From 4e30722d3ce60c9a93479d340c7e073d52132615 Mon Sep 17 00:00:00 2001 From: Jason Ostrom Date: Thu, 17 Aug 2023 11:41:59 -0700 Subject: [PATCH] Added CI/CD Goat --- README.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/README.md b/README.md index 3128402..33f81ca 100644 --- a/README.md +++ b/README.md @@ -42,6 +42,7 @@ A list of free cloud native security learning labs. Includes CTF, self-hosted wo | [PurpleCloud](https://www.purplecloud.network) | Azure | Research Lab | [Jason Ostrom](https://twitter.com/securitypuck) | Using python and terraform, build your own Azure security lab| | [SimuLand](https://github.com/Azure/SimuLand) | Azure | Research Lab | [Roberto Rodriguez](https://twitter.com/Cyb3rWard0g) | Using Azure RM templates, create your own Azure security lab| | [CNAPPgoat](https://github.com/ermetic-research/cnappgoat) | AWS, Azure, GCP | Research Lab | [Ermetic Research](https://ermetic.com/blog/cloud/cnappgoat-multicloud-open-source-tool-for-deploying-vulnerable-by-design-cloud-resources/) | Using Pulumi, modularly provision vulnerable-by-design components in AWS, GCP, Azure| +| [CI/CD Goat](https://github.com/cider-security-research/cicd-goat) | CI/CD | CTF, hosted locally | [Palo Alto](https://www.paloaltonetworks.com/prisma/cloud/cloud-code-security) | Deliberately vulerable CI/CD environment, hacking CI/CD pipelines with CTF. Host locally with docker.| ## AWS @@ -129,3 +130,8 @@ A list of free cloud native security learning labs. Includes CTF, self-hosted wo [CNAPPgoat](https://github.com/ermetic-research/cnappgoat): Using Pulumi, modularly provision vulnerable-by-design components in AWS, GCP, Azure. The vulnerabilities are modular scenarios with no guided walkthrough existing yet. +## CI/CD + +[CI/CD Goat](https://github.com/cider-security-research/cicd-goat): Deliberately vulerable CI/CD environment, hacking CI/CD pipelines with CTF. Host locally with docker.| + +