mikeprivette / awesome-sec-challengesView external linksLinks
A curated list of Awesome Security Challenges.
☆211Nov 6, 2024Updated last year
Alternatives and similar repositories for awesome-sec-challenges
Users that are interested in awesome-sec-challenges are comparing it to the libraries listed below
Sorting:
- Cloud Commotion intends to cause chaos to simulate security incidents☆145Jun 18, 2024Updated last year
- ☆116Updated this week
- ## Auto-archived due to inactivity. ## Tooling to simulate runtime attacks and test default runtime detections from Datadog Cloud Securit…☆37Oct 17, 2024Updated last year
- A cloud security tool to search and clean up unused AWS access keys, written in Go.☆52Sep 2, 2022Updated 3 years ago
- Create notes during a security code review in VSCode 📝 Import your favorite SAST tool findings 🛠️ and collaborate with others 🤝☆142Nov 3, 2025Updated 3 months ago
- Create your own vulnerable by design AWS penetration testing playground☆433Feb 6, 2026Updated last week
- Tools that checks for misconfigured access to Github OIDC from AWS roles and GCP service accounts☆61May 15, 2023Updated 2 years ago
- ☆22Jul 24, 2025Updated 6 months ago
- Autonomous AI C2☆33Jul 23, 2024Updated last year
- ☆24Mar 20, 2023Updated 2 years ago
- Public repository to provide guidance and examples for people to start learning IaC. This repository also contains some open-hack style l…☆23Jun 14, 2023Updated 2 years ago
- Awesome free cloud native security learning labs. Includes CTF, self-hosted workshops, guided vulnerability labs, and research labs.☆1,855Oct 1, 2025Updated 4 months ago
- POC tool to create signed AWS API GET requests to bypass Guard Duty alerting of off-instance credential use via SSRF☆59Sep 20, 2023Updated 2 years ago
- GitHub Actions Goat: Deliberately Vulnerable GitHub Actions CI/CD Environment☆494Jun 27, 2025Updated 7 months ago
- An AI-powered tool for discovering privilege escalation opportunities in AWS IAM configurations.☆118Feb 4, 2026Updated last week
- Harness the security superpowers of your cloud asset inventory☆11Sep 22, 2024Updated last year
- This application was built to help reduce the amount of time it takes to review AWS Lambda code.☆61Nov 11, 2024Updated last year
- A GitHub Actions Supply Chain CTF / Goat☆27Jan 6, 2026Updated last month
- Curated list of links, references, books videos, tutorials (Free or Paid), Exploit, CTFs, Hacking Practices etc. which are related to AWS…☆1,510Jan 28, 2026Updated 2 weeks ago
- Security interview questions with possible explanation for roles in AppSec, Pentesting, Cloud Security, DevSecOps, Network Security and s…☆407Dec 28, 2024Updated last year
- An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)☆127Jul 14, 2024Updated last year
- ☆41Nov 29, 2024Updated last year
- CLI to prevent malicious Terraform Providers from being executed. You can define the allow list of Terraform Providers and their versions…☆88Updated this week
- Ansible/Vagrant/Packer files to create a virtual machine with the tooling needed to perform cloud security assessments☆141Jan 2, 2025Updated last year
- ✨ A compilation of suggested tools/services for each component in a detection and response pipeline, along with real-world examples. The …☆289Feb 5, 2024Updated 2 years ago
- An evolving repository of CloudTrail events with detailed descriptions, MITRE ATT&CK insights, real-world incidents, references and secur…☆172Feb 8, 2026Updated last week
- Awesome secure by default libraries to help you eliminate bug classes!☆699Dec 6, 2025Updated 2 months ago
- ☆18Jul 30, 2024Updated last year
- A tool for scanning public or private AMIs for sensitive files and secrets. The tool follows the research made on AWS CloudQuarry where w…☆113Nov 13, 2024Updated last year
- This repo contains IOC, malware and malware analysis associated with Public cloud☆249Nov 11, 2024Updated last year
- A PoC to Simulate Ransomware Attack on AWS Environment☆32Oct 14, 2024Updated last year
- EKS NG AMI Updater is an open source project that can be used to update kubernetes node group images.☆28Feb 5, 2026Updated last week
- Research on various techniques to bypass default falco ruleset (based on falco v0.28.1).☆88Jan 28, 2024Updated 2 years ago
- Simple plug-and-play Github Action to block unauthorized outbound traffic (egress) in your Github workflows☆117Updated this week
- HoneyZure is a honeypot tool specifically designed for Azure environments, fully provisioned through Terraform. It leverages a Log Analyt…☆17Jun 11, 2024Updated last year
- GCP GOAT is the vulnerable application for learn the GCP Security☆70May 20, 2025Updated 8 months ago
- This tool analyzes a given Gitlab repository and searches for dangling or force-pushed commits containing potential secret or interesting…☆47Aug 16, 2024Updated last year
- Blogpost series showcasing interesting cloud - web app security bugs☆49Jun 13, 2023Updated 2 years ago
- K8s Network Policy Migrator is a tool to migrate Calico or Cilium custom network policies to Kubernetes native network policy. The tool o…☆32Aug 29, 2023Updated 2 years ago