tenable/cnappgoat external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

tenable/cnappgoat

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/tenable/cnappgoat)

Close

tenable / cnappgoatView on GitHubMore

• External links
• Readme badge

CNAPPgoat is an open source project designed to modularly provision vulnerable-by-design components in cloud environments.

☆293Sep 4, 2024Updated last year

Alternatives and similar repositories for cnappgoat

Users that are interested in cnappgoat are comparing it to the libraries listed below

• tenable / cnappgoat-scenarios

  View on GitHub
  This repository provides a comprehensive collection of Pulumi scenarios utilized by cnappgoat
  ☆21Jan 28, 2025Updated last year
• vectra-ai-research / derf

  View on GitHub
  DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation o…
  ☆101Jan 12, 2024Updated 2 years ago
• BishopFox / cloudfoxable

  View on GitHub
  Create your own vulnerable by design AWS penetration testing playground
  ☆437Feb 16, 2026Updated 2 weeks ago
• primeharbor / sensitive_iam_actions

  View on GitHub
  Crowdsourced list of sensitive IAM Actions
  ☆159Oct 29, 2024Updated last year
• gojek / CureIAM

  View on GitHub
  Clean accounts over permissions in GCP infra at scale
  ☆71May 9, 2023Updated 2 years ago
• RhinoSecurityLabs / IAMActionHunter

  View on GitHub
  An AWS IAM policy statement parser and query tool.
  ☆198Feb 10, 2026Updated 3 weeks ago
• tenable / access-undenied-aws

  View on GitHub
  Access Undenied parses AWS AccessDenied CloudTrail events, explains the reasons for them, and offers actionable remediation steps. Open-s…
  ☆267Jan 26, 2023Updated 3 years ago
• BishopFox / iam-vulnerable

  View on GitHub
  Use Terraform to create your own vulnerable by design AWS IAM privilege escalation playground.
  ☆550Sep 11, 2025Updated 5 months ago
• DataDog / threatest

  View on GitHub
  Threatest is a CLI and Go framework for end-to-end testing threat detection rules.
  ☆338Feb 13, 2026Updated 2 weeks ago
• DataDog / stratus-red-team

  View on GitHub
  Granular, Actionable Adversary Emulation for the Cloud
  ☆2,267Updated this week
• SygniaLabs / Mirage

  View on GitHub
  ☆75Mar 19, 2025Updated 11 months ago
• iknowjason / Awesome-CloudSec-Labs

  View on GitHub
  Awesome free cloud native security learning labs. Includes CTF, self-hosted workshops, guided vulnerability labs, and research labs.
  ☆1,881Oct 1, 2025Updated 5 months ago
• Permiso-io-tools / CloudGrappler

  View on GitHub
  CloudGrappler is a purpose-built tool designed for effortless querying of high-fidelity and single-event detections related to well-known…
  ☆266Nov 21, 2025Updated 3 months ago
• primeharbor / breaches.cloud

  View on GitHub
  https://breaches.cloud
  ☆42Oct 16, 2024Updated last year
• DataDog / managed-kubernetes-auditing-toolkit

  View on GitHub
  All-in-one auditing toolkit for identifying common security issues in managed Kubernetes environments. Currently supports Amazon EKS.
  ☆370Feb 13, 2026Updated 2 weeks ago
• BishopFox / cloudfox

  View on GitHub
  Automating situational awareness for cloud penetration tests.
  ☆2,299Updated this week
• wiz-sec-public / peach-framework

  View on GitHub
  PEACH - a step-by-step framework for modeling and improving SaaS and PaaS tenant isolation, by managing the attack surface exposed by use…
  ☆74Dec 14, 2022Updated 3 years ago
• PaloAltoNetworks / IAM-Deescalate

  View on GitHub
  IAM-Deescalate helps mitigate privilege escalation risk in AWS identity and access management (IAM)
  ☆98Sep 14, 2022Updated 3 years ago
• DataDog / workload-security-evaluator

  View on GitHub
  ## Auto-archived due to inactivity. ## Tooling to simulate runtime attacks and test default runtime detections from Datadog Cloud Securit…
  ☆37Oct 17, 2024Updated last year
• aquia-inc / scpkit

  View on GitHub
  SCP management tool
  ☆135Oct 23, 2023Updated 2 years ago
• ReversecLabs / IAMSpy

  View on GitHub
  ☆229Feb 24, 2026Updated last week
• fwdcloudsec / known_aws_accounts

  View on GitHub
  List of known AWS accounts
  ☆257Feb 6, 2026Updated 3 weeks ago
• PaloAltoNetworks / rbac-police

  View on GitHub
  Evaluate the RBAC permissions of Kubernetes identities through policies written in Rego
  ☆350Mar 21, 2025Updated 11 months ago
• invictus-ir / Invictus-AWS

  View on GitHub
  A tool for AWS incident response, that allows for enumeration, acquisition and analysis of data from AWS environments for the purpose of …
  ☆198Jan 6, 2026Updated last month
• aidansteele / awsaccountcreds

  View on GitHub
  ☆23Feb 20, 2023Updated 3 years ago
• unknownhad / CloudIntel

  View on GitHub
  This repo contains IOC, malware and malware analysis associated with Public cloud
  ☆249Nov 11, 2024Updated last year
• kmcquade / OWASP-YouTube-2021

  View on GitHub
  Deliberately vulnerable AWS resources for security assessment demos
  ☆32Aug 20, 2022Updated 3 years ago
• awslabs / aws-cloudsaga

  View on GitHub
  AWS CloudSaga - Simulate security events in AWS
  ☆473Updated this week
• ine-labs / AzureGoat

  View on GitHub
  AzureGoat : A Damn Vulnerable Azure Infrastructure
  ☆917Oct 30, 2024Updated last year
• RhinoSecurityLabs / cloudgoat

  View on GitHub
  CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool
  ☆3,487Feb 12, 2026Updated 2 weeks ago
• nccgroup / sadcloud

  View on GitHub
  A tool for standing up (and tearing down!) purposefully insecure cloud infrastructure
  ☆753Oct 14, 2023Updated 2 years ago
• ine-labs / AWSGoat

  View on GitHub
  AWSGoat : A Damn Vulnerable AWS Infrastructure
  ☆1,975May 20, 2025Updated 9 months ago
• secengjeff / awskillswitch

  View on GitHub
  Lambda function that streamlines containment of an AWS account compromise
  ☆344Dec 1, 2023Updated 2 years ago
• PankajMoolrajani / access-snipper

  View on GitHub
  Automated least-privilege enforcement for AWS IAM. Analyzes CloudTrail data to compute permission utilization metrics and generates polic…
  ☆13Jan 12, 2026Updated last month
• zmallen / cloudtrail2sightings

  View on GitHub
  Convert cloudtrail data to MITRE ATT&CK Sightings
  ☆82Jul 25, 2022Updated 3 years ago
• hac01 / gcp-iam-brute

  View on GitHub
  ☆51Jun 13, 2024Updated last year
• DataDog / KubeHound

  View on GitHub
  Tool for building Kubernetes attack paths
  ☆943Updated this week
• jatrost / awesome-kubernetes-threat-detection

  View on GitHub
  A curated list of resources about detecting threats and defending Kubernetes systems.
  ☆402Sep 2, 2023Updated 2 years ago
• XMCyber / XMGoat

  View on GitHub
  ☆176Apr 22, 2023Updated 2 years ago