When you’re trying to get involved in the information security industry and become a security professional, having access to a fully functional penetration testing lab is critical. The pentest lab is where you’ll develop your skills, learn new tactics, and expand your knowledge. Setting up a pentest lab, however, can be both challenging and expensive. That’s why we created the CTF365 free account, a free account that allows members to access our free online pentest lab
We already have Metasploitable and bWAPP in the cloud. Now we have more great news for CTF365 free account members. As we promised, we’ve extended our free pentest lab by adding “Hacme Bank” and “Hacme Casino,” courtesy of McAfee Foundstone.
“Hacme BankTM is designed to teach application developers, programmers, architects and security professionals how to create secure software. Hacme BankTM simulates a “real-world” online banking application, which was built with a number of known and common vulnerabilities such as SQL injection and cross-site scripting.”
You can read the official Hacme Bank documentation HERE
Hacme Casino (suspended for now)
“Hacme CasinoTM is a learning platform for secure software development and is targeted at software developers, application penetration testers, software architects, and anyone with an interest in application security.” You can read the official Hacme Casino documentation HERE
Also, since we got into the Microsoft BizSpark startup program, CTF365 members can now train their hacking skills against Windows Server 2008 and WindowsXP, the OSs that Hacme Bank and Hacme Casino are deployed on.
By adding these components to our free pentest lab, we hope to help new comers and ethical hacker wannabes find their way into the security industry as qualified security professionals.
If you’re an InfoSec instructor or teacher, feel free to use these applications in the cloud to create webcasts and teach your students. Also, if you’re a screencaster, feel free to use them in your video tutorials. Don’t forget to share your creations and experiences with us. We’d love to hear about them
You can access the servers at:
In order to access them, please remember that you have to be logged into our VPN.
If there’s a vulnerable-by-design server or web app that you’d like to see in the CTF365 cloud, leave the information for us in a comment below. We’ll review it and, if we think it’ll be a valuable contribution, we’ll add it to the cloud in the future.
We believe that entry level resources should be open and free of charge for anyone who wants to dive into the InfoSec industry. Through this, we think we can make the Internet a little bit safer.
CTF365 it’s a top notch Security Training Platform with a focus on Security Professionals, System Administrators and Web Developers that offers five stars services regarding training, learning and improving offensive and defensive web security
Any questions? Glad to answer.
Stay secure while having fun.