Where can I find vulnerable code snnipets to practice vulnerability research skills?

Hi guys, Iā€™m looking for vulnerable server side code snippets in order to practice my vulnerabilty research skills.
Do you know where can find a dump of such thing ?
moreover, I would like for a recommadation of CTFs in the topic of vulnerability research.
thanks in advanced :slight_smile:

2 Likes

Well Iā€™m no exploit dev or what ever but here is a list of awesome places I know:
https://overthewire.org/wargames/
https://exploit-exercises.lains.space/
https://pwnable.kr/

I advice you to start with exploit exercises as they deal with vulnerable code snippets

hope this helps!

3 Likes

i really encourage purchasing this book to support the authors, but you can peruse it, here. vulnerable snippets and solutions to bad practices

http://index-of.es/Miscellanous/24-DEADLY-SINS-OF-SOFTWARE-SECURITY-2010.pdf

SEI CERT has coding standards with examples of vulnerable and remedied code. there are free books on C, C++, Android, Perl, and Java

https://wiki.sei.cmu.edu/confluence/display/seccode/SEI+CERT+Coding+Standards

2 Likes

The first book is just wow