Ask Your Question
0

Vulnerable openstack images for research and penetration testing

asked 2016-04-08 03:58:04 -0500

SyCode7 gravatar image

I was just wondering if there are already deliberate vulnerable Openstack images for penetration testing/training or research. Something in line with OWASP's DVWA e.t.c....there quite a lot out there for web applications especially. I am doing a research and will be very glad if someone already has something like that or possibly direct me to the right place. Many thanks !!

edit retag flag offensive close merge delete

1 answer

Sort by ยป oldest newest most voted
0

answered 2016-04-08 07:49:35 -0500

rl_person gravatar image

It wouldn't be in anyones interest to make available a known vulnerable image. In researching people tend to find unknown vulnerabilities in existing images, or unknown vulnerabilities in infrastructure or platforms.

I reckon your best bet is to either:

  • Build your own, sysprep/cloudinit it and upload to Glance
  • Look at the evidence in this domain and reach out to researchers for their images
edit flag offensive delete link more

Comments

@rl_person the idea of having vulnerable images isn't for destructive reasons, it could interest other people especially security practitioners, maybe some already has such images. Most major OS/applications have vulnerable versions for penetration testing/research. thanks anyway, could start mine.

SyCode7 gravatar imageSyCode7 ( 2016-04-09 07:14:44 -0500 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2016-04-08 03:58:04 -0500

Seen: 176 times

Last updated: Apr 08 '16