github-actions-goat
CI/CD vulnerability simulator
An educational project demonstrating common security attacks and vulnerabilities in GitHub Actions CI/CD environments
GitHub Actions Goat: Deliberately Vulnerable GitHub Actions CI/CD Environment
445 stars
9 watching
258 forks
Language: JavaScript
last commit: 3 months ago actionsattack-simulationattack-simulatordevsecopshackingsecurity
Related projects:
| Repository | Description | Stars |
|---|---|---|
 cider-security-research/cicd-goat | A deliberately vulnerable CI/CD environment designed to teach security best practices through interactive challenges | 1,967 |
 nccgroup/goatcasino | A platform for simulating and exploiting smart contract vulnerabilities in a controlled environment | 116 |
 cycodelabs/cimon-action | A runtime security solution that monitors and mitigates attacks in software supply chains | 91 |
| step-security/harden-runner | Provides network egress filtering and runtime security for GitHub-hosted and self-hosted runners to protect against supply chain attacks and unauthorized access | 637 |
 game-ci/unity-actions | Automates testing and building of Unity projects on various platforms. | 998 |
 cypress-io/github-action | A GitHub Action for automating Cypress end-to-end and component testing | 1,372 |
| cycodelabs/raven | Analyzes potential security vulnerabilities in Continuous Integration/Continuous Deployment workflows and repositories. | 634 |
 harisekhon/github-actions | Provides a reusable template and workflow library for GitHub Actions CI/CD pipelines | 49 |
 snyk/actions | A set of GitHub Actions for integrating vulnerability scanning into software development workflows. | 523 |
 guardicore/monkey | An adversary emulation platform used to test and improve network security defenses by simulating malware infections | 6,697 |
 mainframed/dvca | An application showcasing vulnerabilities in a CICS system | 21 |
 mushorg/glastopf | A Python-based web application honeypot that simulates common web application vulnerabilities to detect and analyze potential threats. | 564 |
 appleboy/gitlab-ci-action | A GitHub Action that triggers GitLab CI builds. | 65 |
 boostsecurityio/poutine | Detects misconfigurations and vulnerabilities in software supply chains during build pipelines. | 239 |
 globocom/huskyci | Automated security testing and analysis tool | 579 |