cider-security-research / cicd-goat
A deliberately vulnerable CI/CD environment. Learn CI/CD security through multiple challenges.
☆1,938Updated 3 months ago
Related projects ⓘ
Alternatives and complementary repositories for cicd-goat
- An encyclopedia for offensive and defensive security knowledge in cloud native technologies.☆1,706Updated this week
- Checklist for container security - devsecops practices☆1,520Updated last year
- Automating situational awareness for cloud penetration tests.☆1,930Updated 3 weeks ago
- AWSGoat : A Damn Vulnerable AWS Infrastructure☆1,732Updated last week
- 🛡️ Awesome Cloud Security Resources ⚔️☆2,075Updated 5 months ago
- Awesome free cloud native security learning labs. Includes CTF, self-hosted workshops, guided vulnerability labs, and research labs.☆1,426Updated last week
- Vulnerable app with examples showing how to not use secrets☆1,231Updated this week
- This is a step-by-step guide to implementing a DevSecOps program for any size organization☆1,903Updated 7 months ago
- This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage clou…☆2,572Updated last month
- AzureGoat : A Damn Vulnerable Azure Infrastructure☆779Updated last week
- Azure and AWS Attacks☆1,047Updated last year
- Identify privilege escalation paths within and across different clouds☆665Updated this week
- CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool☆2,966Updated this week
- Vulnerable REST API with OWASP top 10 vulnerabilities for security testing☆918Updated 2 months ago
- Granular, Actionable Adversary Emulation for the Cloud☆1,817Updated this week
- vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.☆1,172Updated last year
- Docker Enumeration, Escalation of Privileges and Container Escapes (DEEPCE)☆1,197Updated 5 months ago
- The OWASP DevSecOps Guideline can help us to embedding security as a part of the development pipeline.☆846Updated 3 months ago
- completely ridiculous API (crAPI)☆1,109Updated this week
- A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the communit…☆3,047Updated last month
- My cheatsheet notes to pentest AWS infrastructure☆655Updated 2 years ago
- 📚 A curated list of awesome Docker security resources☆641Updated last week
- Curated list of links, references, books videos, tutorials (Free or Paid), Exploit, CTFs, Hacking Practices etc. which are related to AWS…☆1,263Updated last month
- ☆399Updated last year
- Azure Security Resources and Notes☆1,479Updated 4 months ago
- A curated list of awesome CI CD security resources☆523Updated last week
- Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on p…☆4,386Updated last week
- A curated list of threat modeling resources (Books, courses - free and paid, videos, tools, tutorials and workshops to practice on ) for …☆1,398Updated 3 months ago
- Tools & Interesting Things for RedTeam Ops☆2,138Updated last year
- Security Remediation Guides☆708Updated 3 weeks ago