5 Vulnerable Distros For Practicing Hacking

In one of my Previous post i wrote about some of the best penetration testing distributions that you can use, In today's post i will write about some of the Vulnerable distros that you can Use for practicing pen testing and Hacking

1. Metasploitable

Metasploitable is an intentionally vulnerable Linux virtual machine. This VM can be used to conduct security training, test security tools, and practice common penetration testing techniques Version 2 of this virtual machine is available for download from Sourceforge and ships with even more vulnerabilities than the original image.

2. Kioptrix
This Kioptrix VM Image are easy challenges. The object of the game is to acquire root access via any means possible (except actually hacking the VM server or player).The purpose of these games are to learn the basic tools and techniques in vulnerability assessment and exploitation. There are more ways then one to successfully complete the challenges.

3. Webgoat

WebGoat is a deliberately insecure J2EE web application maintained by OWASP designed to teach web application security lessons. In each lesson, users must demonstrate their understanding of a security issue by exploiting a real vulnerability in the WebGoat application. For example, in one of the lessons the user must use SQL injection to steal fake credit card numbers. The application is a realistic teaching environment, providing users with hints and code to further explain the lesson.

4. Hackademic

Hackademic Challenges implement realistic scenarios with known vulnerabilities in a safe, controllable environment. Users can attempt to discover and exploit these vulnerabilities in order to learn important concepts of information security through the attacker's perspective.Currently, there are 10 web application security scenarios available.You can choose to start from the one that you find most appealing,although we suggest to follow the order presented on the first page.We intend to expand the available challenges with additional scenarios that involve cryptography, and even vulnerable systems implemented in download-able virtual machines.

5. pWnOS

It's a linux virtual machine intentionally configured with exploitable services to provide you with a path to root Currently, the virtual machine NIC is configured in bridged networking, so it will obtain a normal IP address on the network you are connected to. You can easily change this to NAT or Host Only if you desire. A quick ping sweep will show the IP address of the virtual machine.

Hope this info helps you, If you have any doubts Regarding the article Please let me know them via comments