Update README.md

This commit is contained in:
Omar Santos 2023-03-01 22:59:56 -05:00 committed by GitHub
parent eeea367ff2
commit 65e1546a0d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -15,10 +15,18 @@ Note: The folks at Offensive Security have created a free training and book that
- [The PenTesters Framework (PTF)](https://github.com/trustedsec/ptf): a Python script designed for Debian/Ubuntu/ArchLinux based distributions to create a similar and familiar distribution for Penetration Testing. Created by David Kennedy and maintained by the community.
- [Offensive Docker](https://github.com/aaaguirrep/pentest): Image with the more used tools to create a pentest environment easily and quickly.
- [PwnMachine by YesWeHack](https://github.com/yeswehack/pwn-machine): a self hosting solution based on docker aiming to provide an easy to use pwning station for bug hunters. The basic install include a web interface, a DNS server and a reverse proxy.
## Building a Home Lab
[This repository from @reswob10](https://github.com/reswob10/HomeLabResources) is an amazing resource to learn how to build your own cybersecurity lab at home. The repo includes references of blogs and videos that explain different lab setup, tools, and automation.
## WebSploit Labs: A Convenient, Simple, Yet Powerful Learning Environment
[WebSploit Labs](https://websploit.org/) is a learning environment created by [Omar Santos](https://omarsantos.io) for different Cybersecurity Ethical Hacking ( Penetration Testing) training sessions delivered at [DEFCON](https://www.wallofsheep.com/blogs/news/packet-hacking-village-workshops-at-def-con-26-finalized), [DEF CON Red Team Village](https://redteamvillage.io), [O'Reilly Live Training (foremely known as Safari)](https://learning.oreilly.com/search/?query=omar%20santos&extended_publisher_data=true&highlight=true&include_assessments=false&include_case_studies=true&include_courses=true&include_playlists=true&include_collections=true&include_notebooks=true&is_academic_institution_account=false&source=user&formats=live%20online%20training&sort=relevance&facet_json=true&page=0&include_facets=false&include_scenarios=true&include_sandboxes=true&json_facets=true), and many other conferences and forums.
The purpose of this VM is to have a lightweight (single VM) with a few web application penetration testing tools, as well as vulnerable applications.
## Vulnerable Servers and Applications
There are several intentionally vulnerable applications and virtual machines that you can deploy in a lab (safe) environment to practice your skills. You can also run some of them in Docker containers.
@ -26,13 +34,6 @@ There are several intentionally vulnerable applications and virtual machines tha
Go to the [Vulnerable Servers Section](https://github.com/The-Art-of-Hacking/art-of-hacking/tree/master/vulnerable_servers) of this GitHub repository to obtain a list of dozens of vulnerable applications and VMs that can be used to practice your skills.
## WebSploit Labs
[WebSploit Labs](https://websploit.org/) is a learning environment created by [Omar Santos](https://omarsantos.io) for different Cybersecurity Ethical Hacking ( Penetration Testing) training sessions delivered at [DEFCON](https://www.wallofsheep.com/blogs/news/packet-hacking-village-workshops-at-def-con-26-finalized), [DEF CON Red Team Village](https://redteamvillage.io), [O'Reilly Live Training (foremely known as Safari)](https://learning.oreilly.com/search/?query=omar%20santos&extended_publisher_data=true&highlight=true&include_assessments=false&include_case_studies=true&include_courses=true&include_playlists=true&include_collections=true&include_notebooks=true&is_academic_institution_account=false&source=user&formats=live%20online%20training&sort=relevance&facet_json=true&page=0&include_facets=false&include_scenarios=true&include_sandboxes=true&json_facets=true), and many other conferences and forums.
The purpose of this VM is to have a lightweight (single VM) with a few web application penetration testing tools, as well as vulnerable applications.
## Cloud-Based Cyber Ranges
- [PurpleCloud](https://github.com/iknowjason/PurpleCloud): Cyber Range environment created by [Jason Ostrom](https://twitter.com/securitypuck) using Active Directory and automated templates for building your own Pentest/Red Team/Cyber Range in the Azure cloud!
- [CyberRange by SECDEVOPS@CUSE](https://github.com/secdevops-cuse/CyberRange): AWS-based Cyber Range.