靶机

http://demo.testfire.net

http://testphp.vulnweb.com (这个我试了可以)

http://testasp.vulnweb.com

http://testaspnet.vulnweb.com

http://zero.webappsecurity.com

http://crackme.cenzic.com

http://www.webscantest.com

http://scanme.nmap.org

 

https://www.cnblogs.com/iAmSoScArEd/p/10761895.html

 

 

• • SecurityTweets

  http://testhtml5.vulnweb.com

  - nginx, Python, Flask, CouchDB
  - Review Acunetix HTML5 scanner or learn more on the topic.

  • Acuart

  http://testphp.vulnweb.com

  - Apache, PHP, MySQL
  - Review Acunetix PHP scanner or learn more on the topic.

  • Acuforum

  http://testasp.vulnweb.com

  - IIS, ASP, Microsoft SQL Server
  - Review Acunetix SQL scanner or learn more on the topic.

  • Acublog

  http://testaspnet.vulnweb.com

  - IIS, ASP.NET, Microsoft SQL Server
  - Review Acunetix network scanner or learn more on the topic.

   

   

   

   

  靶场。https://buuoj.cn/challenges      (这个好賊多场景)

   

   

  http://www.jishu5.com/post/296.html

  

   

   

   

  docker 快速部署靶机

   docker run -d -p 3000:3000 bkimminich/juice-shop

  https://www.cnblogs.com/jason-huawen/p/16045943.html

  挑战步骤: https://github.com/juice-shop/pwning-juice-shop/blob/master/appendix/solutions.md#perform-a-dom-xss-attack

  所有bug https://pwning.owasp-juice.shop/appendix/solutions.html

   

  47关 http://www.manongjc.com/detail/50-uqvqvjixdysqufg.html (大佬中文解题)

  https://blog.csdn.net/qq_36531487/article/details/113863816