metarget
Cloud Native Vulnerability Generator
A framework for automating the construction of vulnerable cloud-native infrastructure
Metarget is a framework providing automatic constructions of vulnerable infrastructures.
1k stars
18 watching
171 forks
Language: Python
last commit: about 1 year ago
Linked from 2 awesome lists
cloud-nativecloud-native-securitycontainercontainer-escapecontainer-securitykernel-exploitationkuberneteskubernetes-securityprivilege-escalationtargetvulnerabilitiesvulnerable-infrastructurevulnerable-infrastructuresvulnerable-scenes
teamssix/awesome-cloud-securityRelated projects:
| Repository | Description | Stars |
|---|---|---|
 bridgecrewio/terragoat | A training project that demonstrates how common configuration errors can be introduced into cloud infrastructure to test secure development best practices | 1,159 |
 rhinosecuritylabs/cloudgoat | An AWS deployment tool designed to provide intentionally vulnerable cloud infrastructure for hands-on learning and penetration testing. | 2,991 |
| bridgecrewio/cfngoat | A training project demonstrating how common configuration errors can lead to production cloud environment issues | 92 |
 tenable/cnappgoat | A tool for creating and managing vulnerable environments in cloud computing platforms. | 269 |
| metarget/k0otkit | A tool designed to manipulate and control Kubernetes clusters after initial penetration and privilege escalation. | 281 |
 hashishrajan/cloud-security-vulnerabilities | Lists publicly disclosed vulnerabilities in various cloud services. | 357 |
 qazbnm456/vwgen | Automates the creation of vulnerable web applications for testing and security research purposes. | 84 |
 emo-crab/scap-rs | A collection of Rust libraries for working with vulnerability data from various sources. | 17 |
 mushorg/glastopf | A Python-based web application honeypot that simulates common web application vulnerabilities to detect and analyze potential threats. | 564 |
 ine-labs/azuregoat | A vulnerable Azure infrastructure simulator used to demonstrate and practice cloud security vulnerabilities | 801 |
 prevade/cloudjack | Checks AWS accounts for subdomain hijacking vulnerabilities | 84 |
| tenable/kaimonkey | A toolset providing vulnerable cloud infrastructure as code to analyze and secure infrastructure-as-code threats | 96 |
 mpgn/cve-2019-0192 | A proof of concept project demonstrating a remote code execution vulnerability in Apache Solr via deserialization of untrusted data | 209 |
| bridgecrewio/cdkgoat | Demonstrates how common configuration errors can lead to production cloud misconfigurations | 44 |
 genetic-malware/ebowla | A framework for creating environmental keyed payloads | 740 |