Skip to content
/ security-playground Public

This is a sample application which runs an HTTP web server and allows to read and write files and exec commands

License

Apache-2.0 license
14 stars 51 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

sysdiglabs/security-playground

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

17 Commits
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
Pipfile
Pipfile
 
 
Pipfile.lock
Pipfile.lock
 
 
README.md
README.md
 
 
app.py
app.py
 
 

Repository files navigation

Security Playground

last commit licence docker pulls

The security playground is a HTTP web server to simulate security breaches in run time.

Installation

Use the docker image to deploy it in your Kubernetes cluster or locally in a container.

$ docker run --rm -p 8080:8080 sysdiglabs/security-playground

Usage

The HTTP API exposes tree endpoints to interact with the system.

Reading a file

You can read a file using just the URL.

$ curl localhost:8080/etc/shadow

This will return the content of the /etc/shadow file.

Writing a file

You can write to a file using the URL and POSTing the content.

$ curl -X POST localhost:8080/bin/hello -d 'content=hello-world'

This will write to /bin/hello the hello-world string

Executing a command

You can execute a command using the /exec endpoint and POSTing the command.

$ curl -X POST /exec -d 'command=ls -la'

This will capture and return the STDOUT of the command executed.

About

This is a sample application which runs an HTTP web server and allows to read and write files and exec commands

Topics

kubernetes security-tools container-security

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

14 stars

Watchers

3 watching

Forks

51 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages