cloudgoat
Vulnerable Cloud Simulator
An AWS deployment tool designed to provide intentionally vulnerable cloud infrastructure for hands-on learning and penetration testing.
CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool
3k stars
74 watching
622 forks
Language: Python
last commit: 11 days ago
Linked from 6 awesome lists
qazbnm456/awesome-web-security
infoslack/awesome-web-hacking
4ndersonlin/awesome-cloud-security
teamssix/awesome-cloud-security
vavkamil/awesome-vulnerable-apps
funkmyster/awesome-cloud-securityRelated projects:
| Repository | Description | Stars |
|---|---|---|
 ine-labs/azuregoat | A vulnerable Azure infrastructure simulator used to demonstrate and practice cloud security vulnerabilities | 786 |
| rhinosecuritylabs/ccat | A tool designed to test the security of container environments by simulating various attacks and vulnerabilities. | 589 |
 bridgecrewio/terragoat | A training project that demonstrates how common configuration errors can be introduced into cloud infrastructure to test secure development best practices | 1,154 |
 tenable/cnappgoat | A tool for creating and managing vulnerable environments in cloud computing platforms. | 266 |
| rhinosecuritylabs/cloud-security-research | Publishing research findings on cloud security vulnerabilities and exploitation techniques | 355 |
 owasp/webgoat.net | A penetration testing tool designed to simulate real-world web application vulnerabilities. | 69 |
| ine-labs/gcpgoat | A vulnerable cloud infrastructure demonstrating common web application security risks and misconfigurations | 359 |
 hxsecurity/terraformgoat | A multi-cloud deployment tool designed to test and demonstrate the vulnerability of cloud infrastructure configurations | 536 |
| owasp/iotgoat | A deliberately insecure firmware designed to test common vulnerabilities in IoT devices | 701 |
| bridgecrewio/cfngoat | A training project demonstrating how common configuration errors can lead to production cloud environment issues | 92 |
 jerryhoff/webgoat.net | An educational web application designed to demonstrate common web security flaws and their countermeasures. | 223 |
| owasp/nodegoat | An environment to learn about OWASP Top 10 security risks in Node.js web applications | 1,885 |
 scriptingxss/iotgoat | A deliberately insecure firmware project designed to test common IoT vulnerabilities | 180 |
| rhinosecuritylabs/pacu | An AWS exploitation framework designed to test the security of Amazon Web Services environments | 4,391 |
 metarget/metarget | A framework for automating the construction of vulnerable cloud-native infrastructure | 1,098 |