wrongsecrets
Secrets management training ground
An educational platform demonstrating common mistakes in secrets management and providing tools to help developers identify and mitigate these issues.
Vulnerable app with examples showing how to not use secrets
1k stars
19 watching
358 forks
Language: Java
last commit: 6 days ago
Linked from 4 awesome lists
awsazurectfdevsecopsdockergcphashicorp-vaultjavakeepasskubernetesowaspsecretssecrets-managementsecurityterraform-awsterraform-azureterraform-gcpvaultvulnerable-web-app
4ndersonlin/awesome-cloud-security
jakobthedev/awesome-devsecops
vavkamil/awesome-vulnerable-apps
funkmyster/awesome-cloud-securityRelated projects:
| Repository | Description | Stars |
|---|---|---|
| owasp/owaspwebgoatphp | An interactive web application designed to teach web application security through challenges and lessons. | 122 |
| owasp/securityshepherd | A training platform for web and mobile application security testing and learning | 1,348 |
| owasp/nodegoat | An environment to learn about OWASP Top 10 security risks in Node.js web applications | 1,885 |
| owasp/webgoat.net | A penetration testing tool designed to simulate real-world web application vulnerabilities. | 69 |
| owasp/railsgoat | A vulnerable Ruby on Rails application designed to educate developers about common web security vulnerabilities. | 869 |
| owasp/igoat-swift | A vulnerable Swift application used to teach iOS security and exploitation techniques | 410 |
| owasp/docker-security | A guide to building secure containerized environments using Docker | 632 |
| owasp/iotgoat | A deliberately insecure firmware designed to test common vulnerabilities in IoT devices | 701 |
| owasp/dvsa | An intentionally vulnerable serverless application for testing security skills and understanding secure development practices. | 534 |
| owasp/serverless-goat | A proof-of-concept demonstration of common serverless security flaws and weaknesses | 319 |
| owasp/owasp-vwad | A registry of known vulnerable web applications | 873 |
| owasp/glue | A framework for automating security analysis pipelines of various tools | 522 |
 gitguardian/apisecuritybestpractices | Resources to help developers keep sensitive information secret and mitigate potential security breaches | 1,917 |
| owasp/joomscan | Automated vulnerability scanner for Joomla CMS deployments to identify potential security issues. | 1,078 |
 jerryhoff/webgoat.net | An educational web application designed to demonstrate common web security flaws and their countermeasures. | 223 |