{"id":18551927,"url":"https://github.com/bepb/hackingkubernetes","last_synced_at":"2026-01-23T20:39:36.930Z","repository":{"id":256162574,"uuid":"854440353","full_name":"BEPb/HackingKubernetes","owner":"BEPb","description":"Hacking Kubernetes","archived":false,"fork":false,"pushed_at":"2024-09-16T06:46:37.000Z","size":5813,"stargazers_count":28,"open_issues_count":2,"forks_count":3,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-02-17T10:48:58.449Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/BEPb.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-09-09T07:13:37.000Z","updated_at":"2025-02-03T17:50:36.000Z","dependencies_parsed_at":"2024-09-16T08:06:08.822Z","dependency_job_id":null,"html_url":"https://github.com/BEPb/HackingKubernetes","commit_stats":null,"previous_names":["bepb/hackingkubernetes"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/BEPb/HackingKubernetes","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BEPb%2FHackingKubernetes","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BEPb%2FHackingKubernetes/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BEPb%2FHackingKubernetes/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BEPb%2FHackingKubernetes/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/BEPb","download_url":"https://codeload.github.com/BEPb/HackingKubernetes/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/BEPb%2FHackingKubernetes/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28699688,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-23T17:25:48.045Z","status":"ssl_error","status_checked_at":"2026-01-23T17:25:47.153Z","response_time":59,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-06T21:11:08.896Z","updated_at":"2026-01-23T20:39:36.895Z","avatar_url":"https://github.com/BEPb.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cp\u003e\n  \u003cimg  src=\"https://img.shields.io/github/stars/BEPb/HackingKubernetes\" /\u003e\n  \u003cimg src=\"https://img.shields.io/github/contributors/BEPb/HackingKubernetes\" /\u003e\n  \u003cimg src=\"https://img.shields.io/github/last-commit/BEPb/HackingKubernetes\" /\u003e\n  \u003cimg src=\"https://visitor-badge.laobi.icu/badge?page_id=BEPb.HackingKubernetes\" /\u003e\n  \u003cimg src=\"https://img.shields.io/github/languages/count/BEPb/HackingKubernetes\" /\u003e\n  \u003cimg src=\"https://img.shields.io/github/languages/top/BEPb/HackingKubernetes\" /\u003e\n  \u003cimg src=\"https://img.shields.io/badge/license-MIT-blue.svg?color=f64152\" /\u003e\n  \u003cimg  src=\"https://img.shields.io/github/issues/BEPb/HackingKubernetes\" /\u003e\n  \u003cimg  src=\"https://img.shields.io/github/issues-pr/BEPb/HackingKubernetes\" /\u003e\n\u003c/p\u003e\n\u003cdiv align=\"center\"\u003e\n\n\u003cimg src=\"./art/HackingKubernetes.png\" alt=\"logo\" width=\"300\" height=\"156.5\"\u003e\n\n# HackingKubernetes \n\u003c/div\u003e\n\nHackingKubernetes - is a valuable resource and a leading container management system in development pipelines across \nthe world, but it’s not exempt from malicious attacks. Using Kubernetes requires a deep understanding of Kubernetes’ \nenvironment—including the different vulnerabilities you can be exposed to while creating, deploying, or running \napplications in your clusters.\n\nSince your Kubernetes cluster is likely one of your most valuable cloud resources, it needs to be protected. \nKubernetes’ security addresses the safety of your cloud, application clusters, containers, apps and code. Although \nKubernetes provides inherent security advantages, bolstering your defensive tactics is crucial to protecting your \nsystem against hackers and other cybersecurity threats.    \n\n## Intro\n- [OWASP Kubernetes Top Ten](https://owasp.org/www-project-kubernetes-top-ten/)\n- [Kubernetes adoption, security, and market trends report](https://www.redhat.com/en/resources/kubernetes-adoption-security-market-trends-overview)\n\n\n### Official documentation kubernetes\n- [Kubernetes Documentation](https://kubernetes.io/docs/home/)\n- [Github repo kubernetes](https://github.com/kubernetes/kubernetes/)\n- [11 Ways (Not) to Get Hacked](https://kubernetes.io/blog/2018/07/18/11-ways-not-to-get-hacked/)\n- [Security kubernetes](https://kubernetes.io/docs/concepts/security/)\n- [Docker Engine security](https://docs.docker.com/engine/security/)\n- \n\n### Security resources\n- [Container Security Site](https://www.container-security.site/)\n- [KubeCon + CloudNativeCon Europe 2024](https://www.youtube.com/playlist?list=PLj6h78yzYM2N8nw1YcqqKveySH6_0VnI0)\n- [Cloud native computing foundation](https://www.cncf.io/)\n\n### Intro from TryHackMe (free)\n- [Intro to IaC](https://tryhackme.com/r/room/introtoiac)\n- [Intro to IaC with answers](https://github.com/BEPb/tryhackme/blob/master/01.easy/Intro%20to%20IaC.md)\n- [Microservices Architectures](https://tryhackme.com/r/room/microservicearchitectures)\n- [Microservices Architectures with answers](https://github.com/BEPb/tryhackme/blob/master/01.easy/Microservices%20Architectures.md)\n- [Kubernetes for Everyone](https://tryhackme.com/r/room/kubernetesforyouly)\n- [Kubernetes for Everyone with answers](https://github.com/BEPb/tryhackme/blob/master/02.Medium/Kubernetes%20for%20Everyone.md)\n- [K8s Best Security Practices](https://tryhackme.com/r/room/k8sbestsecuritypractices)\n- [K8s Best Security Practices with answers](https://github.com/BEPb/tryhackme/blob/master/02.Medium/K8s%20Best%20Security%20Practices.md)\n- [Cluster Hardening](https://tryhackme.com/r/room/clusterhardening)\n- [Cluster Hardening with answers](https://github.com/BEPb/tryhackme/blob/master/02.Medium/Cluster%20Hardening.md)\n- [Frank \u0026 Herby make an app](https://tryhackme.com/r/room/frankandherby)\n- [Frank \u0026 Herby make an app with answers](https://github.com/BEPb/tryhackme/blob/master/02.Medium/Frank%20%26%20Herby%20make%20an%20app.md)\n\n### Intro from vmware\n- [What is Kubernetes?](https://www.vmware.com/topics/kubernetes)\n- [What is DevSecOps?](https://tanzu.vmware.com/devsecops)\n- [What is Kubernetes Architecture?](https://www.vmware.com/topics/kubernetes-architecture)\n- [What are Kubernetes Services?](https://www.vmware.com/topics/kubernetes-services)\n- [What is Kubernetes Security?](https://www.vmware.com/topics/kubernetes-security)\n- [What is Kubernetes Networking?](https://www.vmware.com/topics/kubernetes-networking)\n- [What are Kubernetes Clusters vs. Nodes vs. Pods vs. Containers vs. Containerized Applications?](https://www.vmware.com/topics/components-kubernetes)\n- [What are Kubernetes Pods?](https://www.vmware.com/topics/kubernetes-pods)\n\n### Intro fromm yarsalabs\n- [A Deep Dive Into Kubernetes Pods](https://blog.yarsalabs.com/a-deep-dive-into-kubernetes-pods/)\n- [Installing the Components required for a Kubernetes Cluster](https://blog.yarsalabs.com/kubernetes-cluster-from-scratch-part1/)\n- [TLS Certificates Management for a Kubernetes Cluster](https://blog.yarsalabs.com/kubernetes-cluster-from-scratch-part2/)\n- [ETCD Server Setup for a Kubernetes Cluster](https://blog.yarsalabs.com/kubernetes-cluster-from-scratch-part3/)\n- [Generating Kubernetes Configuration Files for Authentication](https://blog.yarsalabs.com/kubernetes-cluster-from-scratch-part4/)\n- [Creating the Kubernetes Control Plane](https://blog.yarsalabs.com/kubernetes-cluster-from-scratch-part5/)\n\n\n### Cheatsheets\n\n- [quick reference](https://kubernetes.io/docs/reference/kubectl/quick-reference/)\n- [k8s_cheatsheet.md](https://github.com/BEPb/HackingKubernetes/blob/master/pdf/k8s_cheatsheet.md)\n- [k8s-cheat-sheet](https://encore.dev/resources/k8s-cheat-sheet)\n- [kubernetes-cheat-sheet](https://www.mirantis.com/blog/kubernetes-cheat-sheet)\n- [Kubernetes Security Cheat Sheet](https://cheatsheetseries.owasp.org/cheatsheets/Kubernetes_Security_Cheat_Sheet.html#securing-data)\n\n\u003cimg src=\"./art/kubernetes_arquitecture.png\" alt=\"arquitecture\"\u003e\n\u003cimg src=\"./art/ports_kubernetes.png\" alt=\"ports\"\u003e\n\n### Atricles How to Hack Kubernetes\n- [How to Hack Kubernetes (and How to Protect It)](https://goteleport.com/blog/how-to-hack-kubernetes/)\n- [Securing Kubernetes Clusters by Eliminating Risky Permissions](https://www.cyberark.com/resources/threat-research-blog/securing-kubernetes-clusters-by-eliminating-risky-permissions)\n- [Kubernetes Pentest Methodology Part 1](https://www.cyberark.com/resources/threat-research-blog/kubernetes-pentest-methodology-part-1)\n- [Kubernetes Pentest Methodology Part 2](https://www.cyberark.com/resources/threat-research-blog/kubernetes-pentest-methodology-part-2)\n- [Kubernetes Pentest Methodology Part 3](https://www.cyberark.com/resources/threat-research-blog/kubernetes-pentest-methodology-part-3)\n- [Eight Ways to Create a Pod](https://www.cyberark.com/resources/threat-research-blog/eight-ways-to-create-a-pod)\n- [Kubernetes Pod Escape Using Log Mounts](https://www.aquasec.com/blog/kubernetes-security-pod-escape-log-mounts/)\n- [The Route to Root: Container Escape Using Kernel Exploitation](https://www.cyberark.com/resources/threat-research-blog/the-route-to-root-container-escape-using-kernel-exploitation)\n- [Attacking Kubernetes clusters using the Kubelet API](https://faun.pub/attacking-kubernetes-clusters-using-the-kubelet-api-abafc36126ca)\n- [Threat matrix for Kubernetes](https://www.microsoft.com/en-us/security/blog/2020/04/02/attack-matrix-kubernetes/)\n- [Secure containerized environments with updated threat matrix for Kubernetes](https://www.microsoft.com/en-us/security/blog/2021/03/23/secure-containerized-environments-with-updated-threat-matrix-for-kubernetes/)\n- [Introduction to GKE Kubelet TLS Bootstrap Privilege Escalation](https://rhinosecuritylabs.com/cloud-security/kubelet-tls-bootstrap-privilege-escalation/)\n- [Bad Pods: Kubernetes Pod Privilege Escalation](https://bishopfox.com/blog/kubernetes-pod-privilege-escalation)\n- [Bad Pods github](https://github.com/BishopFox/badPods)\n- [Hacking Kubelet on Google Kubernetes Engine](https://www.4armed.com/blog/hacking-kubelet-on-gke/)\n\n### PDF\n- [Learn by Hacking](https://github.com/calinah/learn-by-hacking-kccn/blob/master/Learn%20by%20Hacking.pdf)\n- \n\n### Kubernetes Security\n- [Kubernetes Security Best Practices everyone must follow](https://www.cncf.io/blog/2019/01/14/9-kubernetes-security-best-practices-everyone-must-follow)\n- [Securing a Cluster](https://kubernetes.io/docs/tasks/administer-cluster/securing-a-cluster)\n- [Security Best Practices for Kubernetes Deployment](https://kubernetes.io/blog/2016/08/security-best-practices-kubernetes-deployment)\n- [Kubernetes Security Best Practices](https://phoenixnap.com/kb/kubernetes-security-best-practices)\n- [Kubernetes Security 101: Risks and 29 Best Practices](https://www.stackrox.com/post/2020/05/kubernetes-security-101)\n- [15 Kubernetes security best practice to secure your cluster](https://www.mobilise.cloud/15-kubernetes-security-best-practice-to-secure-your-cluster)\n- [The Ultimate Guide to Kubernetes Security](https://neuvector.com/container-security/kubernetes-security-guide)\n- [11 Ways (Not) to Get Hacked](https://kubernetes.io/blog/2018/07/18/11-ways-not-to-get-hacked)\n- [12 Kubernetes configuration best practices](https://www.stackrox.com/post/2019/09/12-kubernetes-configuration-best-practices/#6-securely-configure-the-kubernetes-api-server)\n- [A Practical Guide to Kubernetes Logging](https://logz.io/blog/a-practical-guide-to-kubernetes-logging)\n- [Kubernetes Web UI (Dashboard)](https://kubernetes.io/docs/tasks/access-application-cluster/web-ui-dashboard)\n- [OPEN POLICY AGENT: CLOUD-NATIVE AUTHORIZATION](https://blog.styra.com/blog/open-policy-agent-authorization-for-the-cloud)\n- [Introducing Policy As Code: The Open Policy Agent (OPA) ](https://www.magalix.com/blog/introducing-policy-as-code-the-open-policy-agent-opa)\n- [What service mesh provides](https://aspenmesh.io/wp-content/uploads/2019/10/AspenMesh_CompleteGuide.pdf)\n- [Three Technical Benefits of Service Meshes and their Operational Limitations, Part 1](https://glasnostic.com/blog/service-mesh-istio-limits-and-benefits-part-1)\n- [Open Policy Agent: What Is OPA and How It Works (Examples)](https://spacelift.io/blog/what-is-open-policy-agent-and-how-it-works)\n- [Send Kubernetes Metrics To Kibana and Elasticsearch](https://logit.io/sources/configure/kubernetes/)\n- [Kubernetes Security Checklist](https://kubernetes.io/docs/concepts/security/security-checklist/)\n\n\u003cmain\u003e  \u003ch1 id=\"container--kubernetes-security-tools\"\u003e \u003ca href=\"#container--kubernetes-security-tools\" class=\"anchor-heading\" aria-labelledby=\"container--kubernetes-security-tools\"\u003e\u003csvg viewBox=\"0 0 16 16\" aria-hidden=\"true\"\u003e\u003cuse xlink:href=\"#svg-link\"\u003e\u003c/use\u003e\u003c/svg\u003e\u003c/a\u003e Container \u0026amp; Kubernetes Security Tools \u003c/h1\u003e\u003cp\u003eThis is a list of open source tools which help with areas related to Container security. Some of the tools in this list don’t fit neatly into a specific category or categories, so they’re listed with the closest option.\u003c/p\u003e \u003ch2 id=\"container-attack-surface-assessment--breakout-tools\"\u003e \u003ca href=\"#container-attack-surface-assessment--breakout-tools\" class=\"anchor-heading\" aria-labelledby=\"container-attack-surface-assessment--breakout-tools\"\u003e\u003csvg viewBox=\"0 0 16 16\" aria-hidden=\"true\"\u003e\u003cuse xlink:href=\"#svg-link\"\u003e\u003c/use\u003e\u003c/svg\u003e\u003c/a\u003e Container Attack Surface Assessment \u0026amp; Breakout Tools \u003c/h2\u003e \u003cp\u003eUseful tools to run inside a container to assess the sandbox that’s in use, and exploit some common breakout issues.\u003c/p\u003e \u003cul\u003e \u003cli\u003e\u003ca href=\"https://github.com/stealthcopter/deepce\"\u003edeepce\u003c/a\u003e - Docker Enumeration, Escalation of Privileges and Container Escapes\u003c/li\u003e \u003cli\u003e\u003ca href=\"https://github.com/cdk-team/CDK\"\u003eCDK\u003c/a\u003e - Container and Kubernetes auditing and breakout tool.\u003c/li\u003e \u003c/ul\u003e \u003ch2 id=\"container-vulnerability-scanning-tools\"\u003e \u003ca href=\"#container-vulnerability-scanning-tools\" class=\"anchor-heading\" aria-labelledby=\"container-vulnerability-scanning-tools\"\u003e\u003csvg viewBox=\"0 0 16 16\" aria-hidden=\"true\"\u003e\u003cuse xlink:href=\"#svg-link\"\u003e\u003c/use\u003e\u003c/svg\u003e\u003c/a\u003e Container Vulnerability Scanning Tools \u003c/h2\u003e \u003cul\u003e \u003cli\u003e\u003ca href=\"https://github.com/aquasecurity/trivy\"\u003eTrivy\u003c/a\u003e - Vulnerability and IaC scanner\u003c/li\u003e \u003cli\u003e\u003ca href=\"https://github.com/anchore/grype\"\u003eGrype\u003c/a\u003e - Container vulnerability scanner\u003c/li\u003e \u003cli\u003e\u003ca href=\"https://github.com/quay/clair\"\u003eclair\u003c/a\u003e - Container vulnerability scanner\u003c/li\u003e \u003cli\u003e\u003ca href=\"https://docs.docker.com/scout/\"\u003eDocker Scout\u003c/a\u003e - Container Vulnerability scanner\u003c/li\u003e \u003cli\u003e\u003ca href=\"https://github.com/AppThreat/dep-scan\"\u003edep-scan\u003c/a\u003e - Vulnerability and mis-configuration scanner\u003c/li\u003e \u003cli\u003e\u003ca href=\"https://github.com/neuvector/scanner\"\u003eNeuvector Scanner\u003c/a\u003e - Container Vulnerability Scanning Tool.\u003c/li\u003e \u003c/ul\u003e \u003ch2 id=\"iac-scanning-tools-that-cover-container-formats\"\u003e \u003ca href=\"#iac-scanning-tools-that-cover-container-formats\" class=\"anchor-heading\" aria-labelledby=\"iac-scanning-tools-that-cover-container-formats\"\u003e\u003csvg viewBox=\"0 0 16 16\" aria-hidden=\"true\"\u003e\u003cuse xlink:href=\"#svg-link\"\u003e\u003c/use\u003e\u003c/svg\u003e\u003c/a\u003e IaC Scanning Tools that cover container formats \u003c/h2\u003e \u003cul\u003e \u003cli\u003e\u003ca href=\"https://github.com/aquasecurity/trivy\"\u003eTrivy\u003c/a\u003e - Vulnerability and IaC scanner\u003c/li\u003e \u003cli\u003e\u003ca href=\"https://github.com/bridgecrewio/checkov\"\u003eCheckov\u003c/a\u003e - IaC scanner\u003c/li\u003e \u003cli\u003e\u003ca href=\"https://github.com/Checkmarx/kics\"\u003eKICS\u003c/a\u003e - IaC scanner\u003c/li\u003e \u003cli\u003e\u003ca href=\"https://github.com/AppThreat/dep-scan\"\u003edep-scan\u003c/a\u003e - Vulnerability and mis-configuration scanner\u003c/li\u003e \u003cli\u003e\u003ca href=\"https://github.com/tenable/terrascan\"\u003eTerrascan\u003c/a\u003e - IAC Scanner for various formats including Docker and Kubernetes\u003c/li\u003e \u003cli\u003e\u003ca href=\"https://github.com/hadolint/hadolint\"\u003ehadolint\u003c/a\u003e - Docker file linter\u003c/li\u003e \u003c/ul\u003e \u003ch2 id=\"docker-security-tools\"\u003e \u003ca href=\"#docker-security-tools\" class=\"anchor-heading\" aria-labelledby=\"docker-security-tools\"\u003e\u003csvg viewBox=\"0 0 16 16\" aria-hidden=\"true\"\u003e\u003cuse xlink:href=\"#svg-link\"\u003e\u003c/use\u003e\u003c/svg\u003e\u003c/a\u003e Docker Security Tools \u003c/h2\u003e \u003cul\u003e \u003cli\u003e\u003ca href=\"https://github.com/docker/docker-bench-security\"\u003edocker bench\u003c/a\u003e - Docker CIS Benchmark assessment tool\u003c/li\u003e \u003cli\u003e\u003ca href=\"https://github.com/goodwithtech/dockle\"\u003eDockle\u003c/a\u003e - Container Image Linter\u003c/li\u003e \u003cli\u003e\u003ca href=\"https://github.com/mondoohq/cnspec\"\u003ecnspec\u003c/a\u003e - Assessment tool for multiple platforms including Docker and Kubernetes\u003c/li\u003e \u003c/ul\u003e \u003ch2 id=\"container-runtime-security-tools\"\u003e \u003ca href=\"#container-runtime-security-tools\" class=\"anchor-heading\" aria-labelledby=\"container-runtime-security-tools\"\u003e\u003csvg viewBox=\"0 0 16 16\" aria-hidden=\"true\"\u003e\u003cuse xlink:href=\"#svg-link\"\u003e\u003c/use\u003e\u003c/svg\u003e\u003c/a\u003e Container Runtime Security Tools \u003c/h2\u003e \u003cul\u003e \u003cli\u003e\u003ca href=\"https://github.com/aquasecurity/tracee\"\u003eTracee\u003c/a\u003e. Container runtime security tooling\u003c/li\u003e \u003cli\u003e\u003ca href=\"https://github.com/falcosecurity/falco\"\u003eFalco\u003c/a\u003e. Container runtime security tooling\u003c/li\u003e \u003cli\u003e\u003ca href=\"https://github.com/kubearmor/KubeArmor\"\u003eKubearmor\u003c/a\u003e. Container runtime security enforcement tool\u003c/li\u003e \u003cli\u003e\u003ca href=\"https://github.com/cilium/tetragon\"\u003eTetragon\u003c/a\u003e. Container runtime security tool\u003c/li\u003e \u003c/ul\u003e \u003ch2 id=\"container-registry-tools\"\u003e \u003ca href=\"#container-registry-tools\" class=\"anchor-heading\" aria-labelledby=\"container-registry-tools\"\u003e\u003csvg viewBox=\"0 0 16 16\" aria-hidden=\"true\"\u003e\u003cuse xlink:href=\"#svg-link\"\u003e\u003c/use\u003e\u003c/svg\u003e\u003c/a\u003e Container Registry Tools \u003c/h2\u003e \u003cul\u003e \u003cli\u003e\u003ca href=\"https://github.com/regclient/regclient\"\u003eregclient\u003c/a\u003e - Another tool for interacting with container registries\u003c/li\u003e \u003cli\u003e\u003ca href=\"https://github.com/google/go-containerregistry\"\u003ecrane\u003c/a\u003e - Tool for interacting with Container registries.\u003c/li\u003e \u003cli\u003e\u003ca href=\"https://github.com/containers/skopeo\"\u003eskopeo\u003c/a\u003e - Tool for interaction with Container registries\u003c/li\u003e \u003c/ul\u003e \u003ch2 id=\"container-image-tools\"\u003e \u003ca href=\"#container-image-tools\" class=\"anchor-heading\" aria-labelledby=\"container-image-tools\"\u003e\u003csvg viewBox=\"0 0 16 16\" aria-hidden=\"true\"\u003e\u003cuse xlink:href=\"#svg-link\"\u003e\u003c/use\u003e\u003c/svg\u003e\u003c/a\u003e Container Image Tools \u003c/h2\u003e \u003cul\u003e \u003cli\u003e\u003ca href=\"https://github.com/wagoodman/dive\"\u003eDive\u003c/a\u003e - Tool for exploring Container image layers\u003c/li\u003e \u003c/ul\u003e \u003ch2 id=\"kubernetes-tools\"\u003e \u003ca href=\"#kubernetes-tools\" class=\"anchor-heading\" aria-labelledby=\"kubernetes-tools\"\u003e\u003csvg viewBox=\"0 0 16 16\" aria-hidden=\"true\"\u003e\u003cuse xlink:href=\"#svg-link\"\u003e\u003c/use\u003e\u003c/svg\u003e\u003c/a\u003e Kubernetes Tools \u003c/h2\u003e \u003ch3 id=\"rbac-assessment-tools\"\u003e \u003ca href=\"#rbac-assessment-tools\" class=\"anchor-heading\" aria-labelledby=\"rbac-assessment-tools\"\u003e\u003csvg viewBox=\"0 0 16 16\" aria-hidden=\"true\"\u003e\u003cuse xlink:href=\"#svg-link\"\u003e\u003c/use\u003e\u003c/svg\u003e\u003c/a\u003e RBAC Assessment Tools \u003c/h3\u003e \u003cul\u003e \u003cli\u003e\u003ca href=\"https://github.com/alcideio/rbac-tool\"\u003erbac-tool\u003c/a\u003e - RBAC Tool for Kubernetes\u003c/li\u003e \u003cli\u003e\u003ca href=\"https://github.com/cyberark/KubiScan\"\u003ekubiScan\u003c/a\u003e - Tool to scan Kubernetes clusters for risky permissions\u003c/li\u003e \u003cli\u003e\u003ca href=\"https://github.com/appvia/krane\"\u003ekrane\u003c/a\u003e - Kubernetes RBAC static analysis \u0026amp; visualisation tool\u003c/li\u003e \u003cli\u003e\u003ca href=\"https://github.com/raesene/eathar\"\u003eeathar\u003c/a\u003e - Kubernetes security assessment tool focusing on workload security and RBAC.\u003c/li\u003e \u003c/ul\u003e \u003ch3 id=\"kubernetes-security-auditing-tools\"\u003e \u003ca href=\"#kubernetes-security-auditing-tools\" class=\"anchor-heading\" aria-labelledby=\"kubernetes-security-auditing-tools\"\u003e\u003csvg viewBox=\"0 0 16 16\" aria-hidden=\"true\"\u003e\u003cuse xlink:href=\"#svg-link\"\u003e\u003c/use\u003e\u003c/svg\u003e\u003c/a\u003e Kubernetes Security Auditing Tools \u003c/h3\u003e \u003cul\u003e \u003cli\u003e\u003ca href=\"https://github.com/aquasecurity/kube-bench\"\u003ekube-bench\u003c/a\u003e - Tool to assess compliance with the CIS benchmark for various Kubernetes distributions\u003c/li\u003e \u003cli\u003e\u003ca href=\"https://github.com/armosec/kubescape\"\u003ekubescape\u003c/a\u003e - Kubernetes security assessment tool\u003c/li\u003e \u003cli\u003e\u003ca href=\"https://github.com/Shopify/kubeaudit\"\u003ekubeaudit\u003c/a\u003e - Kubernetes security assessment tool focusing on workload security\u003c/li\u003e \u003cli\u003e\u003ca href=\"https://github.com/controlplaneio/kubesec\"\u003ekubesec\u003c/a\u003e - Kubernetes security assessment tool focusing on workload security\u003c/li\u003e \u003cli\u003e\u003ca href=\"https://github.com/zegl/kube-score\"\u003ekubescore\u003c/a\u003e - Kubernetes security and reliability assessment tool focusing on workload security.\u003c/li\u003e \u003cli\u003e\u003ca href=\"https://github.com/raesene/eathar\"\u003eeathar\u003c/a\u003e - Kubernetes security assessment tool focusing on workload security and RBAC.\u003c/li\u003e \u003cli\u003e\u003ca href=\"https://github.com/derailed/popeye\"\u003epopeye\u003c/a\u003e - Kubernetes cluster scanner, looking for possible mis-configurations.\u003c/li\u003e \u003cli\u003e\u003ca href=\"https://github.com/mondoohq/cnspec\"\u003ecnspec\u003c/a\u003e - Assessment tool for multiple platforms including Docker and Kubernetes\u003c/li\u003e \u003c/ul\u003e \u003ch3 id=\"kubernetes-penetration-testing-tools\"\u003e \u003ca href=\"#kubernetes-penetration-testing-tools\" class=\"anchor-heading\" aria-labelledby=\"kubernetes-penetration-testing-tools\"\u003e\u003csvg viewBox=\"0 0 16 16\" aria-hidden=\"true\"\u003e\u003cuse xlink:href=\"#svg-link\"\u003e\u003c/use\u003e\u003c/svg\u003e\u003c/a\u003e Kubernetes Penetration Testing Tools \u003c/h3\u003e \u003cul\u003e \u003cli\u003e\u003ca href=\"https://github.com/inguardians/peirates\"\u003epeirates\u003c/a\u003e - Kubernetes container breakout tool\u003c/li\u003e \u003cli\u003e\u003ca href=\"https://github.com/quarkslab/kdigger\"\u003ekdigger\u003c/a\u003e - Kubernetes breakout/discovery tool\u003c/li\u003e \u003cli\u003e\u003ca href=\"https://github.com/raesene/teisteanas\"\u003eteisteanas\u003c/a\u003e - Tool to create kubeconfig files based on the CertificateSigningRequest API.\u003c/li\u003e \u003cli\u003e\u003ca href=\"https://github.com/raesene/tocan\"\u003etòcan\u003c/a\u003e - Tool to create kubeconfig files based on the TokenRequest API.\u003c/li\u003e \u003cli\u003e\u003ca href=\"https://github.com/DataDog/managed-kubernetes-auditing-toolkit/\"\u003eMKAT\u003c/a\u003e - Managed Kubernetes Auditing Tool. Focuses on exploring security issues in managed Kubernetes (e.g. EKS)\u003c/li\u003e \u003cli\u003e\u003ca href=\"https://kubehound.io/\"\u003eKubehound\u003c/a\u003e - KubeHound creates a graph of attack paths in a Kubernetes cluster\u003c/li\u003e \u003cli\u003e\u003ca href=\"https://github.com/WithSecureLabs/IceKube\"\u003eIceKube\u003c/a\u003e - Kubernetes attack path evaluation tool.\u003c/li\u003e \u003cli\u003e\u003ca href=\"https://github.com/wiz-sec-public/namespacehound/\"\u003enamespacehound\u003c/a\u003e - Tool to test a cluster for possible namespace breakouts where multi-tenancy is in use.\u003c/li\u003e \u003c/ul\u003e \u003ch3 id=\"kubelet-tools\"\u003e \u003ca href=\"#kubelet-tools\" class=\"anchor-heading\" aria-labelledby=\"kubelet-tools\"\u003e\u003csvg viewBox=\"0 0 16 16\" aria-hidden=\"true\"\u003e\u003cuse xlink:href=\"#svg-link\"\u003e\u003c/use\u003e\u003c/svg\u003e\u003c/a\u003e Kubelet Tools \u003c/h3\u003e \u003cul\u003e \u003cli\u003e\u003ca href=\"https://github.com/cyberark/kubeletctl\"\u003ekubeletctl\u003c/a\u003e - This is a good tool to automate the process of assessing a kubelet instance. If the instance is vulnerable it can also carry out some exploit tasks\u003c/li\u003e \u003cli\u003e\u003ca href=\"https://github.com/raesene/kubelet_dumper\"\u003ekubelet dumper\u003c/a\u003e - PoC tool to dump Kubelet configurations for review.\u003c/li\u003e \u003c/ul\u003e \u003ch3 id=\"etcd-tools\"\u003e \u003ca href=\"#etcd-tools\" class=\"anchor-heading\" aria-labelledby=\"etcd-tools\"\u003e\u003csvg viewBox=\"0 0 16 16\" aria-hidden=\"true\"\u003e\u003cuse xlink:href=\"#svg-link\"\u003e\u003c/use\u003e\u003c/svg\u003e\u003c/a\u003e etcd Tools \u003c/h3\u003e \u003cul\u003e \u003cli\u003e\u003ca href=\"https://github.com/jpbetz/auger\"\u003eauger\u003c/a\u003e - Tool for decoding information pulled directly from the etcd database\u003c/li\u003e \u003c/ul\u003e \u003ch3 id=\"security-observability-tools\"\u003e \u003ca href=\"#security-observability-tools\" class=\"anchor-heading\" aria-labelledby=\"security-observability-tools\"\u003e\u003csvg viewBox=\"0 0 16 16\" aria-hidden=\"true\"\u003e\u003cuse xlink:href=\"#svg-link\"\u003e\u003c/use\u003e\u003c/svg\u003e\u003c/a\u003e Security Observability Tools \u003c/h3\u003e \u003cul\u003e \u003cli\u003e\u003ca href=\"https://github.com/deepfence/ThreatMapper\"\u003eThreatMapper\u003c/a\u003e. Cloud + Container Security observability\u003c/li\u003e \u003c/ul\u003e \u003ch3 id=\"training-tools\"\u003e \u003ca href=\"#training-tools\" class=\"anchor-heading\" aria-labelledby=\"training-tools\"\u003e\u003csvg viewBox=\"0 0 16 16\" aria-hidden=\"true\"\u003e\u003cuse xlink:href=\"#svg-link\"\u003e\u003c/use\u003e\u003c/svg\u003e\u003c/a\u003e Training Tools \u003c/h3\u003e \u003cp\u003eIf you’re looking to practice with some of the tools here, in a safe environment, there are projects to help with that.\u003c/p\u003e \u003cul\u003e \u003cli\u003e\u003ca href=\"https://github.com/raesene/kube_security_lab\"\u003eKube Security Lab\u003c/a\u003e - Basic set of Kubernetes security scenarios implemented in Ansible with KinD\u003c/li\u003e \u003cli\u003e\u003ca href=\"https://github.com/kubernetes-simulator/simulator\"\u003eKubernetes Simulator\u003c/a\u003e - AWS based Kubernetes cluster environment with different vulnerability scenarios\u003c/li\u003e \u003cli\u003e\u003ca href=\"https://github.com/madhuakula/kubernetes-goat\"\u003eKubernetes Goat\u003c/a\u003e - Focuses on vulnerable deployments on top of an existing cluster. Also available on line \u003ca href=\"https://katacoda.com/madhuakula/scenarios/kubernetes-goat\"\u003ewith Katacoda\u003c/a\u003e\u003c/li\u003e \u003cli\u003e\u003ca href=\"https://github.com/TremoloSecurity/k8s-idm-lab\"\u003eK8s-iam-lab\u003c/a\u003e - Kubernetes IAM Lab\u003c/li\u003e \u003c/ul\u003e \u003ch3 id=\"kubernetes-honeypot-projects\"\u003e \u003ca href=\"#kubernetes-honeypot-projects\" class=\"anchor-heading\" aria-labelledby=\"kubernetes-honeypot-projects\"\u003e\u003csvg viewBox=\"0 0 16 16\" aria-hidden=\"true\"\u003e\u003cuse xlink:href=\"#svg-link\"\u003e\u003c/use\u003e\u003c/svg\u003e\u003c/a\u003e Kubernetes Honeypot projects \u003c/h3\u003e \u003cul\u003e \u003cli\u003e\u003ca href=\"https://github.com/Zeerg/helix-honeypot\"\u003eHelix Honeypot\u003c/a\u003e - Kubernetes API server honeypot\u003c/li\u003e \u003cli\u003e\u003ca href=\"https://blog.thinkst.com/2021/11/a-kubeconfig-canarytoken.html\"\u003eKubernetes Honeytokens\u003c/a\u003e - A honey token Canary for use with honeypots.\u003c/li\u003e \u003c/ul\u003e \u003ch3 id=\"kubernetes-security-improvement-tools\"\u003e \u003ca href=\"#kubernetes-security-improvement-tools\" class=\"anchor-heading\" aria-labelledby=\"kubernetes-security-improvement-tools\"\u003e\u003csvg viewBox=\"0 0 16 16\" aria-hidden=\"true\"\u003e\u003cuse xlink:href=\"#svg-link\"\u003e\u003c/use\u003e\u003c/svg\u003e\u003c/a\u003e Kubernetes Security Improvement Tools \u003c/h3\u003e \u003cul\u003e \u003cli\u003e\u003ca href=\"https://github.com/kubernetes-sigs/security-profiles-operator\"\u003eSecurity Profiles Operator\u003c/a\u003e - Kubernetes operator for security profiles\u003c/li\u003e \u003cli\u003e\u003ca href=\"https://github.com/aws-samples/hardeneks\"\u003ehardeneks\u003c/a\u003e - Tool to harden EKS clusters\u003c/li\u003e \u003c/ul\u003e \u003ch1 id=\"deprecatedunmaintained-tools\"\u003e \u003ca href=\"#deprecatedunmaintained-tools\" class=\"anchor-heading\" aria-labelledby=\"deprecatedunmaintained-tools\"\u003e\u003csvg viewBox=\"0 0 16 16\" aria-hidden=\"true\"\u003e\u003cuse xlink:href=\"#svg-link\"\u003e\u003c/use\u003e\u003c/svg\u003e\u003c/a\u003e Deprecated/Unmaintained Tools \u003c/h1\u003e \u003cp\u003eInevitably over time, some tools will become unmaintained and deprecated. Whilst they may still work ok, caution is needed. If I’ve listed you here and you’re not deprecated just open an issue to move it back :)\u003c/p\u003e \u003cul\u003e \u003cli\u003e\u003ca href=\"https://github.com/aquasecurity/kube-hunter\"\u003ekube-hunter\u003c/a\u003e - Tool to test and exploit standard Kubernetes Security Vulnerabilities\u003c/li\u003e \u003cli\u003e\u003ca href=\"https://github.com/aquasecurity/kubectl-who-can\"\u003ekubectl-who-can\u003c/a\u003e - Tool that lets you ask “who can” do things in RBAC, e.g. who can get secrets\u003c/li\u003e \u003cli\u003e\u003ca href=\"https://github.com/corneliusweig/rakkess\"\u003erakkess\u003c/a\u003e - Shows the RBAC permissions available to a user as a list\u003c/li\u003e \u003cli\u003e\u003ca href=\"https://github.com/team-soteria/rback\"\u003erback\u003c/a\u003e - tool for graphical representation of RBAC permissions in a kubernetes cluster\u003c/li\u003e \u003cli\u003e\u003ca href=\"https://github.com/genuinetools/amicontained\"\u003eamicontained\u003c/a\u003e - will show you information about the container runtime and rights you have\u003c/li\u003e \u003cli\u003e\u003ca href=\"https://github.com/nccgroup/ConMachi/\"\u003eConMachi\u003c/a\u003e - Pentester focused container attack surface assessment tool\u003c/li\u003e \u003cli\u003e\u003ca href=\"https://github.com/brompwnie/botb\"\u003ebotb\u003c/a\u003e - Container breakout assessment tool. Can automatically exploit common issues like the Docker socket mount\u003c/li\u003e \u003cli\u003e\u003ca href=\"https://github.com/antitree/keyctl-unmask\"\u003ekeyctl-unmask\u003c/a\u003e - Tool that specifically focuses on grabbing kernel keyring entries from containers that allow the keyctl syscall\u003c/li\u003e \u003cli\u003e\u003ca href=\"https://github.com/nccgroup/go-pillage-registries\"\u003ego-pillage-registries\u003c/a\u003e - Tool to search the manifests and configuration for images in a registry for potentially sensitive information\u003c/li\u003e \u003cli\u003e\u003ca href=\"https://github.com/genuinetools/reg\"\u003ereg\u003c/a\u003e - Tool for interacting with Container registries\u003c/li\u003e \u003cli\u003e\u003ca href=\"https://github.com/P3GLEG/Whaler\"\u003eWhaler\u003c/a\u003e - Tool to reverse Docker images into Dockerfiles.\u003c/li\u003e \u003cli\u003e\u003ca href=\"https://github.com/PaloAltoNetworks/rbac-police\"\u003eRBAC Police\u003c/a\u003e - RBAC policy evaluation.\u003c/li\u003e \u003cli\u003e\u003ca href=\"https://github.com/vchinnipilli/kubestrike\"\u003ekubestrike\u003c/a\u003e - Security auditing tool for Kubernetes looks at Authenticated and unauthenticated scanning\u003c/li\u003e \u003cli\u003e\u003ca href=\"https://github.com/Rolix44/Kubestroyer\"\u003ekubestroyer\u003c/a\u003e - Kubernetes pentesting tool.\u003c/li\u003e \u003cli\u003e\u003ca href=\"https://github.com/redhuntlabs/kubestalk\"\u003ekubestalk\u003c/a\u003e - Black Box Kubernetes Pentesting Tool.\u003c/li\u003e \u003cli\u003e\u003ca href=\"https://github.com/yasindce1998/KubeDagger\"\u003ekubedagger\u003c/a\u003e - Kubernetes offensive framework built in eBPF.\u003c/li\u003e \u003cli\u003e\u003ca href=\"https://github.com/cyberark/kubesploit\"\u003ekubesploit\u003c/a\u003e - Kubesploit is a cross-platform post-exploitation HTTP/2 Command \u0026amp; Control server and agent written in Golang, focused on containerized environments\u003c/li\u003e \u003cli\u003e\u003ca href=\"https://github.com/Maddosaurus/k8spot\"\u003ek8spot\u003c/a\u003e - Kubernetes honeypot.\u003c/li\u003e \u003c/ul\u003e \u003c/main\u003e\n\n\n\n\u003cimg src=\"./art/HackingKubernetes0.jpg\" alt=\"logo\"\u003e\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbepb%2Fhackingkubernetes","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbepb%2Fhackingkubernetes","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbepb%2Fhackingkubernetes/lists"}