TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.
-
Updated
Jul 6, 2024 - HCL
TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.
TerraformGoat is HXSecurity research lab's "Vulnerable by Design" multi cloud deployment tool.
HazProne is a Cloud Pentesting Framework that emulates close to Real-World Scenarios by deploying Vulnerable-By-Demand AWS resources enabling you to pentest Vulnerabilities within, and hence, gain a better understanding of what could go wrong and why!!
(WIP) A terraform / kitchen-terraform hardening baseline for the cis-aws-foundations-baseline
Minimalist containerized implementation of Prowler from https://github.com/toniblyx/prowler, made to run within ECS Fargate and have Secrets passed via AWS Secrets Manager
Configure and deploy AWS Security Hub.
Create an IAM OIDC for AWS EKS and an IAM role to be used in the PODs
Configure and deploy Amazon Shield Advanced
Configure and deploy AWS GuardDuty.
AWS Config and Security Hub demo
AWS App Runner with WAF Web ACLs
Setting up Prowler to run in a set of containers on ECS and save to S3
AWS Service Catalog sandbox
Amazon Inspector vulnerability management
Exfiltration protection with Route 53 Resolver DNS Firewall
CloudFront with ELB and S3 origins + WAF
EC2 running Auto Scaling Groups with Application Load Balancer
SSH tunneling example with AWS
TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.
This is a "Vulnerable by Design" Terraform repository.
Add a description, image, and links to the aws-security topic page so that developers can more easily learn about it.
To associate your repository with the aws-security topic, visit your repo's landing page and select "manage topics."