Category: Arsenal Lab

Damn Vulnerable SCA Application

SCAGoat : Damn Vulnerable SCA Application

SCAGoat SCAGoat is an application for Software Composition Analysis (SCA) that focuses on vulnerable and compromised JAR dependencies used in development code, providing users with hands-on learning opportunities to understand potential attack scenarios. It...

Kubernetes Goat

kubernetes goat: “Vulnerable by Design” Kubernetes Cluster

Kubernetes Goat The Kubernetes Goat designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security. 🏁 Scenarios Sensitive keys in codebases DIND (docker-in-docker) exploitation SSRF in the Kubernetes (K8S) world Container...

CTFd

CTFd: Capture The Flag framework

What is CTFd? CTFd is a Capture The Flag framework focusing on ease of use and customizability. It comes with everything you need to run a CTF and it’s easy to customize with plugins...

CI/CD Goat

CI/CD Goat: deliberately vulnerable CI/CD environment

cicd-goat The CI/CD Goat project allows engineers and security practitioners to learn and practice CI/CD security through a set of 10 challenges, enacted against a real, full-blown CI/CD environment. The scenarios are of varying...

Kubernetes security

Kubernetes Goat: Learn Security Through Intentional Vulnerabilities

Kubernetes Goat Kubernetes Goat is an interactive Kubernetes security learning playground. It has intentionally vulnerable by design scenarios to showcase the common misconfigurations, real-world vulnerabilities, and security issues in Kubernetes clusters, containers, and cloud native...

vulnerable Azure cloud lab

AHHHZURE: creates a vulnerable Azure cloud lab

AHHHZURE AHHHZURE is an automated vulnerable Azure deployment script designed for offensive security practitioners and enthusiasts to brush up their cloud sec skills. The lab has 5 flags in total to collect. You may...