Ask Your Question

Vulnerable openstack images for research and penetration testing

asked 2016-04-08 03:58:04 -0500

SyCode7 gravatar image

I was just wondering if there are already deliberate vulnerable Openstack images for penetration testing/training or research. Something in line with OWASP's DVWA e.t.c....there quite a lot out there for web applications especially. I am doing a research and will be very glad if someone already has something like that or possibly direct me to the right place. Many thanks !!

edit retag flag offensive close merge delete

1 answer

Sort by ยป oldest newest most voted

answered 2016-04-08 07:49:35 -0500

rl_person gravatar image

It wouldn't be in anyones interest to make available a known vulnerable image. In researching people tend to find unknown vulnerabilities in existing images, or unknown vulnerabilities in infrastructure or platforms.

I reckon your best bet is to either:

  • Build your own, sysprep/cloudinit it and upload to Glance
  • Look at the evidence in this domain and reach out to researchers for their images
edit flag offensive delete link more


@rl_person the idea of having vulnerable images isn't for destructive reasons, it could interest other people especially security practitioners, maybe some already has such images. Most major OS/applications have vulnerable versions for penetration testing/research. thanks anyway, could start mine.

SyCode7 gravatar imageSyCode7 ( 2016-04-09 07:14:44 -0500 )edit

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower


Asked: 2016-04-08 03:58:04 -0500

Seen: 369 times

Last updated: Apr 08 '16