The OWASP Hackademic Challenge project helps you test your knowledge on web application security. You can use it to actually attack web applications in a realistic but also controllable and safe environment.
The Hackademic challenges implement realistic scenarios with known vulnerabilities in a safe, controllable environment. Users can attempt to discover and exploit these vulnerabilities in order to learn important concepts of information security through the attacker's perspective.
You can choose to start from the one that you find most appealing, although we suggest to follow the order presented on the first page. We intend to expand the available challenges with additional scenarios that involve cryptography and even vulnerable systems implemented in downloadable virtual machines.
Follow the guide in the docs folder.