Question 1

How do I set up CloudGoat for AWS?

Accepted Answer

Install Python 3.9+, Terraform, AWS CLI, and jq, then run 'pipx install cloudgoat' and configure with 'cloudgoat config aws'. The README provides step-by-step commands for Linux and MacOS, including dependency installation via apt or brew.

Question 2

CloudGoat vs. PentesterLab cloud modules: which is better for hands-on training?

Accepted Answer

CloudGoat offers more realistic, self-managed cloud environments with multi-step attacks, ideal for those with cloud access. PentesterLab provides browser-based, guided labs with no setup, better for structured learning. CloudGoat is deeper but requires more initial effort.

Question 3

How to destroy all scenarios in CloudGoat?

Accepted Answer

Use the command 'cloudgoat destroy all' to shut down and delete all active scenarios, moving their folders to ./trash. Remember to manually delete any resources you created during scenarios first, as CloudGoat only manages its own resources.

Question 4

Does CloudGoat work with Azure free tier?

Accepted Answer

It might, but scenarios deploy various resources that could exceed free tier limits, leading to potential costs. Always check Azure's policies and monitor usage, as some resources like VMs or storage may not be fully covered by the free tier.

Question 5

What are the prerequisites for running CloudGoat?

Accepted Answer

You need Linux or MacOS, Python 3.9+, Terraform >=1.5.0, AWS CLI, Azure CLI, and jq installed. The README lists these requirements and provides installation commands, with warnings about Windows not being officially supported.

Question 6

Can I use CloudGoat for red team exercises?

Accepted Answer

Yes, its realistic scenarios and focus on evasion (e.g., in 'detection_evasion') make it suitable for red team training. However, deploy only in isolated accounts to avoid security risks, and never use it in production environments as per the warnings.

Question 7

How to contribute a new scenario to CloudGoat?

Accepted Answer

Copy the scenario template from the repository, modify it with your scenario details, test it thoroughly, and submit a pull request. The README includes contribution guidelines, coding standards, and steps for ensuring whitelisting and security in new scenarios.

CloudGoat

What is CloudGoat?

Overview

Use Cases

Best For

Found a gem we're missing?

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions