cicd-goat
CI training ground
A deliberately vulnerable CI/CD environment designed to teach security best practices through interactive challenges
A deliberately vulnerable CI/CD environment. Learn CI/CD security through multiple challenges.
2k stars
32 watching
322 forks
Language: Python
last commit: 8 months ago
Linked from 4 awesome lists
appseccicdctfdevopsdevsecopsgitlabinfosecjenkinssecurity
sbilly/awesome-security
teamssix/awesome-cloud-security
jakobthedev/awesome-devsecops
vavkamil/awesome-vulnerable-appsRelated projects:
| Repository | Description | Stars |
|---|---|---|
 step-security/github-actions-goat | An educational project demonstrating common security attacks and vulnerabilities in GitHub Actions CI/CD environments | 445 |
 cycodelabs/raven | Analyzes potential security vulnerabilities in Continuous Integration/Continuous Deployment workflows and repositories. | 634 |
 ccdcoe/cdmcs | An open-source project providing educational materials and resources for learning advanced security monitoring technologies | 100 |
| cycodelabs/cimon-action | A runtime security solution that monitors and mitigates attacks in software supply chains | 91 |
 oasis-tcs/cacao | A collaborative platform for managing technical content related to cyber security training and operations | 28 |
 rung/threat-matrix-cicd | A threat matrix for securing CI/CD pipelines, mapping risks and techniques to help developers understand and mitigate threats. | 740 |
 cage-challenge/cage-challenge-2 | An AI research challenge and platform to test autonomous cyber defense capabilities using a simulated environment. | 46 |
| cage-challenge/cyborg | A cyber security research environment for training and development of security human and autonomous agents. | 65 |
 mainframed/dvca | An application showcasing vulnerabilities in a CICS system | 21 |
 clouditera/secgpt | Develops and shares a large language model for network security applications, enabling the exploration of AI in cybersecurity. | 1,953 |
 harisekhon/jenkins | Provides a comprehensive Jenkinsfile and Groovy Shared Library for automating CI/CD pipelines across various cloud platforms and tools | 69 |
 manicodesecurity/ios-attack-defense | A comprehensive lab material for teaching iOS app security and vulnerability testing | 20 |
 fortiphyd/grficsv2 | A proof-of-concept simulation framework demonstrating industrial control system security vulnerabilities and attack scenarios | 409 |
 nicolasgarcia214/damn-vulnerable-defi-foundry | A DeFi smart contract training tool that simulates real-world vulnerabilities to help developers learn offensive security testing skills | 495 |
 nathanawmk/top-10-cicd-security-risks | An analysis of common security risks in Continuous Integration/Continuous Deployment systems and processes. | 3 |