BeEF
Sqlmap
Acunetix Vulnerability Scanner
Rapid7
Appknox
Netsparker
ngrok
Nessus
Damn Vulnerable Web Application
TryHackMe
Hack The Box
VulnHub
PentesterLab
LetsDefend
Hackbox
PwnTillDawn Online Battlefield
BeEF Damn Vulnerable Web ApplicationDamn Vulnerable Web Application might be a bit more popular than BeEF. We know about 13 links to it since March 2021 and only 13 links to BeEF. We are tracking product recommendations and mentions on various public social media platforms and blogs. They can help you identify which product is more popular and what people think of it.
Ha, fun to see this again! Back before everything was HTTPS, it was fun to use the Browser Exploitation Framework (https://beefproject.com) which had a script included that did this. Though in those cases I wasn't in control of the gateway, so ARP spoofing was required to get other devices to route through me. - Source: Hacker News / about 1 month ago
For example IOS WebKit has a bunch of vulnerabilities announced recently. And one of those could be used via the Browser Exploitation Framework to install malware on your phone with you just clicking the link. Source: 5 months ago
Motivation is a key part, so those attacks are more theoretical than practically dangerous, however there is a class of attacks that's based on the fact that your browser can make arbitrary network connections, so unprivileged javascript can be used for some scans of your local network - for example, your router's internally accessible admin page or some vulnerability in a printer accessible in local network, as... Source: 10 months ago
This is something that kind of annoys me; there's even a /r/rails sub-reddit specifically for Ruby on Rails stuff. Understandably Rails helped put Ruby on the map. Before Rails, Ruby was just another fringe language. Rails became massively popular, helped many startups quickly build their Web 2.0 sites, and become successful companies (ex: GitHub, LinkedIn, AirBnB, etc). Like others have said, "Rails is where the... Source: 12 months ago
If you can open any webpage there then I would recommend using BeEF https://beefproject.com/. Source: about 1 year ago
I would start with something like DVWA: https://dvwa.co.uk/. Source: about 2 years ago
When you've got that, do some web-based challenges. The Damn Vulnerable Web Application is a great start as it has a little bit of everything. Start with Cross-Site Scripting, for example. Google it. Look at write-ups. Look at the solution for your current challenge, but it is important that you figure out why it works. As you go along with DVWA you will come across PHP and SQL. So google those and learn and... Source: about 2 years ago
Yes, the top 10 is a good place to start and pick a category from. For practice and demonstration you can use https://owasp.org/www-project-juice-shop/ or https://dvwa.co.uk/. Source: over 2 years ago
Https://dvwa.co.uk/ Several difficulty levels on each topic. Source: over 2 years ago
It's not a distro, but you might still find DVWA (Damn Vulnerable Web Application) interesting. It's a PHP/MySQL-based web app, with the same goal as the distro you mentioned. Source: over 2 years ago
Sqlmap - sqlmap is an open source penetration testing tool that automates the process of detecting and...
TryHackMe - TryHackMe is an online platform for learning and teaching cyber security, all through your browser.
Acunetix Vulnerability Scanner - Acunetix Vulnerability Scanner is a platform that offers a web vulnerability scanner and provides security testing to users for their web applications.
Hack The Box - An online platform to test and advance your skills in penetration testing and cyber security.
Rapid7 - Find security issues, verify vulnerability mitigations & manage security assessments with Metasploit. Get the world's best penetration testing software now. DownloadPen testing software to act like an attacker.
VulnHub - VulnHub provides materials allowing anyone to gain practical hands-on experience with digital security, computer applications and network administration tasks.
