This repository contains intentionally insecure manifest files with vulnerable third-party packages, designed exclusively for security testing purposes.
- This repository is not intended for any unauthorized activities!
- Utilizing any content from this repository for hacking or any other malicious activities is strictly prohibited!
- Using the packages or manifests from this repository may compromise your system’s security. Please ensure you do not cause any harm.
Choose a branch and scan it.
- all-round: A showcase for Container Security. Use this branch to get results from various scanners like SCA, SAST, IoC, and more. It includes WebGoat as well.
- malicious-packages: Contains malicious packages. Use this branch to understand how malicious packages appear in Container Security engine results.
- complex-test: Provides extensive results and includes various types of files to be scanned (Helm chart, YAML, YML, Dockerfile).
- simple-test: Basic sanity test for Container Security.