Fsl Test Bench

FSL Test bench - Ansible playbook repository to setup a save environment for security auditing and testing. It can be used for teaching security testing methodologies, testing tools, learning, and playing.
Alternatives To Fsl Test Bench
Project NameStarsDownloadsRepos Using ThisPackages Using ThisMost Recent CommitTotal ReleasesLatest ReleaseOpen IssuesLicenseLanguage
a year ago3mitShell
A tiny web auditor with strong opinions.
The Zoo80
a year ago47mitPython
🐒 A service registry for humans
Wp Theme Auditor54
3 years ago1October 14, 20194gpl-2.0JavaScript
Accessibility auditing tools for WordPress themes.
4 months ago3gpl-2.0C
network packet generator and capture tool
2 months ago14otherShell
Prevent leaks with gitleaks, and use tests to validate
Saltstack Infratest Module23
5 years ago1gpl-3.0Python
A Salt module using the testinfra python module for infrastructure compliance testing and auditing.
3 years agogpl-3.0Python
:hammer: :signal_strength: WiFi-Jammer/DoS toolset
3 years ago2apache-2.0Python
A tool for auditing medical devices and healthcare infrastructure
Splunk Ref Pas Test8
8 years agoPython
Splunk Reference App - Pluggable Auditing System (PAS) - Test Repo
4 years agobsd-2-clauseC
An implementation of Regression Test Suite for FreeBSD Audit Framework [GSoC-18]
Alternatives To Fsl Test Bench
Select To Compare

Alternative Project Comparisons

FSL Test bench

The FSL Test bench provides a save environment for security auditing and testing and can be used for teaching security testing methodologies. At the moment the focus lies on web applications. All application are running on top of a current Fedora installation with a ​Lighttpd web server and a ​MySQL server.

The FSL Test bench includes:

  • Vulnerable web applications (DVWA, bWAPP, SQLI Labs, MIRC and more)
  • PHP shells (PHP Shell, ​b374k and ​DNA Shell)
  • Low-interaction honeypots
  • ​Helper tools (Log viewer, CGIs, ​linfo and ​phpmyadmin)

All applications are directly accessible from a bootstrap-based website.

The FSL Test bench repository contains a subset of playbooks from the fedora-ansible git repository maintained by Fabian Affolter.

If you have just found Ansible or the Fedora Security Lab, you should start here:


The setup of Ansible is explained on the Ansible Getting Started page. Here is only the setup of the managed nodes and special details for the management system covered. For every system you want to manage, you need to have the client's SSH key in the authorized_keys file of the managed system and Python.


Make sure that Python is installed. If not, install the Python package on the managed node(s). If you have performed a minimal Fedora installation Python is available.

$ sudo dnf -y install python

The playbooks will use DNF as package management software instead of yum as soon as DNF is the default Package management tool in Fedora. But for now, everything is done with yum.

SSH key

Add the SSH key to the authorized_keys file. Assuming you are logged-in with SSH on your management system.

sudo ssh-copy-id -i /root/.ssh/id_rsa.pub [email protected][IP address of your managed note]


The file /etc/ansible/hosts shall contain all hosts to be setup up.

  • fsl-tb: Default group name for machine which uses the all-in-one playbook
  • fsl-tb-vpn: Default group name for machine which acts as VPN servers
  • fsl-tb-master: Hosts for FSL Test bench guests when using visualization
  • fsl_hosts: Hosts to install the Fedora Security Lab package set


After cloning this git repository, edit the variables/sensitive.yml file if you don't want to use password as default password.


The documentation is available at Read the Docs.


At the moment the structure of the repository looks like this:

├── all-in-one.yml -------- FSL Test bench on a single machine 
├── docs ------------------ Documentation
├── files ----------------- Template files
│   ├── cgi --------------- Source files for CGI
│   ├── kickstart --------- Kickstart files
│   └── web-interface ----- All files for the web interface
├── fsl-packages-sync.py -- Python script to sync with FSL package list
├── fsl-tb-detect.nse ----- nmap script for the Test bench detection
├── fsl.yml ---------------
├── handlers -------------- Handlers for services
├── INSTALL.md ------------ Installation guide
├── local-setup.yml -------
├── openvpn-server.yml ----
├── README.md ------------- This files
├── tasks ----------------- A collection of tasks (all playbooks)
│   ├── apps -------------- Vulnerable web applications
│   ├── cgi --------------- CGI
│   ├── db-servers -------- Database servers
│   ├── directory-servers - Directory Servers
│   ├── file-servers ------ File servers
│   ├── ftp-servers ------- FTP servers
│   ├── helpers ----------- Helper tools
│   ├── honeypots --------- Low-interaction honeypots
│   ├── mail-servers ------ Mail server
│   ├── misc-servers ------ Various servers
│   └── shells ------------ PHP shells
│   └── web-servers ------- Web servers
└── variables ------------- Storage files for variables


The file variables/sensitive.yml contains most application passwords. If you don't want to run with default password, edit this file according your needs and keep it save outside the repository.


All playbook content is assumed to be Creative Commons 3.0 Attribution licensed. Non-commercial or No-derivatives CC extensions are not acceptable, to encourage easy use by all users, regardless of purpose.

Popular Testing Projects
Popular Auditing Projects
Popular Software Quality Categories
Related Searches

Get A Weekly Email With Trending Projects For These Categories
No Spam. Unsubscribe easily at any time.