Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/Bywalks/K8s-Mind-Map

K8S安全攻防思维导图 | Docker安全攻防思维导图
https://github.com/Bywalks/K8s-Mind-Map

Last synced: about 1 month ago
JSON representation

K8S安全攻防思维导图 | Docker安全攻防思维导图

Awesome Lists containing this project

README

        

# K8s-Mind-Map
K8S、Docker安全攻防思维导图。

### Docker安全攻防 ###

![Docker安全攻防](./Docker安全攻防.png)

### Docker安全杂项 ###

![Docker安全杂项.png](./Docker安全杂项.png)

### K8S安全攻防 ###

![K8S安全攻防.png](./K8S安全攻防.png)

### K8S认证鉴权 ###

![K8S认证鉴权](./K8S认证鉴权.png)

### Reference ###
* [kubernetes集群渗透测试](https://www.freebuf.com/vuls/196993.html)
* [k8s渗透工具 - kube-hunter](https://github.com/aquasecurity/kube-hunter)
* [k8s渗透工具 - CDK](https://github.com/cdk-team/CDK)
* [服务网格](https://jimmysong.io/kubernetes-handbook/usecases/service-mesh.html)
* [k8s安全攻防 - etcd篇](https://javamana.com/2021/06/20210616193408465N.html)
* [A Methodology for Penetration Testing Docker Systems](https://www.cs.ru.nl/bachelors-theses/2020/Joren_Vrancken___4593847___A_Methodology_for_Penetration_Testing_Docker_Systems.pdf)
* [us-19-Edwards-Compendium-Of-Container-Escapes-up](https://i.blackhat.com/USA-19/Thursday/us-19-Edwards-Compendium-Of-Container-Escapes-up.pdf)
* [the-strange-case-of-how-we-escaped-the-docker-default-container](https://www.cyberark.com/resources/threat-research-blog/the-strange-case-of-how-we-escaped-the-docker-default-container)
* [kubernetes-pentest-methodology-part-3](https://www.cyberark.com/resources/threat-research-blog/kubernetes-pentest-methodology-part-3)
* [securing-kubernetes-clusters-by-eliminating-risky-permissions](https://www.cyberark.com/resources/threat-research-blog/securing-kubernetes-clusters-by-eliminating-risky-permissions)
* [RBAC Authorization](https://kubernetes.io/docs/reference/access-authn-authz/rbac/)
* [K8s渗透测试之kube-apiserver利用](https://www.cdxy.me/?p=839)
* [pentesting-kubernetes](https://book.hacktricks.xyz/pentesting/pentesting-kubernetes#discover-secrets-in-etcd)
* [CVE - KubernetesKubernetes](https://www.cvedetails.com/product/34016/KubernetesKubernetes.html?vendor_id=15867)
* [云上容器ATT&CK攻防矩阵](https://developer.aliyun.com/article/765449?groupCode=aliyunsecurity)
* [managing-secret-using-kubectl](https://kubernetes.io/zh/docs/tasks/configmap-secret/managing-secret-using-kubectl/)
* [11-ways-to-not-become-a-victim-of-hacking-in-Kubernetes](https://sudonull.com/post/13499-11-ways-to-not-become-a-victim-of-hacking-in-Kubernetes)
* [Metarget - 云原生攻防靶场](https://mp.weixin.qq.com/s?__biz=MzIyODYzNTU2OA==&mid=2247489415&idx=1&sn=4aea7b7ecff51710c79037ab07a889bc)
* [云基础知识](https://github.com/tom0li/collection-document#%E4%BA%91%E5%9F%BA%E7%A1%80%E7%9F%A5%E8%AF%86)