Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

With Testinfra you can write unit tests in Python to test actual state of your servers configured by management tools like Salt, Ansible, Puppet, Chef and so on.

Stars: ✭ 1,987 (+1061.99%)

Mutual labels: puppet

Salt Sandbox

A Vagrant-based Salt development environment for creating new modules

Stars: ✭ 122 (-28.65%)

Mutual labels: puppet

Onceover

Your gateway drug to automated infrastructure testing with Puppet

Stars: ✭ 132 (-22.81%)

Mutual labels: puppet

Puppet Retrospec

The only tool you need to generate puppet code, tests, modules, facts, types, providers, data and everything else.

Stars: ✭ 141 (-17.54%)

Mutual labels: puppet

Puppet Mcollective

MCollective Server and Client Puppet Module

Stars: ✭ 121 (-29.24%)

Mutual labels: puppet

Sensu Puppet

Sensu Puppet module.

Stars: ✭ 167 (-2.34%)

Mutual labels: puppet

Cis Puppet

Center for Internet Security Linux Benchmark implementation for PuppetLabs

Stars: ✭ 117 (-31.58%)

Mutual labels: puppet

Puppet Rbenv

Puppet manifest for rbenv installation

Stars: ✭ 138 (-19.3%)

Mutual labels: puppet

Puppet Rabbitmq

RabbitMQ Puppet Module

Stars: ✭ 170 (-0.58%)

Mutual labels: puppet

Foreman

an application that automates the lifecycle of servers

Stars: ✭ 2,102 (+1129.24%)

Mutual labels: puppet

Puppi

Puppet module to manage applications deployments and servers local management

Stars: ✭ 147 (-14.04%)

Mutual labels: puppet

View All Similar Projects ➔

Penetration Testing Playground

There are lots of interesting tools for testing the security of web applications. Unfortunately many of them are unknown to most developers and poorly packaged (I don't want a separate distro thanks). This project aims to bring together some familiar developer tools (like Vagrant and Puppet) with as many interesting security tools as I can find.

Once you have have tools you want somewhere safe to test them out. This project also contains a vulnerable web application running in a separate virtual machine which can be used as a test bed.

Usage

I'm assuming you already have Ruby and Vagrant installed. The we need to install the dependencies.

bundle install
bundle exec librarian-puppet install

This should fill your modules folder with puppet modules from the Puppet Forge. Next up we can start our virtual machines.

vagrant up

This should launch two machines, one called attacker and the other victim. Attacker gets lots of tools installed and victim gets a vulnerable web application setup.

If you want to test some of the tools out then you'll want to ssh into the attacker virtual machine:

vagrant ssh attacker

Many of the tools are not packages and these are simply installed into /opt. Just cd to the relevant directory and run the tools from there.

If you want to change anything on the victim virtual machine you can access that with:

vagrant ssh victim

If you only wanted the attacker (or victim) virtual machine then you can use either:

vagrant up attacker vagrant up victim

Tools installed

If you would like to add something else then please send a pull request or open an issue.

Disclaimer

These tools are designed to attack or find vulnerabilities in other applications. Testing for vulnerabilities is an important part of building a secure web application, but please don't use this set of tools to attack other peoples site. It's probably illegal and definitely not very polite.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].

Stars: ✭ 171

Visit Git Page 🔗Visit User Page 🔗Visit Issues Page (5) 🔗