Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/Bywalks/K8s-Mind-Map
K8S安全攻防思维导图 | Docker安全攻防思维导图
https://github.com/Bywalks/K8s-Mind-Map
Last synced: about 1 month ago
JSON representation
K8S安全攻防思维导图 | Docker安全攻防思维导图
- Host: GitHub
- URL: https://github.com/Bywalks/K8s-Mind-Map
- Owner: Bywalks
- Created: 2022-06-22T08:50:31.000Z (over 2 years ago)
- Default Branch: main
- Last Pushed: 2022-06-22T09:23:16.000Z (over 2 years ago)
- Last Synced: 2024-08-03T14:07:29.626Z (4 months ago)
- Homepage:
- Size: 1.35 MB
- Stars: 413
- Watchers: 5
- Forks: 26
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- awesome-hacking-lists - Bywalks/K8s-Mind-Map - K8S安全攻防思维导图 | Docker安全攻防思维导图 (Others)
README
# K8s-Mind-Map
K8S、Docker安全攻防思维导图。### Docker安全攻防 ###
![Docker安全攻防](./Docker安全攻防.png)
### Docker安全杂项 ###
![Docker安全杂项.png](./Docker安全杂项.png)
### K8S安全攻防 ###
![K8S安全攻防.png](./K8S安全攻防.png)
### K8S认证鉴权 ###
![K8S认证鉴权](./K8S认证鉴权.png)
### Reference ###
* [kubernetes集群渗透测试](https://www.freebuf.com/vuls/196993.html)
* [k8s渗透工具 - kube-hunter](https://github.com/aquasecurity/kube-hunter)
* [k8s渗透工具 - CDK](https://github.com/cdk-team/CDK)
* [服务网格](https://jimmysong.io/kubernetes-handbook/usecases/service-mesh.html)
* [k8s安全攻防 - etcd篇](https://javamana.com/2021/06/20210616193408465N.html)
* [A Methodology for Penetration Testing Docker Systems](https://www.cs.ru.nl/bachelors-theses/2020/Joren_Vrancken___4593847___A_Methodology_for_Penetration_Testing_Docker_Systems.pdf)
* [us-19-Edwards-Compendium-Of-Container-Escapes-up](https://i.blackhat.com/USA-19/Thursday/us-19-Edwards-Compendium-Of-Container-Escapes-up.pdf)
* [the-strange-case-of-how-we-escaped-the-docker-default-container](https://www.cyberark.com/resources/threat-research-blog/the-strange-case-of-how-we-escaped-the-docker-default-container)
* [kubernetes-pentest-methodology-part-3](https://www.cyberark.com/resources/threat-research-blog/kubernetes-pentest-methodology-part-3)
* [securing-kubernetes-clusters-by-eliminating-risky-permissions](https://www.cyberark.com/resources/threat-research-blog/securing-kubernetes-clusters-by-eliminating-risky-permissions)
* [RBAC Authorization](https://kubernetes.io/docs/reference/access-authn-authz/rbac/)
* [K8s渗透测试之kube-apiserver利用](https://www.cdxy.me/?p=839)
* [pentesting-kubernetes](https://book.hacktricks.xyz/pentesting/pentesting-kubernetes#discover-secrets-in-etcd)
* [CVE - KubernetesKubernetes](https://www.cvedetails.com/product/34016/KubernetesKubernetes.html?vendor_id=15867)
* [云上容器ATT&CK攻防矩阵](https://developer.aliyun.com/article/765449?groupCode=aliyunsecurity)
* [managing-secret-using-kubectl](https://kubernetes.io/zh/docs/tasks/configmap-secret/managing-secret-using-kubectl/)
* [11-ways-to-not-become-a-victim-of-hacking-in-Kubernetes](https://sudonull.com/post/13499-11-ways-to-not-become-a-victim-of-hacking-in-Kubernetes)
* [Metarget - 云原生攻防靶场](https://mp.weixin.qq.com/s?__biz=MzIyODYzNTU2OA==&mid=2247489415&idx=1&sn=4aea7b7ecff51710c79037ab07a889bc)
* [云基础知识](https://github.com/tom0li/collection-document#%E4%BA%91%E5%9F%BA%E7%A1%80%E7%9F%A5%E8%AF%86)