I built VVMList for cybersecurity learners to easily find specific techniques used on specific machines.

A few years ago, I originally created VVMList to track the machines I completed and the techniques I used to solve them. After some time, I semi-abandoned the project.

At the end of 2024, I revisited the idea and decided to expand it into something bigger. More like a structured "ctf bible" for learners who want to study techniques in a more organized way.

For this, I read through many machine writeups from Vulnhub, HackMyVM, VulNyx and HackTheBox. I extracted and categorized the techniques used in each machine.

This process led to VVMList v3. when I first started, the project included around 250 machines. With v3, it grew to over 1200 machines, which allowed me to reach the original scope I had in mind.

In the 2026 annual update (v3.2), I added newly released machines from the platforms, integrated ctfmirror.com (my another project) for all machine images and integrated archive.org for all writeups. The goal was to provide a more centralized solution and reduce the risk of resources disappearing over time.

I'd really appreciate feedback from the community. Does the structure make sense? Are there techniques or machines that you think are missing? Any suggestions to improve usability or make it more useful for learners are very welcome.

Thanks for taking a look.