cfngoat
Cloud simulation
A training project demonstrating how common configuration errors can lead to production cloud environment issues
Cfngoat is Bridgecrew's "Vulnerable by Design" Cloudformation repository. Cfngoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.
92 stars
10 watching
622 forks
last commit: 4 months ago
Linked from 2 awesome lists
aws-securitycloudformationcloudsecuritydevsecops
jakobthedev/awesome-devsecops
vavkamil/awesome-vulnerable-appsRelated projects:
| Repository | Description | Stars |
|---|---|---|
| bridgecrewio/cdkgoat | Demonstrates how common configuration errors can lead to production cloud misconfigurations | 44 |
| bridgecrewio/terragoat | A training project that demonstrates how common configuration errors can be introduced into cloud infrastructure to test secure development best practices | 1,154 |
 tenable/cnappgoat | A tool for creating and managing vulnerable environments in cloud computing platforms. | 266 |
 rhinosecuritylabs/cloudgoat | An AWS deployment tool designed to provide intentionally vulnerable cloud infrastructure for hands-on learning and penetration testing. | 2,973 |
| bridgecrewio/checkov | An automated tool for identifying security and compliance vulnerabilities in cloud infrastructure and software packages. | 7,126 |
 ine-labs/azuregoat | A vulnerable Azure infrastructure simulator used to demonstrate and practice cloud security vulnerabilities | 786 |
 rogerwelin/cfnctl | A tool that allows users to manage infrastructure using CloudFormation templates in a Terraform-like CLI workflow | 131 |
 nccgroup/sadcloud | A tool for generating intentionally insecure cloud infrastructure for testing and auditing purposes | 658 |
 someengineering/fixinventory | Tools to identify and remove critical risks in cloud infrastructure accounts by analyzing metadata from APIs of various cloud services | 1,608 |
 clouditera/secgpt | Develops and shares a large language model for network security applications, enabling the exploration of AI in cybersecurity. | 1,870 |
 owasp/nodegoat | An environment to learn about OWASP Top 10 security risks in Node.js web applications | 1,885 |
 beaknit/cform | Tools for creating and managing CloudFormation templates | 103 |
 dschadow/cloudsecurity | A collection of cloud security projects demonstrating secure configuration and secrets management with Spring Cloud Config and Vault | 27 |
 cloudwego/community | A community-driven platform for contributing to and improving enterprise-class cloud native architectures | 81 |
| owasp/webgoat.net | A penetration testing tool designed to simulate real-world web application vulnerabilities. | 69 |