OWASP/Serverless-Goat

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/OWASP/Serverless-Goat)

OWASP / Serverless-Goat

OWASP ServerlessGoat: a serverless application demonstrating common serverless security flaws

☆328

Alternatives and similar repositories for Serverless-Goat

Users that are interested in Serverless-Goat are comparing it to the libraries listed below

Sorting:

OWASP / Serverless-Top-10-Project
View on GitHub
OWASP Serverless Top 10
☆217Jul 6, 2021Updated 4 years ago
OWASP / DVSA
View on GitHub
a Damn Vulnerable Serverless Application
☆542Sep 12, 2023Updated 2 years ago
OWASP / OWASPWebGoatPHP
View on GitHub
A deliberately vulnerable web application for learning web application security.
☆150Apr 28, 2025Updated 10 months ago
m6a-UdS / dvca
View on GitHub
Damn Vulnerable Cloud Application
☆209Sep 12, 2018Updated 7 years ago
torque59 / AWS-Vulnerable-Lambda
View on GitHub
An AWS Lambda vulnerable application written in flask.
☆49Oct 9, 2017Updated 8 years ago
RhinoSecurityLabs / cloudgoat
View on GitHub
CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool
☆3,510Updated this week
joshlarsen / aws-recon
View on GitHub
Multi-threaded AWS inventory collection tool with a focus on security-relevant resources and metadata.
☆554Jul 13, 2025Updated 8 months ago
sonofagl1tch / AWSDetonationLab
View on GitHub
This script is used to generate some basic detections of the aws security services
☆72Feb 21, 2022Updated 4 years ago
nccgroup / sadcloud
View on GitHub
A tool for standing up (and tearing down!) purposefully insecure cloud infrastructure
☆758Oct 14, 2023Updated 2 years ago
BishopFox / iam-vulnerable
View on GitHub
Use Terraform to create your own vulnerable by design AWS IAM privilege escalation playground.
☆553Mar 12, 2026Updated last week
wickett / lambhack
View on GitHub
A very vulnerable serverless application in AWS Lambda
☆98Oct 7, 2019Updated 6 years ago
nccgroup / ScoutSuite
View on GitHub
Multi-Cloud Security Auditing Tool
☆7,579Sep 23, 2025Updated 5 months ago
RhinoSecurityLabs / pacu
View on GitHub
The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
☆5,097Updated this week
pumasecurity / serverless-prey
View on GitHub
Serverless Functions for establishing Reverse Shells to Lambda, Azure Functions, and Google Cloud Functions
☆248Jan 28, 2026Updated last month
OWASP / iGoat-Swift
View on GitHub
OWASP iGoat (Swift) - A Damn Vulnerable Swift Application for iOS
☆449Dec 29, 2025Updated 2 months ago
appsecco / using-docker-kubernetes-for-automating-appsec-and-osint-workflows
View on GitHub
Repository for all the workshop content delivered at nullcon X on 1st of March 2019
☆80Apr 4, 2019Updated 6 years ago
gravitational / cve-2018-1002105
View on GitHub
Test utility for cve-2018-1002105
☆195Dec 13, 2018Updated 7 years ago
OWASP / NodeGoat
View on GitHub
The OWASP NodeGoat project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Nod…
☆2,021Jun 15, 2024Updated last year
netscylla / JWT_Hacking
View on GitHub
Collection of scripts that aid in penetration testing of JSON Web Tokens
☆59Feb 2, 2019Updated 7 years ago
nccgroup / PMapper
View on GitHub
A tool for quickly evaluating IAM permissions in AWS.
☆1,544Aug 2, 2024Updated last year
ine-labs / AWSGoat
View on GitHub
AWSGoat : A Damn Vulnerable AWS Infrastructure
☆1,984May 20, 2025Updated 10 months ago
pear / Crypt_RSA
View on GitHub
☆11Oct 3, 2014Updated 11 years ago
jpiechowka / zip-shotgun
View on GitHub
Utility script to test zip file upload functionality (and possible extraction of zip files) for vulnerabilities (aka Zip Slip)
☆31May 31, 2019Updated 6 years ago
Voulnet / barq
View on GitHub
barq: The AWS Cloud Post Exploitation framework!
☆388Nov 19, 2022Updated 3 years ago
secvulture / dvta
View on GitHub
Damn Vulnerable Thick Client App
☆155Jul 16, 2020Updated 5 years ago
ine-labs / AzureGoat
View on GitHub
AzureGoat : A Damn Vulnerable Azure Infrastructure
☆918Oct 30, 2024Updated last year
we45 / DVFaaS-Damn-Vulnerable-Functions-as-a-Service
View on GitHub
Intentionally Vulnerable Serverless Functions to understand the specifics of Serverless Security Vulnerabilities
☆136Dec 8, 2022Updated 3 years ago
dagrz / aws_pwn
View on GitHub
A collection of AWS penetration testing junk
☆1,221Aug 30, 2023Updated 2 years ago
appsecco / attacking-cloudgoat2
View on GitHub
A step-by-step walkthrough of CloudGoat 2.0 scenarios.
☆136Apr 28, 2020Updated 5 years ago
OWASP / glue
View on GitHub
Application Security Automation
☆527Sep 5, 2023Updated 2 years ago
OWASP / OWASP-VWAD
View on GitHub
This repo is no longer in use. Please refer to https://github.com/OWASP/www-project-vulnerable-web-applications-directory
☆884Mar 2, 2026Updated 2 weeks ago
aws-samples / cybersecurity-genai
View on GitHub
☆20Nov 21, 2024Updated last year
VV1LD / DumpFile405
View on GitHub
File Decrypter for the PS4 version 4.05
☆16Jan 5, 2018Updated 8 years ago
toniblyx / my-arsenal-of-aws-security-tools
View on GitHub
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
☆9,414Oct 16, 2025Updated 5 months ago
andresriancho / jwt-fuzzer
View on GitHub
JWT fuzzer
☆107Jul 24, 2018Updated 7 years ago
ProPuke / photon
View on GitHub
The fastest way to build beautiful Electron apps using simple HTML and CSS
☆10Jul 22, 2017Updated 8 years ago
RhinoSecurityLabs / Security-Research
View on GitHub
Exploits written by the Rhino Security Labs team
☆1,096Jan 23, 2021Updated 5 years ago
madhuakula / kubernetes-goat
View on GitHub
Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on p…
☆5,437Nov 18, 2025Updated 4 months ago
step-security / github-actions-goat
View on GitHub
GitHub Actions Goat: Deliberately Vulnerable GitHub Actions CI/CD Environment
☆496Jun 27, 2025Updated 8 months ago