Links

VulHub:#

Vulhub is an open-source collection of pre-built, ready-to-use vulnerable Docker environments.

• github.com/vulhub/vulhub

git clone https://github.com/vulhub/vulhub.git
cd vulhub/<target>
docker-compose up -d

bWAPP:#

bWAPP, or a buggy web application, is a free and open source deliberately insecure web application.

• github.com/h0pp/bWAPP

docker run -d -p 8000:80 h0pp/bWAPP

CTFd:#

CTFd is a Capture The Flag framework focusing on ease of use and customizability.

• github.com/CTFd/CTFd

git clone https://github.com/CTFd/CTFd.git
cd CTFd
docker-compose up -d

kCTF:#

kCTF is a Kubernetes-based infrastructure for CTF competitions.

• github.com/google/kctf

Root the box:#

Root the Box is a real-time capture the flag (CTF) scoring engine for computer wargames where hackers can practice and learn.

• github.com/moloch–/RootTheBox

git clone https://github.com/moloch--/RootTheBox
cd RootTheBox
docker-compose up -d

Kubernetes Goat:#

The Kubernetes Goat is designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security

• github.com/madhuakula/kubernetes-goat

git clone https://github.com/madhuakula/kubernetes-goat.git
cd kubernetes-goat
chmod +x setup-kubernetes-goat.sh
bash setup-kubernetes-goat.sh

CloudGoat:#

CloudGoat is Rhino Security Labs’ “Vulnerable by Design” cloud deployment tool.

• github.com/RhinoSecurityLabs/cloudgoat

git clone https://github.com/madhuakula/kubernetes-goat.git
cd kubernetes-goat
chmod +x setup-kubernetes-goat.sh
bash setup-kubernetes-goat.sh

TerraGoat:#

TerraGoat is Bridgecrew’s “Vulnerable by Design” Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.

• github.com/bridgecrewio/terragoat

git clone https://github.com/bridgecrewio/terragoat
cd terragoat/terraform/aws
terraform init && terraform apply