From 1b56d392049759a87e88eb7de7c5e1724b3e96f7 Mon Sep 17 00:00:00 2001 From: Jason Ostrom Date: Thu, 17 Aug 2023 11:49:54 -0700 Subject: [PATCH] Added Github Actions Goat --- README.md | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 49df577..bf78261 100644 --- a/README.md +++ b/README.md @@ -44,6 +44,7 @@ A list of free cloud native security learning labs. Includes CTF, self-hosted wo | [CNAPPgoat](https://github.com/ermetic-research/cnappgoat) | AWS, Azure, GCP | Research Lab | [Ermetic Research](https://ermetic.com/blog/cloud/cnappgoat-multicloud-open-source-tool-for-deploying-vulnerable-by-design-cloud-resources/) | Using Pulumi, modularly provision vulnerable-by-design components in AWS, GCP, Azure| | [CI/CD Goat](https://github.com/cider-security-research/cicd-goat) | CI/CD | CTF, local docker | [Palo Alto](https://www.paloaltonetworks.com/prisma/cloud/cloud-code-security) | Deliberately vulnerable CI/CD environment, hacking CI/CD pipelines with CTF. Host locally with docker.| + ## AWS [CloudFoxable](https://github.com/BishopFox/cloudfoxable): Create your own vulnerable by design AWS penetration testing playground. @@ -132,6 +133,11 @@ A list of free cloud native security learning labs. Includes CTF, self-hosted wo ## CI/CD -[CI/CD Goat](https://github.com/cider-security-research/cicd-goat): Deliberately vulnerable CI/CD environment, hacking CI/CD pipelines with CTF. Host locally with docker.| +[CI/CD Goat](https://github.com/cider-security-research/cicd-goat): Deliberately vulnerable CI/CD environment, hacking CI/CD pipelines with CTF. Host locally with docker. + +[Github Actions Goat](https://github.com/step-security/github-actions-goat): Deliberately vulnerable Github Actions CI/CD environment, hosted in your own Github account. Includes threat scenario descriptions mapped to vulnerabilities. + + +