{"id":13625771,"url":"https://github.com/ine-labs/AWSGoat","last_synced_at":"2025-04-16T10:33:19.578Z","repository":{"id":45288226,"uuid":"513468803","full_name":"ine-labs/AWSGoat","owner":"ine-labs","description":"AWSGoat : A Damn Vulnerable AWS Infrastructure","archived":false,"fork":false,"pushed_at":"2025-02-04T12:28:39.000Z","size":34239,"stargazers_count":1829,"open_issues_count":5,"forks_count":1252,"subscribers_count":35,"default_branch":"master","last_synced_at":"2025-04-10T20:54:37.426Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ine-labs.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-07-13T09:59:20.000Z","updated_at":"2025-04-10T05:24:11.000Z","dependencies_parsed_at":"2025-03-13T13:11:49.142Z","dependency_job_id":null,"html_url":"https://github.com/ine-labs/AWSGoat","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ine-labs%2FAWSGoat","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ine-labs%2FAWSGoat/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ine-labs%2FAWSGoat/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ine-labs%2FAWSGoat/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ine-labs","download_url":"https://codeload.github.com/ine-labs/AWSGoat/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":249228273,"owners_count":21233852,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-01T21:02:01.430Z","updated_at":"2025-04-16T10:33:19.572Z","avatar_url":"https://github.com/ine-labs.png","language":"PHP","readme":"# AWSGoat : A Damn Vulnerable AWS Infrastructure\n\n![1](https://user-images.githubusercontent.com/65826354/179526664-cb123612-7f9a-41fe-bab2-eb6b3b2518d7.png)\n\nCompromising an organization's cloud infrastructure is like sitting on a gold mine for attackers. And sometimes, a simple misconfiguration or a vulnerability in web applications, is all an attacker needs to compromise the entire infrastructure. Since the cloud is relatively new, many developers are not fully aware of the threatscape and they end up deploying a vulnerable cloud infrastructure.\n\nAWSGoat is a vulnerable by design infrastructure on AWS featuring the latest released OWASP Top 10 web application security risks (2021) and other misconfiguration based on services such as IAM, S3, API Gateway, Lambda, EC2, and ECS. AWSGoat mimics real-world infrastructure but with added vulnerabilities. It features multiple escalation paths and is focused on a black-box approach.\n\nAWSGoat uses IaC (Terraform) to deploy the vulnerable cloud infrastructure on the user's AWS account. This gives the user complete control over code, infrastructure, and environment. Using AWSGoat, the user can learn/practice:\n- Cloud Pentesting/Red-teaming\n- Auditing IaC\n- Secure Coding\n- Detection and mitigation\n\n\nThe project will be divided into modules and each module will be a separate web application, powered by varied tech stacks and development practices. It will leverage IaC through terraform and GitHub actions to ease the deployment process.\n\n**Presented at**\n\n- [OWASP Singapore Chapter](https://owasp.org/www-chapter-singapore/)\n- [BlackHat USA 2022](https://www.blackhat.com/us-22/arsenal/schedule/index.html#awsgoat--a-damn-vulnerable-aws-infrastructure-27999)\n- [DC 30: Demo Labs](https://forum.defcon.org/node/242059)\n- [Rootcon 16](https://rootcon.org/)\n- [BlackHat ASIA 2023](https://www.blackhat.com/asia-23/arsenal/schedule/#awsgoat--a-damn-vulnerable-aws-infrastructure-31311)\n\n### Developed with :heart: by [INE](https://ine.com/) \n\n[\u003cimg src=\"https://user-images.githubusercontent.com/25884689/184508144-f0196d79-5843-4ea6-ad39-0c14cd0da54c.png\" alt=\"drawing\" width=\"200\"/\u003e](https://discord.gg/TG7bpETgbg)\n\n## Built With\n\n* AWS\n* React\n* Python 3\n* Terraform\n* PHP \n* Docker \n\n## Vulnerabilities\n\nThe project is scheduled to encompass all significant vulnerabilities including the OWASP TOP 10 2021, and popular cloud misconfigurations.\nCurrently, the project  contains the following vulnerabilities/misconfigurations.\n\n* XSS\n* SQL Injection\n* Insecure Direct Object Reference\n* Server Side Request Forgery on Lambda Environment\n* Sensitive Data Exposure and Password Reset\n* S3 Misconfigurations\n* IAM Privilege Escalations\n* ECS Container Breakout\n\n\n# Getting Started\n\n### Prerequisites\n* An AWS Account\n* AWS Access Key with Administrative Privileges\n* OR use the IAM policy in the [policy.json](policy/policy.json) file for the minimum permissions required for an AWS Access Key.\n\n\n### Installation\n\nTo ease the deployment process the user just needs to fork this repo, add their AWS Account Credentials to GitHub secrets, and run the Terraform Apply Action. This workflow will deploy the whole infrastructure and output the hosted application's URL. \n\nHere are the steps to follow:\n\n**Step 1.** Fork the repo\n\n**Step 2.** Set the GitHub Action Secrets:\n\n```\nAWS_ACCESS_KEY\nAWS_SECRET_ACCESS_KEY\n```\n\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"https://user-images.githubusercontent.com/65826354/184551000-29f59b56-cbcc-4daf-9dad-a40e35bd6e02.png\"\u003e\n\u003c/p\u003e\n\n**Step 3.** From the repository actions tab, select the module to deploy and run the ``Terraform Apply`` Workflow.\n\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"https://user-images.githubusercontent.com/65826354/194799524-a814fba3-2936-47a3-bb11-9d65f65bbf60.png\"\u003e\n\u003c/p\u003e\n\n**Step 4.** Find the application URL in the Terraform output section.\n\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"https://user-images.githubusercontent.com/65826354/184553744-c1ba94a1-0d67-4a86-b97d-ee7afe6c65fe.png\"\u003e\n\u003c/p\u003e\n\n\n### Manual Installation\n\nManually installing AWSGoat would require you to follow these steps:\n\n(Note: This requires a Linux Machine, with the /bin/bash shell available)\n\n**Step 1.** Clone the repo\n```sh\ngit clone https://github.com/ine-labs/AWSGoat\n```\n\n**Step 2.** Configure AWS User Account Credentials\n```sh\naws configure\n```\n\n**Step 3.** Traverse into the respective modules' directory and use terraform to deploy AWSGoat\n```sh\ncd modules/module-\u003cNumber\u003e\nterraform init\nterraform apply --auto-approve\n```\n\n# Modules\n\n## Module 1\n\nThe first module features a serverless blog application utilizing AWS Lambda, S3, API Gateway, and DynamoDB. It consists of various web application vulnerabilities and facilitates exploitation of misconfigured AWS resources.\n\nEscalation Path:\n\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"https://user-images.githubusercontent.com/65826354/179526761-7f473e3d-f71c-429d-bf49-16958c5cb7a6.png\"\u003e\n\u003c/p\u003e\n\n\n## Module 2\n\nThe second module features an internal HR Payroll application, utilizing the AWS ECS infrastructure. It consists of various web application vulnerabilities and facilitates exploitation of misconfigured AWS resources.\n\nEscalation Path:\n\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"https://user-images.githubusercontent.com/65826354/194799899-2968e04a-c324-4c3a-bdf2-b33f86fc0e05.png\"\u003e\n\u003c/p\u003e\n\n\n**Recommended Browser:** Google Chrome\n\n# Pricing\n\nThe resources created with the deployment of AWSGoat will not incur any charges if the AWS account is under the free tier/trial period. However, upon exhaustion/ineligibility of the free tier/trial, the following charges will apply for the US-East region: \n\nModule 1: **$0.0125/hour**\n\nModule 2: **$0.0505/hour**\n\n# Contributors\n\nJeswin Mathai, Chief Architect, Lab Platform, INE  \u003cjmathai@ine.com\u003e\n\nNishant Sharma, Director, Lab Platform, INE \u003cnsharma@ine.com\u003e\n\nSanjeev Mahunta, Software Engineer (Cloud), INE \u003csmahunta@ine.com\u003e\n\nShantanu Kale, Cloud Developer, INE  \u003cskale@ine.com\u003e\n\nGovind Krishna Lal Balaji, Cloud Developer, INE \u003clkris@ine.com\u003e \n\nLitesh Ghute, Software Engineer, INE \u003clghute@ine.com\u003e \n\n# Solutions\n\nThe offensive manuals are available in the [attack-manuals](attack-manuals/) directory, and the defensive manuals are available in the [defence-manuals](defence-manuals/) directory. \n\nModule 1 Exploitation Videos: \u003chttps://www.youtube.com/playlist?list=PLcIpBb4raSZEMosUmY8KpxPWtjKRMSmNx\u003e\n\n\n[![11](https://user-images.githubusercontent.com/65826354/194854747-26a95cb7-7f8a-4d52-8a36-1ede79a62126.gif)](https://www.youtube.com/playlist?list=PLcIpBb4raSZEMosUmY8KpxPWtjKRMSmNx)\n\n\n\n# Documentation\n\nFor more details refer to the \"AWSGoat.pdf\" PDF file. This file contains the slide deck used for presentations.\n\n# Screenshots\n\nModule 1:\n\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"https://user-images.githubusercontent.com/65826354/179526784-2a1d7023-5c6f-4cfb-97b7-74b572b12829.png\"\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"https://user-images.githubusercontent.com/65826354/179526796-fa4fa422-ffb5-4ff4-a2eb-1468e9c81fd6.png\"\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"https://user-images.githubusercontent.com/65826354/179526801-6eb85d63-b7df-4fac-98f6-8afb834d2f49.png\"\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"https://user-images.githubusercontent.com/65826354/179526804-78f87773-965d-4eee-a5bf-fb1c1d448234.png\"\u003e\n\u003c/p\u003e\n\n\nModule 2:\n\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"https://user-images.githubusercontent.com/65826354/194800860-e7eaa174-0948-4d35-b185-0325ed7ddcf7.png\"\u003e\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"https://user-images.githubusercontent.com/65826354/194801060-8ab1ba55-b97c-4cea-817d-0c517a1924b3.png\"\u003e\n\u003c/p\u003e\n\n\n## Contribution Guidelines\n\n* Contributions in the form of code improvements, module updates, feature improvements, and any general suggestions are welcome. \n* Improvements to the functionalities of the current modules are also welcome. \n* The source code for each module can be found in ``modules/module-\u003cNumber\u003e/src`` this can be used to modify the existing application code.\n\n# License\n\nThis program is free software: you can redistribute it and/or modify it under the terms of the MIT License.\n\nYou should have received a copy of the MIT License along with this program. If not, see https://opensource.org/licenses/MIT.\n\n# Sister Projects\n\n- [AzureGoat](https://github.com/ine-labs/AzureGoat)\n- [GCPGoat](https://github.com/ine-labs/GCPGoat)\n- [PA Toolkit (Pentester Academy Wireshark Toolkit)](https://github.com/pentesteracademy/patoolkit)\n- [ReconPal: Leveraging NLP for Infosec](https://github.com/pentesteracademy/reconpal) \n- [VoIPShark: Open Source VoIP Analysis Platform](https://github.com/pentesteracademy/voipshark)\n- [BLEMystique](https://github.com/pentesteracademy/blemystique)\n","funding_links":[],"categories":["Penetration testing/learning","Sorted by Technology and Category","Cloud Security","目录","Intentionally Vulnerable Challenges","PHP","others","0x03 靶场 :dart:","Online Platforms"],"sub_categories":["无服务器的 Serverless","云服务靶场"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fine-labs%2FAWSGoat","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fine-labs%2FAWSGoat","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fine-labs%2FAWSGoat/lists"}