https://github.com/Kloudle/attacking-and-auditing-docker-containers-and-kubernetes-clusters-training

https://github.com/Kloudle/attacking-and-auditing-docker-containers-and-kubernetes-clusters-training

Last synced: 3 months ago
JSON representation

• Host: GitHub
• URL: https://github.com/Kloudle/attacking-and-auditing-docker-containers-and-kubernetes-clusters-training
• Owner: Kloudle
• License: mit
• Created: 2021-03-31T17:57:29.000Z (over 3 years ago)
• Default Branch: main
• Last Pushed: 2021-03-31T18:04:19.000Z (over 3 years ago)
• Last Synced: 2024-02-15T11:33:29.836Z (9 months ago)
• Language: Shell
• Size: 7.16 MB
• Stars: 11
• Watchers: 4
• Forks: 6
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: MIT-LICENSE.txt

Awesome Lists containing this project

• awesome-k8s-security - Attacking and Auditing Docker Containers and Kubernetes Clusters

README

        
# Attacking and Auditing Docker Containers and Kubernetes Clusters

![Attacking and Auditing Docker Containers and Kubernetes Clusters](github-images/k8s-docker-github-background.png)

## Introduction

The world is changing right in front of our eyes. The way we have been learning is going to be radically transformed by the time we all have eradicated COVID19 from our lives.

While we figure out what is the best way to transfer our knowledge to you, we realise that by the time world is out of the lockdown, a docker and kubernetes focussed pentesting training is likely going to be obsolete in parts.

So as a contribution towards the greater security community, we decided to open source the training.

Hope you enjoy this release and come back to us with questions, comments, feedback, new ideas or anything else that you want to let us know! Looking forward to hacking with all of you!

## Description

An organisation using microservices or any other distributed architecture rely heavily on containers and container orchestration engines like Kubernetes and as such its infrastructure security is paramount to its business operations.

This course will set the base for security testers and DevOps teams to test for common security vulnerabilities and configuration weaknesses across containerised environments and distributed systems. It also helps to understand approach and process to audit the Kubernetes environment for security posture.

The courseware is meant to introduce participants to container and cluster management with Kubernetes.

* The focus is on the security aspects of application and the container infrastructure

* The participants will learn the common tools and techniques that are used to attack applications running in containerized environments

* The participants will be introduced to Kubernetes and learn to assess the attack surfaces applicable for a given application on the cluster

* The participants will learn how to audit for security based on best practices using tools and custom scripts

## About this Repo

This repo contains all the material from our 3 day hands on training that we have delivered at security conferences and to our numerous clients.

The training requires following components

1. Lab manual (Documentation)

2. Docker Lab virtual machines

3. Intentionally vulnerable Kubernetes cluster (Google Cloud)

| Content       | Description                                                                 |

| ------------- | --------------------------------------------------------------------------- |

| `mdbook`      | Complete documentation for training                                         |

| `infra-setup` | Scripts for setting up vulnerable Kubernetes infrastructure in Google Cloud |

## Getting Started

1. Clone this repo

2. Start the mdBook server

3. Follow the mdbook

### Starting mdBook Server

* Install `mdbook` with `cargo` using below command. Also binaries and other methods of installation can be found at [mdBook docs](https://github.com/rust-lang/mdBook)

```

cargo install mdbook

```

* Start mdBook to serve locally

```

cd mdbook && mdbook serve

```

* Navigate to `http://localhost:3000`

## License

* Documentation and mdbook are released under [Creative Commons Attribution Share Alike 4.0 International](CC-BY-SA-LICENSE.txt)

* Lab material including any code, script are release under [MIT License](MIT-LICENSE.txt)

## About Kloudle

Kloudle is a Cloud-Native Security monitoring SaaS platform that provides visibility into your cloud environments and provides security assurance to its customers.

* https://kloudle.com

* https://kloudle.com/blog