.