awesome-cloud-native-security
awesome resources about cloud native security 🐿
https://github.com/Metarget/awesome-cloud-native-security
Last synced: 7 days ago
JSON representation
-
1 Offensive
-
1.6 Service Mesh
- Istio访问授权再曝高危漏洞 (CVE-2020-8595, 2020-03-13)
- Istio访问授权再曝高危漏洞 (CVE-2020-8595, 2020-03-13)
- Istio访问授权再曝高危漏洞 (CVE-2020-8595, 2020-03-13)
- Istio访问授权再曝高危漏洞 (CVE-2020-8595, 2020-03-13)
- Istio访问授权再曝高危漏洞 (CVE-2020-8595, 2020-03-13)
- Attack in a Service Mesh (CIS 2020)
- Istio访问授权再曝高危漏洞 (CVE-2020-8595, 2020-03-13)
- Istio访问授权再曝高危漏洞 (CVE-2020-8595, 2020-03-13)
- Istio访问授权再曝高危漏洞 (CVE-2020-8595, 2020-03-13)
- Istio访问授权再曝高危漏洞 (CVE-2020-8595, 2020-03-13)
- Istio访问授权再曝高危漏洞 (CVE-2020-8595, 2020-03-13)
- Istio访问授权再曝高危漏洞 (CVE-2020-8595, 2020-03-13)
-
1.7 API Gateway
-
1.8 Windows Containers
- Well, That Escalated Quickly! How Abusing Docker API Led to Remote Code Execution, Same Origin Bypass and Persistence in The Hypervisor via Shadow Containers (Black Hat 2017)
- Well, That Escalated Quickly! (Whitepaper)
- What I Learned from Reverse Engineering Windows Containers (2019-12-12)
- Windows Server Containers Are Open, and Here's How You Can Break Out (2020-07-15)
- PoC by James Forshaw (the author of post *Who Contains the Containers?*)
- Who Contains the Containers? (Project Zero, 2021-04-01)
-
1.9 Tools
- Introduction to kdigger
- kube-hunter - Hunt for security weaknesses in Kubernetes clusters
- serverless_toolkit - A collection of useful Serverless functions I use when pentesting
- kubesploit
- kubeletmein - Security testing tool for Kubernetes, abusing kubelet credentials on public cloud providers
- CDK - Zero Dependency Container Penetration Toolkit
- red-kube - Red Team K8S Adversary Emulation Based on kubectl
- whoc - A container image that extracts the underlying container runtime
- kdigger - A context discovery tool for Kubernetes penetration testing
- Zero Dependency Container Penetration Toolkit (Blackhat 2021)
- CDK: Also a Awesome BugBounty Tool for Cloud Platform (WHC 2021)
- Metarget - framework providing automatic constructions of vulnerable infrastructures
-
-
2 Defensive
-
2.1 Standards and Benchmarks
- NIST.SP.800-190 Application Container Security Guide (2017-09-25)
- NIST.IR.8176 Security Assurance Requirements for Linux Application Container Deployments (2017-10)
- CIS Docker Benchmark
- NIST.SP.800-204 Security Strategies for Microservices-based Application Systems (2019-08)
- NIST.SP.800-204B Attribute-based Access Control for Microservices-based Applications Using a Service Mesh (2021-08)
- OWASP Container Security Verification Standard
- CIS Kubernetes Benchmark
-
2.2 Kubernetes
-
2.3 Container
- 探索Sysdig Falco:容器环境下的异常行为检测工具 (2019-09-25)
- 云原生之容器安全实践 (2020-03-12)
- 容器环境相关的内核漏洞缓解技术 (2020-08-31)
- Detecting a Container Escape with Cilium and eBPF
- 容器环境相关的内核漏洞缓解技术 (2020-08-31)
- 容器环境相关的内核漏洞缓解技术 (2020-08-31)
- 容器环境相关的内核漏洞缓解技术 (2020-08-31)
- 容器环境相关的内核漏洞缓解技术 (2020-08-31)
- 容器环境相关的内核漏洞缓解技术 (2020-08-31)
- 容器环境相关的内核漏洞缓解技术 (2020-08-31)
- 容器环境相关的内核漏洞缓解技术 (2020-08-31)
- 容器环境相关的内核漏洞缓解技术 (2020-08-31)
- 容器环境相关的内核漏洞缓解技术 (2020-08-31)
- 容器环境相关的内核漏洞缓解技术 (2020-08-31)
- 容器环境相关的内核漏洞缓解技术 (2020-08-31)
- 容器环境相关的内核漏洞缓解技术 (2020-08-31)
- 容器环境相关的内核漏洞缓解技术 (2020-08-31)
- 容器环境相关的内核漏洞缓解技术 (2020-08-31)
- Detecting a Container Escape with Cilium and eBPF
-
2.4 Secure Container
- Making Containers More Isolated: An Overview of Sandboxed Container Technologies (2019-06-06)
- 深度解析 AWS Firecracker 原理篇 – 虚拟化与容器运行时技术 (2019-12-09)
- 以Docker为代表的传统容器到了生死存亡之际 (2019-12-24)
- Kata Containers创始人:安全容器导论 (2019-12-26)
- Kata Containers创始人:安全容器导论 (2019-12-26)
- Kata Containers创始人:安全容器导论 (2019-12-26)
- 以Docker为代表的传统容器到了生死存亡之际 (2019-12-24)
- Kata Containers创始人:安全容器导论 (2019-12-26)
- 以Docker为代表的传统容器到了生死存亡之际 (2019-12-24)
- Kata Containers创始人:安全容器导论 (2019-12-26)
- 以Docker为代表的传统容器到了生死存亡之际 (2019-12-24)
- Kata Containers创始人:安全容器导论 (2019-12-26)
- 以Docker为代表的传统容器到了生死存亡之际 (2019-12-24)
- Kata Containers创始人:安全容器导论 (2019-12-26)
- 以Docker为代表的传统容器到了生死存亡之际 (2019-12-24)
- Kata Containers创始人:安全容器导论 (2019-12-26)
- 以Docker为代表的传统容器到了生死存亡之际 (2019-12-24)
- Kata Containers创始人:安全容器导论 (2019-12-26)
- 以Docker为代表的传统容器到了生死存亡之际 (2019-12-24)
- Kata Containers创始人:安全容器导论 (2019-12-26)
- 以Docker为代表的传统容器到了生死存亡之际 (2019-12-24)
- Kata Containers创始人:安全容器导论 (2019-12-26)
- 以Docker为代表的传统容器到了生死存亡之际 (2019-12-24)
- Kata Containers创始人:安全容器导论 (2019-12-26)
- 以Docker为代表的传统容器到了生死存亡之际 (2019-12-24)
- Kata Containers创始人:安全容器导论 (2019-12-26)
- 以Docker为代表的传统容器到了生死存亡之际 (2019-12-24)
- Kata Containers创始人:安全容器导论 (2019-12-26)
- 以Docker为代表的传统容器到了生死存亡之际 (2019-12-24)
- Kata Containers创始人:安全容器导论 (2019-12-26)
- 以Docker为代表的传统容器到了生死存亡之际 (2019-12-24)
- Kata Containers创始人:安全容器导论 (2019-12-26)
-
2.5 Network
-
2.6 Practices
- 国外顶尖容器安全产品是怎么做的 (2020-12-04)
- 云原生|容器和应用安全运营实践思考 (2021-09-07)
- 国外顶尖容器安全产品是怎么做的 (2020-12-04)
- 云原生|容器和应用安全运营实践思考 (2021-09-07)
- 国外顶尖容器安全产品是怎么做的 (2020-12-04)
- 云原生|容器和应用安全运营实践思考 (2021-09-07)
- 国外顶尖容器安全产品是怎么做的 (2020-12-04)
- 云原生|容器和应用安全运营实践思考 (2021-09-07)
- 国外顶尖容器安全产品是怎么做的 (2020-12-04)
- 云原生|容器和应用安全运营实践思考 (2021-09-07)
- 国外顶尖容器安全产品是怎么做的 (2020-12-04)
- 云原生|容器和应用安全运营实践思考 (2021-09-07)
- 国外顶尖容器安全产品是怎么做的 (2020-12-04)
- 云原生|容器和应用安全运营实践思考 (2021-09-07)
- 国外顶尖容器安全产品是怎么做的 (2020-12-04)
- 云原生|容器和应用安全运营实践思考 (2021-09-07)
- 国外顶尖容器安全产品是怎么做的 (2020-12-04)
- 云原生|容器和应用安全运营实践思考 (2021-09-07)
- 国外顶尖容器安全产品是怎么做的 (2020-12-04)
- 云原生|容器和应用安全运营实践思考 (2021-09-07)
- 国外顶尖容器安全产品是怎么做的 (2020-12-04)
- 云原生|容器和应用安全运营实践思考 (2021-09-07)
- 国外顶尖容器安全产品是怎么做的 (2020-12-04)
- 云原生|容器和应用安全运营实践思考 (2021-09-07)
- 国外顶尖容器安全产品是怎么做的 (2020-12-04)
- 云原生|容器和应用安全运营实践思考 (2021-09-07)
- 国外顶尖容器安全产品是怎么做的 (2020-12-04)
- 云原生|容器和应用安全运营实践思考 (2021-09-07)
-
2.7 Tools
- Bypass Falco (2020-11-20)
- Detecting MITRE ATT&CK: Defense evasion techniques with Falco (2021-02-02)
- cnspec - cloud-native security and policy project
- docker-bench-security
- kube-bench
- KubiScan
- Falco
- Elkeid - Elkeid is a Cloud-Native Host-Based Intrusion Detection solution project to provide next-generation Threat Detection and Behavior Audition with modern architecture
- veinmind-tools
- kubescape - kubescape is the first tool for testing if Kubernetes is deployed securely as defined in Kubernetes Hardening Guidance by to NSA and CISA
- Detecting MITRE ATT&CK: Defense evasion techniques with Falco (2021-02-02)
- Detecting MITRE ATT&CK: Privilege escalation with Falco (2021-03-02)
-
-
3 Incidents
-
2.7 Tools
- Lessons from the Cryptojacking Attack at Tesla (2018-02-20)
- Graboid: First-Ever Cryptojacking Worm Found in Images on Docker Hub (2019-10-15)
- Detect large-scale cryptocurrency mining attack against Kubernetes clusters (2020-04-08)
- Coinminer, DDoS Bot Attack Docker Daemon Ports (2020-05-06)
- TeamTNT团伙对Docker主机发起攻击活动,植入挖矿木马 (2020-08-04)
- Cetus: Cryptojacking Worm Targeting Docker Daemons (2020-08-27)
- Black-T: New Cryptojacking Variant from TeamTNT (2020-10-05)
- TeamTNT Now Deploying DDoS-Capable IRC Bot TNTbotinger (2020-12-18)
- Hildegard: New TeamTNT Cryptojacking Malware Targeting Kubernetes (2021-02-03)
- TeamTNT Targets Kubernetes, Nearly 50,000 IPs Compromised in Worm-like Attack (2021-05-25)
- Tracking the Activities of TeamTNT: A Closer Look at a Cloud-Focused Malicious Actor Group (2021-06)
- TeamTNT Actively Enumerating Cloud Environments to Infiltrate Organizations (2021-06-04)
- TeamTNT with new campaign aka "Chimaera" (2021-09-08)
- Team TNT Deploys Malicious Docker Image On Docker Hub (2021-10-07)
- 再次捕获云上在野容器攻击,TeamTNT黑产攻击方法揭秘 (2021-10-20)
- Compromised Docker Hub Accounts Abused for Cryptomining Linked to TeamTNT (2021-11-09)
- Misconfigured Kubeflow workloads are a security risk (2020-06-10)
- 鉴权配置不当,蠕虫在自建K8s集群自由出入 (2020-09-16)
- Siloscape: First Known Malware Targeting Windows Containers to Compromise Cloud Environments (2021-06-07)
- NSA, Partners Release Cybersecurity Advisory on Brute Force Global Cyber Campaign (2021-07-01)
- Russian GRU Conducting Global Brute Force Campaign to Compromise Enterprise and Cloud Environments (2021-07)
- DockerHub再现百万下载量黑产镜像,小心你的容器被挖矿 (2021-08-30)
- Misconfigured Kafdrop Puts Companies’ Apache Kafka Completely Exposed (2021-12-06)
- DockerHub再现百万下载量黑产镜像,小心你的容器被挖矿 (2021-08-30)
- TeamTNT团伙对Docker主机发起攻击活动,植入挖矿木马 (2020-08-04)
- 再次捕获云上在野容器攻击,TeamTNT黑产攻击方法揭秘 (2021-10-20)
- DockerHub再现百万下载量黑产镜像,小心你的容器被挖矿 (2021-08-30)
- TeamTNT团伙对Docker主机发起攻击活动,植入挖矿木马 (2020-08-04)
- 再次捕获云上在野容器攻击,TeamTNT黑产攻击方法揭秘 (2021-10-20)
- DockerHub再现百万下载量黑产镜像,小心你的容器被挖矿 (2021-08-30)
- TeamTNT团伙对Docker主机发起攻击活动,植入挖矿木马 (2020-08-04)
- TeamTNT with new campaign aka "Chimaera" (2021-09-08)
- 再次捕获云上在野容器攻击,TeamTNT黑产攻击方法揭秘 (2021-10-20)
- DockerHub再现百万下载量黑产镜像,小心你的容器被挖矿 (2021-08-30)
- TeamTNT团伙对Docker主机发起攻击活动,植入挖矿木马 (2020-08-04)
- TeamTNT with new campaign aka "Chimaera" (2021-09-08)
- 再次捕获云上在野容器攻击,TeamTNT黑产攻击方法揭秘 (2021-10-20)
- DockerHub再现百万下载量黑产镜像,小心你的容器被挖矿 (2021-08-30)
- TeamTNT团伙对Docker主机发起攻击活动,植入挖矿木马 (2020-08-04)
- 再次捕获云上在野容器攻击,TeamTNT黑产攻击方法揭秘 (2021-10-20)
- DockerHub再现百万下载量黑产镜像,小心你的容器被挖矿 (2021-08-30)
- TeamTNT团伙对Docker主机发起攻击活动,植入挖矿木马 (2020-08-04)
- 再次捕获云上在野容器攻击,TeamTNT黑产攻击方法揭秘 (2021-10-20)
- DockerHub再现百万下载量黑产镜像,小心你的容器被挖矿 (2021-08-30)
- TeamTNT团伙对Docker主机发起攻击活动,植入挖矿木马 (2020-08-04)
- 再次捕获云上在野容器攻击,TeamTNT黑产攻击方法揭秘 (2021-10-20)
- DockerHub再现百万下载量黑产镜像,小心你的容器被挖矿 (2021-08-30)
- 再次捕获云上在野容器攻击,TeamTNT黑产攻击方法揭秘 (2021-10-20)
- DockerHub再现百万下载量黑产镜像,小心你的容器被挖矿 (2021-08-30)
- Team TNT – The First Crypto-Mining Worm to Steal AWS Credentials (2020-08-16)
- 再次捕获云上在野容器攻击,TeamTNT黑产攻击方法揭秘 (2021-10-20)
- DockerHub再现百万下载量黑产镜像,小心你的容器被挖矿 (2021-08-30)
- 再次捕获云上在野容器攻击,TeamTNT黑产攻击方法揭秘 (2021-10-20)
- DockerHub再现百万下载量黑产镜像,小心你的容器被挖矿 (2021-08-30)
- 再次捕获云上在野容器攻击,TeamTNT黑产攻击方法揭秘 (2021-10-20)
- DockerHub再现百万下载量黑产镜像,小心你的容器被挖矿 (2021-08-30)
- 再次捕获云上在野容器攻击,TeamTNT黑产攻击方法揭秘 (2021-10-20)
- DockerHub再现百万下载量黑产镜像,小心你的容器被挖矿 (2021-08-30)
- 再次捕获云上在野容器攻击,TeamTNT黑产攻击方法揭秘 (2021-10-20)
- DockerHub再现百万下载量黑产镜像,小心你的容器被挖矿 (2021-08-30)
-
-
Uncategorized
-
Uncategorized
-
Sub Categories
Keywords
kubernetes
8
security
7
containers
4
container-security
4
cloud-native
3
kubernetes-security
3
penetration-testing-tools
2
vulnerabilities
2
docker
2
cloud-native-security
2
agent
1
rasp
1
linux-security
1
hids
1
edr
1
cwpp
1
rbac
1
conjbot
1
authorization
1
openshift
1
penetration
1
kube-bench
1
cis-security
1
cis-kubernetes-benchmark
1
cis-benchmark
1
privilege-escalation
1
runtime-security
1
checklist
1
devsecops
1
falco
1
ebpf
1
requirments
1
cncf-project
1
cncf
1
kubelet
1
hacktools
1
exploits
1
container-escape
1
container
1
hitb
1
blackhat
1
tool
1
pentest
1
image-security
1
k8s
1
containerd
1
k8s-penetration-toolkit
1
cloud-security
1
kernel-exploitation
1
kubernetes-clusters
1