Kubernetes Goat

Free

The Kubernetes Goat is designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security. Setting up Kubernetes Goat: Ensure you have admin access to the Kubernetes cluster and installed kubectl. Ensure you have the helm package manager installed. To set up the Kubernetes Goat resources in your cluster, run the provided commands. Access Kubernetes Goat by exposing the resources to the local system (port-forward) and navigate to the specified URL. Refer to the guide for detailed setup instructions and scenarios to practice.

FEATURES

The author has not provided features for this tool yet. If you are the author, please sign in or claim the tool to add features by clicking the icon above.

ALTERNATIVES

SANS Institute

Leading provider of free cybersecurity training resources

Free

Resources

SQL Injection Labs

A project developed for pentesters to practice SQL Injection concepts in a controlled environment.

Free

Resources

0xf.at Hackits

Solve password-riddles on a website without logins or ads.

Free

Resources

Ramblings from Jessie: Setting the Record Straight: containers vs. Zones vs. Jails vs. VMs

A blog post discussing the differences between Solaris Zones, BSD Jails, VMs, and containers, with the author arguing that containers are not a real thing.

Free

Resources

Coursera Together: Free online learning during COVID-19

Coursera offers free online learning resources and courses during the COVID-19 pandemic.

Free

Resources

Hacksplaining

Comprehensive security training platform for web developers, offering hands-on experience with real, vulnerable applications and concrete advice for securing code.

Free

Resources

DIVA Android

An intentionally insecure Android app designed to teach developers and security professionals about common app vulnerabilities.

Free

Resources

ThisisLegal.com

Hacker wargames site with forums and tutorials, fostering a learning community.

Free

Resources

PINNED

InfoSecHired

An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.

Resources

Mandos Brief Newsletter

A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.

Resources

CTIChef.com Detection Feeds

A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.

Threat Management

ImmuniWeb® Discovery

ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.

Attack Surface Management

Checkmarx SCA

A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Application Security

Orca Security

A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

Cloud Security

DryRun

A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.

Application Security