Labs

Cloud

General Purpose

Tool	Description
terragoat	Vulnerable-by-design training tool for Terraform (blog)

AWS Specific

Tool	Description
sadcloud	Purposefully insecure AWS infrastructure with Terraform
cfngoat	Vulnerable by Design Cloudformation repository
cdkgoat	Vulnerable by Design AWS CDK repository
AWS Cyber Range	Bootstrap framework for a complete offensive, defensive, reverse engineering, & security intelligence tooling in a private research lab using AWS
KaiMonkey	Vulnerable infrastructure to help understand common cloud security threats exposed via infrastructure as code

Azure Specific

Tool	Description
DefendTheFlag	Lab to get started with testing out Microsoft's security products
PurpleCloud	Multi-use Hybrid + Identity Cyber Range implementing a small Active Directory Domain in Azure alongside Azure AD and Azure Domain Services

K8S

Tip

• Multiple deployment options for a Kubernetes lab: Deploy Your Own Kubernetes Lab
• My personal approach to deploy my own Kubernetes Lab on baremetal: Kubernetes Lab on Baremetal

Tool	Description
kube_security_lab	Use kind to create a lab environment for testing Kubernetes exploits and security tools
kubernetes-goat	Intentionally vulnerable cluster environment to learn and practice Kubernetes security References: guide, katacoda
kind-of-insecure	Deliberately insecure Kubernetes test clusters built using kind
kubernetes-simulator	Creates a Kubernetes cluster in an AWS account, runs scenarios which misconfigure it and/or leave it vulnerable to compromise