Labs
Cloud
Tool | Description |
AWS Account Controller | - Account controller solution, which creates an AWS SSO application for federated users to create or delete ephemeral / sandbox accounts
|
terragoat | - Vulnerable-by-design training tool for Terraform (blog)
|
sadcloud | - Purposefully insecure AWS infrastructure with Terraform
|
AWS Cyber Range | - Bootstrap framework for a complete offensive, defensive, reverse engineering, & security intelligence tooling in a private research lab using AWS
|
DefendTheFlag | - Lab to get started with testing out Microsoft's security products
|
terragoat | - Vulnerable by Design Terraform repository
|
cfngoat | - Vulnerable by Design Cloudformation repository
|
cdkgoat | - Vulnerable by Design AWS CDK repository
|
KaiMonkey | - Vulnerable infrastructure to help understand common cloud security threats exposed via infrastructure as code
|
K8S
Tool | Description |
kube_security_lab | - Use kind to create a lab environment for testing Kubernetes exploits and security tools
|
kubernetes-goat | - Intentionally vulnerable cluster environment to learn and practice Kubernetes security
- References: guide, katacoda
|
kind-of-insecure | - Deliberately insecure Kubernetes test clusters built using kind
|