Skip to content



General Purpose

Tool Description
terragoat Vulnerable-by-design training tool for Terraform (blog)
wrongsecrets Vulnerable app with examples showing how to not use secrets

AWS Specific

Tool Description
Stratus Red team Stratus Red Team is "Atomic Red Team™" for the cloud, allowing to emulate offensive attack techniques in a granular and self-contained manner
aws-cloudsaga Test security controls and alerts within AWS environments, using generated alerts based on security events seen by the AWS Customer Incident Response Team (CIRT)
sadcloud Purposefully insecure AWS infrastructure with Terraform
cloudgoat Vulnerable by Design AWS deployment tool
cfngoat Vulnerable by Design Cloudformation repository
cdkgoat Vulnerable by Design AWS CDK repository
AWS Cyber Range Bootstrap framework for a complete offensive, defensive, reverse engineering, & security intelligence tooling in a private research lab using AWS
KaiMonkey Vulnerable infrastructure to help understand common cloud security threats exposed via infrastructure as code
iam-vulnerable An AWS IAM Privilege Escalation Playground
oidc-ssrf Evil OIDC server: the OpenID Configuration URL returns a 307 to cause SSRF
  • Create your own vulnerable by design AWS penetration testing playground
  • You can also refer to the companion blog post
AWSGoat A Damn Vulnerable AWS Infrastructure

GCP Specific

Tool Description
GCPGoat GCPGoat: A Damn Vulnerable GCP Infrastructure

Azure Specific

Tool Description
DefendTheFlag Lab to get started with testing out Microsoft's security products
PurpleCloud Multi-use Hybrid + Identity Cyber Range implementing a small Active Directory Domain in Azure alongside Azure AD and Azure Domain Services
Cloud-Katana Automate simulation steps on-demand in multi-cloud and hybrid cloud environments
  • Is an event-driven, serverless compute application built on the top of Azure Functions that expedites the research process and validation of security controls
  • SimuLand Lab environments that reproduce well-known techniques used in real attack scenarios, to test and verify effectiveness of related Microsoft 365 Defender, Azure Defender and Azure Sentinel detections


    My Approach

    Tool Description
    k8s-lab-plz A modular Kubernetes lab which provides an easy and streamlined way to deploy a test cluster with support for different components
    kube_security_lab Use kind to create a lab environment for testing Kubernetes exploits and security tools
    • Intentionally vulnerable cluster environment to learn and practice Kubernetes security
    • References: guide
    kind-of-insecure Deliberately insecure Kubernetes test clusters built using kind
    kubernetes-simulator Creates a Kubernetes cluster in an AWS account, runs scenarios which misconfigure it and/or leave it vulnerable to compromise
    gke-poc-toolkit Demo generator for GKE
    minik8s-ctf A beginner-friendly CTF about Kubernetes security
    kustomizegoat Vulnerable Kustomize Kubernetes templates for training and education
    The EKS Cluster Games A CTF to identify and learn about common Amazon EKS security issues


    Tool Description
    vulhub Pre-Built Vulnerable Environments Based on Docker-Compose


    Tool Description
    github-actions-goat Deliberately Vulnerable GitHub Actions CI/CD Environment


    Tool Description
    • Awesome free cloud native security learning labs. Includes CTF, self-hosted workshops, guided vulnerability labs, and research labs.