Pentest in the clouds

A

Alan4

Honorable Member
Member
Joined
Threads
9
Posts
54
Clouds are a great tool to create a convenient infrastructure for applications and services. Companies and independent developers move their projects to AWS or Azure, often without thinking about security. But in vain.

I will share with you some resources (known vulnerable laboratories) that will help pentesters, specialists or enthusiasts, gain practical experience in searching for vulnerabilities in cloud applications deployed on Google Cloud, AWS or Azure. Resources contain practical and theoretical material:

• FLAWS; (
You do not have permission to view the link please Log in or Register
)
• FLAWS2; (
You do not have permission to view the link please Log in or Register
)
(
You do not have permission to view the link please Log in or Register
)
• (
You do not have permission to view the link please Log in or Register
(
You do not have permission to view the link please Log in or Register
)
• Sadcloud; (
You do not have permission to view the link please Log in or Register
)
(
You do not have permission to view the link please Log in or Register
)
• (
You do not have permission to view the link please Log in or Register
Goat;
(
You do not have permission to view the link please Log in or Register
) • (
You do not have permission to view the link please Log in or Register
(
You do not have permission to view the link please Log in or Register
)
• caponeme; (
You do not have permission to view the link please Log in or Register
)
• CloudGoat; (
You do not have permission to view the link please Log in or Register
)
• Thunder CTF; (
You do not have permission to view the link please Log in or Register
)
• CloudFoxable; (
You do not have permission to view the link please Log in or Register
)
• IAM Vulnerable; (
You do not have permission to view the link please Log in or Register
)
• AWS Detonation Lab; (
You do not have permission to view the link please Log in or Register
)
• OWASP WrongSecrets; (
You do not have permission to view the link please Log in or Register
)
• OWASP ServerlessGoat; (
You do not have permission to view the link please Log in or Register
)
• AWS S3 CTF Challenges; (
You do not have permission to view the link please Log in or Register
)
• (
You do not have permission to view the link please Log in or Register
Big IAM Challenge by Wiz; (
You do not have permission to view the link please Log in or Register
)
• AWS Well Architected Security Labs; (
You do not have permission to view the link please Log in or Register
)
• Damn Vulnerable Cloud Application; (
You do not have permission to view the link please Log in or Register
)
• CdkGoat - Vulnerable AWS CDK Infrastructure; (
You do not have permission to view the link please Log in or Register
)
• Cfngoat - Vulnerable Cloudformation Template; (
You do not have permission to view the link please Log in or Register
)
• TerraGoat - Vulnerable Terraform Infrastructure; (
You do not have permission to view the link please Log in or Register
)
• AWSGoat - A Damn Vulnerable AWS Infrastructure;
(
You do not have permission to view the link please Log in or Register
)
• AzureGoat - A Damn Vulnerable Azure Infrastructure; (
You do not have permission to view the link please Log in or Register
)
• Breaking and Pwning Apps and Servers on AWS and Azure. (
You do not have permission to view the link please Log in or Register
 
Last edited by a moderator:
  • A
    Created
  • A
    Last reply
  • 0
    Replies
  • 580
    Views
  • 1
    Participants
  • Participants list
You must log in or register to reply here.

Similar threads

R
WICH VPN IS THE best
Replies
1
Views
611
F
The Lounge
fr3ddy
KOBRA1488
In search of Canadian Data
Replies
0
Views
367
KOBRA1488
The Lounge
KOBRA1488
Hack guru
New to the forum
Replies
1
Views
765
S
The Lounge
Scotlands
N
In search of a guru
Replies
1
Views
545
R
The Lounge
RobOnTop1
rzyddogazu2
What is the best VPN?
Replies
4
Views
1K
VictoryWayBeat
The Lounge
VictoryWayBeat
Top
Back