Finding targets can be difficult
There are many places to practice hacking that are open to the public. Many of them are set-up as a competition, where you earn points for getting the flag on a box, and some boxes have multiple flags. They vary in difficulty but often have a rating to warn you of the difficulty prior to attempting. I will update this list as I come across new sites so check back in. As i try out the challenges and boxes on these sites, I’ll also update what I feel the difficulty is.
Hack the Box – This site is the most popular place to test your skills. It has 20 active boxes that can be hacked, in a private VPN space. Other people work on the same box as you, and sometimes they crash the box or reset it. Here’s a link.
Practical pentester labs- this site has courses and labs. Their labs are free and split into several types. They have easy, medium and hard levels so it is easy to figure out which ones to try. They are also split into type of box like Web application and. Check it out here.
Shellterlabs- this site has some basic training and labs. The labs are free and can be accessed via a Web vpn. They are clearly marked from easy to hard as well. They are categorized into the type of challenge they are making it easy to practice a specific skill. Shellterlabs has Web application, reverse engineering, and crpytographic challenges. It is located here.