Damn Vulnerable Serverless Application (DVSA) is a new open source tool from Protego: a company that provides security services for serverless applications.
The idea is to allow organizations and devs train in securing serverless environments, and provide security professionals a place to test their skills and tools. The testing application includes cloud resources, as well as a back-end with a variety of functions and front-end with authentication and email interaction with users. Within the environment, it allows practitioners to attempt attacks.
https://technical.ly/baltimore/2019/01/08/protego-has-a-new-open-source-tool-to-provide-serverless-security-training/