8 matches found
TerraformGoat - "Vulnerable By Design" Multi Cloud Deployment Tool
TerraformGoat is selefra research lab's "Vulnerable by Design" multi cloud deployment tool. Currently supported cloud vendors include Alibaba Cloud, Tencent Cloud, Huawei Cloud, Amazon Web Services, Google Cloud Platform, Microsoft Azure. Scenarios ID | Cloud Service Company | Types Of Cloud...
TerraGoat - Vulnerable Terraform Infrastructure
TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments. Introduction TerraGoat was built to enable DevSecOps design and implement a...
IAM Vulnerable - Use Terraform To Create Your Own Vulnerable By Design AWS IAM Privilege Escalation Playground
Use Terraform to create your own vulnerable by design AWS IAM privilege escalation playground. IAM Vulnerable uses the Terraform binary and your AWS credentials to deploy over 250 IAM resources into your selected AWS account. Within minutes, you can start learning how to identify and exploit...
Kubernetes-Goat - Is A "Vulnerable By Design" Kubernetes Cluster. Designed To Be An Intentionally Vulnerable Cluster Environment To Learn And Practice Kubernetes Security
The Kubernetes Goat is designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security. Refer tohttps://madhuakula.com/kubernetes-goat for the guide. Show us some Please feel free to send us a PR and show some Upcoming Training's and Sessions DEFCON DEMO...
Code injection
DISPUTED An issue was discovered in SageMath Sage Cell Server through 2019-10-05. Python Code Injection can occur in the context of an internet facing web application. Malicious actors can execute arbitrary commands on the underlying operating system, as demonstrated by an...
CVE-2019-17526
SageMath Sage Cell Server is affected by a Python code injection vulnerability (CVE-2019-17526) in internet-facing web applications, demonstrated by import ('os').popen('whoami').read(). The issue is described across multiple sources (NVD, Red Hat, CNVD, Veracode, CVE list, etc.) as allowing arbi...
PT-2019-15185 · Sagemath · Sagemath Sage Cell Server
Name of the Vulnerable Software and Affected Versions: SageMath Sage Cell Server versions prior to 2019-10-05 Description: An issue in SageMath Sage Cell Server allows Python Code Injection, enabling malicious actors to execute arbitrary commands on the underlying operating system. This can be...
CloudGoat: The ‘Vulnerable-by-Design’ AWS Environment
The post CloudGoat: The ‘Vulnerable-by-Design’ AWS Environment appeared first on Rhino Security Labs...