cfngoat
Cloud simulation
A training project demonstrating how common configuration errors can lead to production cloud environment issues
Cfngoat is Bridgecrew's "Vulnerable by Design" Cloudformation repository. Cfngoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.
92 stars
10 watching
624 forks
last commit: 7 months ago
Linked from 2 awesome lists
aws-securitycloudformationcloudsecuritydevsecops
jakobthedev/awesome-devsecops
vavkamil/awesome-vulnerable-appsRelated projects:
| Repository | Description | Stars |
|---|---|---|
| bridgecrewio/cdkgoat | Demonstrates how common configuration errors can lead to production cloud misconfigurations | 44 |
| bridgecrewio/terragoat | A training project that demonstrates how common configuration errors can be introduced into cloud infrastructure to test secure development best practices | 1,159 |
 tenable/cnappgoat | A tool for creating and managing vulnerable environments in cloud computing platforms. | 269 |
 rhinosecuritylabs/cloudgoat | An AWS deployment tool designed to provide intentionally vulnerable cloud infrastructure for hands-on learning and penetration testing. | 2,991 |
| bridgecrewio/checkov | An automated tool for identifying security and compliance vulnerabilities in cloud infrastructure and software packages. | 7,214 |
 ine-labs/azuregoat | A vulnerable Azure infrastructure simulator used to demonstrate and practice cloud security vulnerabilities | 801 |
 rogerwelin/cfnctl | A tool that allows users to manage infrastructure using CloudFormation templates in a Terraform-like CLI workflow | 131 |
 nccgroup/sadcloud | A tool for generating intentionally insecure cloud infrastructure for testing and auditing purposes | 666 |
 someengineering/fixinventory | Tools to identify and remove critical risks in cloud infrastructure accounts by analyzing metadata from APIs of various cloud services | 1,617 |
 clouditera/secgpt | Develops and shares a large language model for network security applications, enabling the exploration of AI in cybersecurity. | 1,953 |
 owasp/nodegoat | An environment to learn about OWASP Top 10 security risks in Node.js web applications | 1,895 |
 beaknit/cform | Tools for creating and managing CloudFormation templates | 103 |
 dschadow/cloudsecurity | A collection of cloud security projects demonstrating secure configuration and secrets management with Spring Cloud Config and Vault | 27 |
 cloudwego/community | A community-driven platform for contributing to and improving enterprise-class cloud native architectures | 83 |
| owasp/webgoat.net | A penetration testing tool designed to simulate real-world web application vulnerabilities. | 69 |