Based on our record, Damn Vulnerable Web Application seems to be a lot more popular than Rapid7. While we know about 13 links to Damn Vulnerable Web Application, we've tracked only 1 mention of Rapid7. We are tracking product recommendations and mentions on various public social media platforms and blogs. They can help you identify which product is more popular and what people think of it.
I would start with something like DVWA: https://dvwa.co.uk/. Source: about 2 years ago
When you've got that, do some web-based challenges. The Damn Vulnerable Web Application is a great start as it has a little bit of everything. Start with Cross-Site Scripting, for example. Google it. Look at write-ups. Look at the solution for your current challenge, but it is important that you figure out why it works. As you go along with DVWA you will come across PHP and SQL. So google those and learn and... Source: about 2 years ago
Yes, the top 10 is a good place to start and pick a category from. For practice and demonstration you can use https://owasp.org/www-project-juice-shop/ or https://dvwa.co.uk/. Source: over 2 years ago
Https://dvwa.co.uk/ Several difficulty levels on each topic. Source: over 2 years ago
It's not a distro, but you might still find DVWA (Damn Vulnerable Web Application) interesting. It's a PHP/MySQL-based web app, with the same goal as the distro you mentioned. Source: over 2 years ago
- Security rule allowing anything on the inside to anywhere on the outside, but I reference a custom url category I created with rapid7.com and *.rapid7.com in that category. Since I can't reference a wildcard domain in the destination tab, I thought I would be able to match traffic to this rule for anything hitting *.rapid7.com using a custom url category. Source: over 1 year ago
TryHackMe - TryHackMe is an online platform for learning and teaching cyber security, all through your browser.
Qualys - Qualys helps your business automate the full spectrum of auditing, compliance and protection of your IT systems and web applications.
Hack The Box - An online platform to test and advance your skills in penetration testing and cyber security.
Nessus - Nessus Professional is a security platform designed for businesses who want to protect the security of themselves, their clients, and their customers.
VulnHub - VulnHub provides materials allowing anyone to gain practical hands-on experience with digital security, computer applications and network administration tasks.
Tenable.io - Tenable.io Cyber Exposure platform helps to protect any asset on any computing platform and eliminate blind spots.