Top 22 Hacking Sites and CTF wargames:
https://wheresmykeyboard.com/2016/07/hacking-sites-ctfs-wargames-practice-hacking-skills/
It is about CTF training and education (Reference from here: http://captf.com/practice-ctf/)
Top CTFs In This Planet
HITCON
Plaid CTF
Boston Key Party
DEF CON
Codegate
Hack In The Box
Secuinside
SECCON
RuCTF
More ....
Recommended
http://pwnable.tw/ (a newer set of high quality pwnable challenges)
http://pwnable.kr/ (one of the more popular recent wargamming sets of challenges)
https://picoctf.com/ (Designed for high school students while the event is usually new every year, it's left online and has a great difficulty progression)
https://microcorruption.com/login (one of the best interfaces, a good difficulty curve and introduction to low-level reverse engineering, specifically on an MSP430)
http://ctflearn.com/ (a new CTF based learning platform with user-contributed challenges)
http://reversing.kr/
http://hax.tor.hu/
https://w3challs.com/
https://pwn0.com/
https://io.netgarage.org/
http://ringzer0team.com/
http://www.hellboundhackers.org/
http://www.overthewire.org/wargames/
http://counterhack.net/Counter_Hack/Challenges.html
http://www.hackthissite.org/
http://vulnhub.com/
http://ctf.komodosec.com
Others
https://www.onlinectf.com/challenges/
https://backdoor.sdslabs.co/
http://smashthestack.org/wargames.html
http://hackthecause.info/
http://bright-shadows.net/
http://www.mod-x.co.uk/main.php
http://scanme.nmap.org/
http://www.hackertest.net/
http://net-force.nl/
http://securityoverride.org/ Some good concepts, but "canned" vulnerabilities (string matching on input) will frustrate knowledgable hackers and teach newbies the wrong lessons
Meta
http://www.wechall.net/sites.php (excellent list of challenge sites)
http://ctf.forgottensec.com/wiki/ (good CTF wiki, though focused on CCDC)
http://repo.shell-storm.org/CTF/ (great archive of CTFs)
Webapp Specific
http://demo.testfire.net/
http://wocares.com/xsstester.php
http://crackme.cenzic.com/
http://test.acunetix.com/
http://zero.webappsecurity.com/
Forensics Specific
http://computer-forensics.sans.org/community/challenges
http://computer-forensics.sans.org/community/challenges
http://forensicscontest.com/
Recruiting
https://www.praetorian.com/challenges/pwnable/
http://rtncyberjobs.com/
http://0x41414141.com/
Paid Training
http://heorot.net/
Downloadable Offline Games
http://www.badstore.net/
http://www.owasp.org/index.php/Category:OWASP_WebGoat_Project
http://www.owasp.org/index.php/Owasp_SiteGenerator
Damn Vulnerable Web App
Stanford SecureBench
Stanford SecureBench Micro
http://www.irongeek.com/i.php?page=security/mutillidae-deliberately-vulnerable-php-owasp-top-10
Virtual Machines
https://pentesterlab.com/exercises/
http://sourceforge.net/projects/metasploitable/files/Metasploitable2/
Damn Vulnerable Linux (not currently live? local mirror)
Inactive or Gone
Just around for historical sake, or on the off-chance they come back.
http://rootcontest.com/
http://intruded.net/
https://how2hack.net
WebMaven (Buggy Bank)
http://www.foundstone.com/us/resources/proddesc/hacmetravel.htm
http://www.foundstone.com/us/resources/proddesc/hacmebooks.htm
http://www.foundstone.com/us/resources/proddesc/hacmecasino.htm
http://www.foundstone.com/us/resources/proddesc/hacmeshipping.htm
http://hackme.ntobjectives.com/
http://testphp.acunetix.com/
http://testasp.acunetix.com/Default.asp
http://prequals.nuitduhack.com
http://www.gat3way.eu/index.php (Russian)
http://exploit-exercises.com/ (challenges mirrored on vulnhub)
http://damo.clanteam.com/
http://p6drad-teel.net/~windo/wargame/
http://roothack.org/
http://ha.ckers.org/challenge/
http://ha.ckers.org/challenge2/
http://www.dc3.mil/challenge/