Websites To Practice Hacking (Legally)

Hello guys,

Top command for beginners

If you want to become an ethical hacker and want to practice your hacking skills, today I am going to tell you some websites where you can practice, these websites are legally made for hacker who wants to practice hacking.


bWAPP which stands for Buggy Web Application is a hacking practicing platform which is free and open source. This websites has included over 100 common vulnerabilities . bWAPP is developed in PHP and usesd MySQL

Damn Vulnerable iOS App (DVIA)

DVIA is a vulnerable application made for app developers to practice hacking and found common bugs in Application, this is made for iOS 7 or above, this platform is especially helpful for app developers, you must check it once.

Game of Hacks

This is a another vulnerable application to perform hacking

Google Gruyere

This vulnerable site is full of loop whole and aimed to those who just started to learn application security.

  • find security vulnerabilities.
  • exploit web applications.
  • find security vulnerabilities.
  • how to stop hackers to finding and exploiting vulnerabilities.

Gruyere has various security bugs range from cross-site scripting and cross-site requests. The goal of this platform is to guide you through discovering bugs and learning ways to fix them too.

Get started here: http://google-gruyere.appspot.com/


HackThis is designed to taught how to hack, how to secure websites against hacker’s. HackThis!! offers various difficulty levels, in addition to make a live and active online community making this platform a great source of hacking practice and articles too.

Get started with HackThis

Hack This Site

HackThisSite! is a legal and very safe place to perform their hacking skills. The hub offers hacking news, articles and tutorials and aims to taught us to learn and practice our hacking skills developed by completing various challenges.

Start with HackThisSite here.

Hellbound Hackers

Hellbound hackers offer a wide range of challenges with vision to teach us how to find exploit and suggest the code to fix them. This website is the very ultimate site for hacking tutorials, covers a large number of topics like application cracking, social engineering, etc.

Read more and get started here.

McAfee HacMe Sites

Foundstone, a observe at intervals McAfee’s skilled Services, launched a series of web sites in 2006 aimed for pen testers and security professionals wanting to extend their InfoSec chops. every simulated app offers a “real-world” expertise, designed with “real-world” vulnerabilities. From mobile bank apps to apps designed to require reservations, these comes cowl a large array of security problems to assist any security-minded skilled keep before the hackers.
The cluster of web sites include:


Yet another OWASP project on our list, hymenopteron is another deliberately vulnerable net application designed for UNIX operating system and Windows. This project is really a collection of PHP scripts containing all the OWASP high 10 vulnerabilities and additional and is armed with hints to assist users start.

10 OverTheWire

OverTheWire is best for developers and security pros of experience levels to learn and practice hacking. Beginners should start with “Bandit”, here the basics are teaches, and will progress to higher levels to advanced all with more complex bugs and exploits. here

11 Peruggia

Peruggia is a very safe environment for security pros and developers to learn common attacks in web applications.

Peruggia here.

12 Root Me

Root Me is the best and easy way to challenge and improve our hacking skills and web security knowledge with the help of 200 hacking challenges and 50 virtual environments. Root Me here.

13 Try2Hack

Created by ra.phid.ae and considered one of the oldest challenge sites still around, Try2Hack offers multiple security challenges.
The game features diverse levels which are sorted by difficulty, all created to practice hacking for your entertainment. There is an IRC channel for beginners where you can join the community and ask for help, in addition to a full walkthrough based on GitHub.Try2Hack is available here.

14 Vicnum

The goal of Vicnum is “to make the security of web applications strong by educating peoples (students, management, users, developers, auditors) as to what they might go wrong in a web app, the site says.

here the games and available CTFs for download.

15 WebGoat

This is an insecure app that provides very good teaching and learning environment which designed to teach users about application security issues.

OWASP project page here

For help with the lessons, download.

Top Termux Tool for beginners

Leave a Comment