Tag Archives: Infrastructure

Admin-Panel_Finder : A Burp Suite Extension That Enumerates Infrastructure And Application Admin Interfaces

Admin-Panel_Finder is a burp suite extension that enumerates infrastructure and application Admin Interfaces. OWASP References: Classification: Web Application Security Testing > 02-Configuration and Deployment Management Testing OTG v4: OWASP OTG-CONFIG-005 WSTG: WSTG-CONF-05 Why should I use this extension? Multi-thread Different and configurable levels of test. Includable status codes Excludable status codes More than 1000 built-in payloads. …

Continue reading “Admin-Panel_Finder : A Burp Suite Extension That Enumerates Infrastructure And Application Admin Interfaces”

TerraGoat : Vulnerable Terraform Infrastructure

TerraGoat is Bridgecrew’s “Vulnerable by Design” Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments. Introduction TerraGoat was built to enable DevSecOps design and implement a sustainable misconfiguration prevention strategy. It can be used to test a policy-as-code framework like Bridgecrew & Checkov, inline-linters, …

Continue reading “TerraGoat : Vulnerable Terraform Infrastructure”