Open-source alternatives to WebGoat

Ethical-Hacking-Labs is a comprehensive cybersecurity training curriculum and lab suite designed for learning penetration testing, network analysis, and offensive security techniques. It provides a structured environment for practicing the full attack lifecycle, from initial reconnaissance and scanning to exploitation and post-compromise analysis. The project provides instructional materials and guided exercises that cover specific technical domains, including open source intelligence research and network security courseware. It includes a practical workbook for identifying system vulnerabili

This project is a comprehensive, community-curated directory of cybersecurity resources, tools, and educational materials. It functions as a centralized index for researchers and students to discover frameworks and utilities across the entire security lifecycle, ranging from initial vulnerability assessment to post-exploitation analysis. The repository distinguishes itself through a hierarchical taxonomy that organizes diverse security disciplines into a searchable, version-controlled knowledge base. Rather than hosting software directly, it utilizes a decentralized aggregation model that lin

Juice Shop is a self-contained web application designed as a platform for cybersecurity education and security training. It functions as a controlled environment containing intentional security flaws, allowing users to practice offensive security techniques and defensive coding practices while tracking their progress through a live scoreboard. The platform serves as an industry-standard benchmark for evaluating the effectiveness and detection accuracy of automated security scanning tools. By hosting a standardized set of known vulnerabilities and common attack patterns, it provides a reliable

Vulhub is a collection of pre-configured, containerized applications designed to serve as a standardized platform for security research, vulnerability testing, and educational exploitation exercises. It functions as an orchestration framework that enables users to deploy isolated software environments for the purpose of practicing penetration testing and analyzing common security flaws in a controlled setting. The project utilizes an infrastructure-as-code pattern to define complex, multi-service software stacks, ensuring that testing targets remain consistent and reproducible. By leveraging

This project serves as a centralized, community-driven repository of technical knowledge and administrative resources. It provides a structured taxonomy that aggregates disparate information into a searchable framework, supporting continuous learning and rapid problem-solving for system administrators and cybersecurity practitioners. By mapping resources across offensive security, infrastructure management, and software development, it offers a unified path for skill acquisition and professional reference. The project is defined by a command-line-first design philosophy, prioritizing terminal

Maskphish is a comprehensive security toolkit that integrates capabilities for digital forensics, network vulnerability scanning, open-source intelligence, penetration testing, and social engineering. It functions as a multi-purpose framework for automating reconnaissance and executing security audits across diverse network environments. The project features a specialized phishing and social engineering toolkit used for cloning websites, masking URLs, and deploying deceptive pages to capture user credentials. It also includes a remote access Trojan builder for generating platform-specific exe

Damn Small Vulnerable Web

the main hackademic code repository

The OWASP NodeGoat project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them.

Kubernetes Goat is a security training environment designed for practicing the identification and exploitation of common vulnerabilities within an intentionally insecure cluster. It provides a controlled setting to simulate system exploitations, including container escapes, role misconfigurations, and server-side requests. The project utilizes scenario-based vulnerability deployment to create specific security flaws. It includes utilities for environment management that allow the cluster to be restored to a clean baseline by removing vulnerable scenarios, service accounts, and role bindings.

This project serves as a comprehensive cybersecurity training platform and resource repository focused on web application security. It functions as a centralized hub for security practitioners, providing both a curated collection of technical documentation and research, and a system for deploying isolated, containerized environments to practice security analysis and exploitation techniques. The platform distinguishes itself by integrating automated data aggregation with hands-on, container-based orchestration. It maintains a current knowledge base of industry research and digital threats whil

container-use is a containerized AI execution environment and code sandbox designed to provide a secure space for AI coding agents to execute commands and build applications. It functions as a workspace orchestrator that provisions isolated containers mapped to git branches, allowing multiple agents to operate in parallel without state conflicts or affecting the host system. The project serves as a Model Context Protocol server, bridging AI agents to containerized environments for standardized tool access. It enables a workflow for reviewing and merging changes made by agents within these iso

Dangerzone is a security tool and content sanitizer that converts untrusted files into safe PDFs. It removes malicious content by rendering documents as raw pixels within a sandboxed environment and rebuilding them as new PDF files to strip executable scripts and hidden threats. The project utilizes container-based sandboxing to isolate file processing from the host operating system. It is designed for air-gapped execution, allowing the sanitization process to operate on hardware without network connectivity to prevent malware from communicating with external servers. To maintain document ut

GOAD is an Ansible-based automation tool and infrastructure orchestrator used to deploy pre-configured networks of vulnerable Windows virtual machines. It serves as a security training environment for practicing Active Directory penetration testing, privilege escalation, and lateral movement across various cloud platforms and local virtualization hypervisors. The project distinguishes itself through a multi-provider infrastructure model and a system of infrastructure recipes that simulate intentional security misconfigurations. It supports the deployment of varied attack scenarios, including

Acontext is an LLM orchestration backend and agent memory framework designed to manage session state and knowledge for AI agents. It functions as a context manager and orchestration layer that integrates model providers with a secure code sandbox and a zero-knowledge data store. The project is distinguished by its approach to knowledge distillation, capturing agent learnings as reusable Markdown skills and structured memory files. It provides a secure execution environment where shell commands and scripts run in isolated containers with the ability to mount these persistent skill files direct

OpenShell is a security framework and sandboxed execution runtime for autonomous AI agents. It provides isolated environments using containers and virtual machines to protect host infrastructure and sensitive data from unauthorized access during agent execution. The system distinguishes itself by combining hardware-accelerated passthrough for host GPU access with a security gateway that intercepts model API calls. This gateway manages credentials by stripping caller information and injecting backend secrets, ensuring sensitive API keys remain off the local filesystem. The platform covers bro

Xray is a security assessment tool focused on web vulnerability scanning, attack surface mapping, and technology fingerprinting. It identifies common security flaws through automated scanning and semantic analysis, while verifying findings via a custom proof-of-concept execution engine. The system distinguishes itself with a containerized vulnerability testbed used to deploy pre-configured vulnerable applications. This environment allows for the simulation of specific vulnerabilities and edge-case scenarios to validate scanner accuracy and eliminate false positives. The platform covers a bro

This project is a secure container runtime that provides strong isolation for application workloads by implementing a userspace kernel. By intercepting system calls and executing them within a memory-safe, restricted environment, it minimizes the attack surface exposed to the host kernel. It functions as a drop-in engine for standard container orchestration platforms, ensuring compatibility with industry-standard runtime specifications while maintaining a hardened execution boundary. The runtime distinguishes itself through its ability to virtualize core system resources, including an indepen

Open Interpreter is an autonomous agent runtime that translates natural language instructions into executable code to interact with local software and operating systems. It functions as an orchestration framework that connects language models to a secure execution environment, enabling the development of agents capable of managing system resources and performing complex tasks. To ensure safety, the system mandates explicit user verification before executing any generated code and provides robust isolation through containerized sandboxing. The project distinguishes itself through its deep inte

Security-101 is a vendor-agnostic, foundational cybersecurity learning curriculum organized into modular, framework-aligned modules. It is designed to build core knowledge across multiple security domains without tying content to specific products or platforms, making it suitable for both beginners and professionals seeking a structured introduction to the field. The curriculum is built around established security frameworks, including the MITRE ATT&CK framework for standardized threat analysis and the NIST Cybersecurity Framework for incident response workflows. It covers a broad range of do

how2heap is an educational resource and technical testbed for learning heap-based vulnerabilities and memory allocator internals. It provides a collection of source code examples and binaries that serve as a laboratory for studying memory corruption techniques specifically targeting the glibc malloc implementation. The project focuses on the development of exploit primitives, such as tcache poisoning and double frees, to redirect program execution. It includes a suite of implementations for bypassing memory protections and manipulating heap metadata to achieve arbitrary memory writes. The fr

This project is a framework for the autonomous discovery and remediation of security vulnerabilities using large language model agents. It functions as a security research pipeline that automates the process of reconnaissance, crash discovery, and exploitability analysis to identify reproducible software bugs. The system distinguishes itself by utilizing a containerized agent sandbox that restricts network egress and filesystem access to prevent host compromise. It employs a specialized patch generation and validation loop, which includes adversarial re-attack testing where a fresh agent atte

This project provides a collection of instructional guides and tutorials for Android app development, native mobile application creation, and computer science education. It focuses on building native applications through step-by-step implementation, covering the development of user interfaces and the integration of system hardware and permissions. The material extends into broader technical domains, including the study of fundamental data structures and algorithms for technical interview preparation. It also covers cybersecurity fundamentals, such as identifying web vulnerabilities and implem

XAgent is an autonomous agent system that decomposes complex goals into sequential subtasks for execution via a planner and actor model. It functions as a collaboration framework that integrates human-in-the-loop workflows, allowing users to provide real-time guidance and missing information during the automation process. The system features a containerized tool sandbox to isolate the execution of shells and browsers, ensuring system safety and consistency. It includes a state-based execution recorder that captures snapshots of agent runs to enable the exact reproduction of specific task sequ

This is a hands-on lab environment for learning network penetration testing techniques, centered on setting up and attacking a vulnerable Active Directory network. The project provides a structured framework for practicing the full attack chain, from initial reconnaissance and scanning through exploitation, privilege escalation, lateral movement, and credential theft, all within isolated virtual machine labs. The lab environment is designed to simulate real-world attack scenarios, including the ability to compile and execute exploit code directly against targets without relying on Metasploit.

Nanoclaw is an LLM agent orchestrator and multi-platform chat gateway designed to deploy and manage isolated AI agents. It provides a containerized runtime that executes agents within sandboxed Linux containers, ensuring filesystem and state isolation through dedicated workspaces and host bind-mounts. The project distinguishes itself through a unified routing pipeline that connects agents to diverse messaging platforms, including WhatsApp, Discord, Slack, Telegram, Signal, and iMessage. It integrates the Model Context Protocol to extend agent capabilities via managed external data and functio

DeepAnalyze is an autonomous data science agent and research pipeline designed to transform raw datasets into comprehensive analysis reports. It operates by generating and executing Python code to perform data preparation, modeling, and visualization. The system utilizes a secure, containerized execution environment to run generated scripts in isolation from the host system. It includes a benchmarking tool to evaluate the accuracy and performance of large language models against standardized data science tasks and a standardized API gateway for managing model completions and file uploads. Th