Pentest - Complete Operating System
Am Wednesday, 6. Jul 2011 im Topic 'Pentest'
Name: Damn Vulnerable Linux
Homepage: http://www.damnvulnerablelinux.org/
Brief description: Damn Vulnerable Linux (DVL) is everything a good Linux distribution isn’t. Its developers have spent hours stuffing it with broken, ill-configured, outdated, and exploitable software that makes it vulnerable to attacks. DVL isn’t built to run on your desktop – it’s a learning tool for security students.
Version/Levels: 1
Name: De-ICE
Homepage: http://heorot.net/livecds/ or http://www.de-ice.net
Brief description: The PenTest LiveCDs are the creation of Thomas Wilhelm, who was transferred to a penetration test team at the company he worked for. Needing to learn as much about penetration testing as quickly as possible, Thomas began looking for both tools and targets. He found a number of tools, but no usable targets to practice against. Eventually, in an attempt to narrow the learning gap, Thomas created PenTest scenarios using LiveCDs.
Version/Levels: Level 1 - Disk 1, Level 1 - Disk 2, Level 1 - Disk 3 (A & B) Level 2 - Disk 1
Name: Holynix
Homepage: http://pynstrom.net/holynix.php
Brief description: Holynix is a Linux distribution that was deliberately built to have security holes for the purposes of penetration testing.
Version/Levels: 2
Name: Kioptrix
Homepage: http://www.kioptrix.com
Brief description: This Kioptrix VM Image are easy challenges. The object of the game is to acquire
root access via any means possible (except actually hacking the VM server or player).
The purpose of these games are to learn the basic tools and techniques in vulnerability
assessment and exploitation. There are more ways then one to successfully complete the challenges.
Version/Levels: 3
Name: Metasploitable
Homepage: http://blog.metasploit.com/2010/05/introducing-metasploitable.html
Brief description: One of the questions that we often hear is "What systems can i use to test against?" Based on this, we thought it would be a good idea throw together an exploitable VM that you can use for testing purposes.
Version/Levels: 1
Name: NETinVM
Homepage: http://informatica.uv.es/~carlos/docencia/netinvm/#id7
Brief description: NETinVM is a single VMware virtual machine image that contains, ready to run, a series of User-mode Linux (UML) virtual machines which, when started, conform a whole computer network inside the VMware virtual machine. Hence the name NETinVM, an acronym for NETwork in Virtual Machine. NETinVM has been conceived mainly as an educational tool for teaching and learning about operating systems, computer networks and system and network security, but other uses are certainly possible.
Version/Levels: 3 (2010-12-01)
Name: pWnOS
Homepage: http://forums.heorot.net/viewtopic.php?f=21&t=149
Brief description: It's a linux virtual machine intentionally configured with exploitable services to provide you with a path to r00t. :) Currently, the virtual machine NIC is configured in bridged networking, so it will obtain a normal IP address on the network you are connected to. You can easily change this to NAT or Host Only if you desire. A quick ping sweep will show the IP address of the virtual machine.
Version/Levels: 1
Name: RuCTFE 2010
Homepage: http://ructf.org/e/2010/
Brief description: RuCTFE is a remote challenge in information security
Version/Levels: 1
Homepage: http://www.damnvulnerablelinux.org/
Brief description: Damn Vulnerable Linux (DVL) is everything a good Linux distribution isn’t. Its developers have spent hours stuffing it with broken, ill-configured, outdated, and exploitable software that makes it vulnerable to attacks. DVL isn’t built to run on your desktop – it’s a learning tool for security students.
Version/Levels: 1
Name: De-ICE
Homepage: http://heorot.net/livecds/ or http://www.de-ice.net
Brief description: The PenTest LiveCDs are the creation of Thomas Wilhelm, who was transferred to a penetration test team at the company he worked for. Needing to learn as much about penetration testing as quickly as possible, Thomas began looking for both tools and targets. He found a number of tools, but no usable targets to practice against. Eventually, in an attempt to narrow the learning gap, Thomas created PenTest scenarios using LiveCDs.
Version/Levels: Level 1 - Disk 1, Level 1 - Disk 2, Level 1 - Disk 3 (A & B) Level 2 - Disk 1
Name: Holynix
Homepage: http://pynstrom.net/holynix.php
Brief description: Holynix is a Linux distribution that was deliberately built to have security holes for the purposes of penetration testing.
Version/Levels: 2
Name: Kioptrix
Homepage: http://www.kioptrix.com
Brief description: This Kioptrix VM Image are easy challenges. The object of the game is to acquire
root access via any means possible (except actually hacking the VM server or player).
The purpose of these games are to learn the basic tools and techniques in vulnerability
assessment and exploitation. There are more ways then one to successfully complete the challenges.
Version/Levels: 3
Name: Metasploitable
Homepage: http://blog.metasploit.com/2010/05/introducing-metasploitable.html
Brief description: One of the questions that we often hear is "What systems can i use to test against?" Based on this, we thought it would be a good idea throw together an exploitable VM that you can use for testing purposes.
Version/Levels: 1
Name: NETinVM
Homepage: http://informatica.uv.es/~carlos/docencia/netinvm/#id7
Brief description: NETinVM is a single VMware virtual machine image that contains, ready to run, a series of User-mode Linux (UML) virtual machines which, when started, conform a whole computer network inside the VMware virtual machine. Hence the name NETinVM, an acronym for NETwork in Virtual Machine. NETinVM has been conceived mainly as an educational tool for teaching and learning about operating systems, computer networks and system and network security, but other uses are certainly possible.
Version/Levels: 3 (2010-12-01)
Name: pWnOS
Homepage: http://forums.heorot.net/viewtopic.php?f=21&t=149
Brief description: It's a linux virtual machine intentionally configured with exploitable services to provide you with a path to r00t. :) Currently, the virtual machine NIC is configured in bridged networking, so it will obtain a normal IP address on the network you are connected to. You can easily change this to NAT or Host Only if you desire. A quick ping sweep will show the IP address of the virtual machine.
Version/Levels: 1
Name: RuCTFE 2010
Homepage: http://ructf.org/e/2010/
Brief description: RuCTFE is a remote challenge in information security
Version/Levels: 1
