cider-security-research / cicd-goat
A deliberately vulnerable CI/CD environment. Learn CI/CD security through multiple challenges.
☆1,950Updated 4 months ago
Related projects ⓘ
Alternatives and complementary repositories for cicd-goat
- AWSGoat : A Damn Vulnerable AWS Infrastructure☆1,748Updated 3 weeks ago
- Automating situational awareness for cloud penetration tests.☆1,955Updated last month
- Checklist for container security - devsecops practices☆1,525Updated last year
- An encyclopedia for offensive and defensive security knowledge in cloud native technologies.☆1,729Updated this week
- Vulnerable app with examples showing how to not use secrets☆1,235Updated this week
- 🛡️ Awesome Cloud Security Resources ⚔️☆2,087Updated last week
- Vulnerable REST API with OWASP top 10 vulnerabilities for security testing☆928Updated 3 months ago
- ☆400Updated last year
- Awesome free cloud native security learning labs. Includes CTF, self-hosted workshops, guided vulnerability labs, and research labs.☆1,433Updated 2 weeks ago
- The OWASP DevSecOps Guideline can help us to embedding security as a part of the development pipeline.☆848Updated 4 months ago
- Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on p…☆4,457Updated this week
- This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage clou…☆2,574Updated 2 months ago
- The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.☆4,399Updated this week
- AzureGoat : A Damn Vulnerable Azure Infrastructure☆787Updated 3 weeks ago
- A curated list of awesome CI CD security resources☆524Updated 2 weeks ago
- Granular, Actionable Adversary Emulation for the Cloud☆1,829Updated last week
- My cheatsheet notes to pentest AWS infrastructure☆656Updated 2 years ago
- Identify privilege escalation paths within and across different clouds☆667Updated 2 weeks ago
- completely ridiculous API (crAPI)☆1,119Updated this week
- 📚 A curated list of awesome Docker security resources☆642Updated 2 weeks ago
- vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.☆1,178Updated last year
- CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool☆2,974Updated last week
- Curated list of links, references, books videos, tutorials (Free or Paid), Exploit, CTFs, Hacking Practices etc. which are related to AWS…☆1,272Updated last month
- Docker Enumeration, Escalation of Privileges and Container Escapes (DEEPCE)☆1,205Updated 5 months ago
- Peirates - Kubernetes Penetration Testing tool☆1,243Updated last month
- A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the communit…☆3,072Updated 2 months ago
- This is a step-by-step guide to implementing a DevSecOps program for any size organization☆1,908Updated 8 months ago
- Practical resources for offensive CI/CD security research. Curated the best resources I've seen since 2021.☆489Updated 3 weeks ago
- ♾️ Collection and Roadmap for everyone who wants DevSecOps. Hope your DevOps are more safe 😎☆1,800Updated 3 weeks ago