darnellkeith/Awesome-CloudSec-Labs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Added PaaS Cloud Goat

Browse Source
This commit is contained in:
Jason Ostrom 2025-05-22 09:07:08 -07:00 committed by GitHub
parent e2ee3c9e69
commit 651fa2c95b
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
README.md
View File

@ -49,6 +49,7 @@ A list of free cloud native security learning labs. Includes CTF, self-hosted wo
| [CNAPPgoat](https://github.com/ermetic-research/cnappgoat) | AWS, Azure, GCP | Research Lab | [Ermetic Research](https://ermetic.com/blog/cloud/cnappgoat-multicloud-open-source-tool-for-deploying-vulnerable-by-design-cloud-resources/) | Using Pulumi, modularly provision vulnerable-by-design components in AWS, GCP, Azure|
| [CI/CD Goat](https://github.com/cider-security-research/cicd-goat) | CI/CD | CTF, local docker | [Palo Alto](https://www.paloaltonetworks.com/prisma/cloud/cloud-code-security) | Deliberately vulnerable CI/CD environment, hacking CI/CD pipelines with CTF. Host locally with docker.|
| [Github Actions Goat](https://github.com/step-security/github-actions-goat) | CI/CD | Self-hosted Github | [StepSecurity](https://www.stepsecurity.io/) | Deliberately vulnerable Github Actions CI/CD environment, hosted in your own Github account. Includes threat scenario descriptions mapped to vulnerabilities.|
| [PaaS Cloud Goat](https://github.com/Coalfire-Research/paas-cloud-goat) | PaaS | Deployed into your Salesforce account | [Coalfire Research](https://coalfire.com/) | A simulated vulnerable Salesforce application, hosted in your own SF account. Simulates a deployed custom application with security tests and documentation you can use to learn.
## AWS
@ -152,3 +153,7 @@ A list of free cloud native security learning labs. Includes CTF, self-hosted wo
[CI/CD Goat](https://github.com/cider-security-research/cicd-goat): Deliberately vulnerable CI/CD environment, hacking CI/CD pipelines with CTF. Host locally with docker.
[Github Actions Goat](https://github.com/step-security/github-actions-goat): Deliberately vulnerable Github Actions CI/CD environment, hosted in your own Github account. Includes threat scenario descriptions mapped to vulnerabilities.
## PaaS
[PaaS Cloud Goat](https://github.com/Coalfire-Research/paas-cloud-goat): A simulated vulnerable Salesforce application, hosted in your own SF account. Simulates a deployed custom application with security tests and documentation you can use to learn.