XM Goat is composed of XM Cyber terraform templates that help you learn about common Azure security issues.
Each template is a vulnerable environment, with some significant misconfigurations. Your job is to attack and compromise the environments.
Here’s what to do for each environment:
Run these commands:
$ az login
$ git clone https://github.com/XMCyber/XMGoat.git
$ cd XMGoat
$ cd scenarios
$ cd scenario_<\SCENARIO>
Where <\SCENARIO> is the scenario number you want to complete
$ terraform init
$ terraform plan -out <\FILENAME>
$ terraform apply <\FILENAME>
Where <\FILENAME> is the name of the output file
To get the initial user and service principal credentials, run the following query:
$ terraform output --json
For Service Principals, use application_id.value and application_secret.value.
For Users, use username.value and password.value.
After completing the scenario, run the following command in order to clean all the resources created in your tenant
$ az login
$ cd XMGoat
$ cd scenarios
$ cd scenario_<\SCENARIO>
Where <\SCENARIO> is the scenario number you want to complete
$ terraform destroy
This is open-source, but I also offer a SaaS solution that has check-if-email-exists packaged in a nice friendly web…
IPGeoLocation is a powerful tool designed to fetch detailed geolocation information for any given IP…
As of 1.0.0 Python 3.9+ is required. Python 2 is no longer supported. If you…
Recognize and manipulate faces from Python or from the command line with the world's simplest…
The purpose of PowerForensics is to provide an all inclusive framework for hard drive forensic…
GasMasK is a versatile open-source tool designed for extensive information gathering and OSINT (Open Source…