Here's another one from my favorite professor in information security.
So, in this hour long workshop, Professor Sam Bowne at CCSF, teaches folks at Toro.hack the basic of developing exploits - from a beginner's standpoint.
He start by presenting the capture the flag platform at his website, which is samsclass.info, then he showcases, SQL injections (basic), then he goes into using Burpsuite to read and manipulate web requests, and many many more interesting stuff from a security standpoint.
So, for the challenges that Prof. Bowne goes into, the students only require a web browser, Java, and Burp. I, for one, would recommend using a penetration testing distribution like Kali Linux to have all of them in one, but that's not really necessary.