Intentionally Vulnerable Cloud Environments
Discover open-source cloud platforms designed for practicing penetration testing and identifying common security misconfigurations.
Intentionally Vulnerable Cloud Environments
Find the best repos with AI.We'll search the best matching repositories with AI.
- bridgecrewio/cdkgoat
bridgecrewio/cdkgoat
CdkGoat is Bridgecrew's "Vulnerable by Design" AWS CDK repository. CdkGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.
CdkGoat is a purpose-built, intentionally vulnerable AWS infrastructure-as-code project designed specifically for security training and identifying cloud misconfiguration patterns.
PythonSecurity Training Labs - ine-labs/awsgoat
ine-labs/AWSGoat
2,025View on GitHubAWSGoat : A Damn Vulnerable AWS Infrastructure
AWSGoat is a purpose-built, intentionally vulnerable AWS environment designed specifically for security training and practicing penetration testing against common cloud misconfiguration patterns.
PHPSecurity Training Labs - bridgecrewio/terragoat
bridgecrewio/terragoat
1,289View on GitHubTerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.
TerraGoat is a purpose-built collection of intentionally misconfigured Terraform templates for AWS, Azure, and GCP that provides a hands-on environment for learning cloud security and infrastructure-as-code vulnerabilities.
HCLSecurity Training Labs - juice-shop/juice-shop
juice-shop/juice-shop
12,530View on GitHubJuice Shop is a self-contained web application designed as a platform for cybersecurity education and security training. It functions as a controlled environment containing intentional security flaws, allowing users to practice offensive security techniques and defensive coding practices while tracking their progress through a live scoreboard. The platform serves as an industry-standard benchmark for evaluating the effectiveness and detection accuracy of automated security scanning tools. By hosting a standardized set of known vulnerabilities and common attack patterns, it provides a reliable environment for validating the performance of security software and testing the capabilities of various vulnerability assessment tools. The application manages these security challenges through a modular request-handling pipeline and an object-relational mapping layer that ensures consistent state across user interactions. It maintains a centralized registry of active vulnerabilities and uses event-driven updates to reflect progress in the user interface. The project is distributed as a complete, deployable web environment for training and testing purposes.
This is a vulnerable web application designed for practicing web-based security exploits, but it does not provide the cloud infrastructure environments or misconfiguration patterns required for cloud security training.
TypeScriptCybersecurity Training LabsSecurity Training LabsVulnerable Web Applications - bishopfox/iam-vulnerable
BishopFox/iam-vulnerable
Use Terraform to create your own vulnerable by design AWS IAM privilege escalation playground.
This repository provides a Terraform-based environment specifically designed to practice AWS IAM privilege escalation, making it a focused tool for cloud security training despite its narrow scope compared to full-cloud lab suites.
HCLSecurity Training Labs - bridgecrewio/cfngoat
bridgecrewio/cfngoat
Cfngoat is Bridgecrew's "Vulnerable by Design" Cloudformation repository. Cfngoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.
Cfngoat provides a collection of intentionally misconfigured CloudFormation templates designed specifically for learning and practicing cloud security, making it a direct fit for training environments despite its focus on AWS infrastructure.
Security Training Labs
