Lucene search

K
kitploitKitPloitKITPLOIT:735246896490596516
HistoryNov 18, 2021 - 8:30 p.m.

Kubernetes-Goat - Is A "Vulnerable By Design" Kubernetes Cluster. Designed To Be An Intentionally Vulnerable Cluster Environment To Learn And Practice Kubernetes Security

2021-11-1820:30:00
www.kitploit.com
98

The Kubernetes Goat is designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security.

Refer to <https://madhuakula.com/kubernetes-goat&gt; for the guide.

**Show us some **

Please feel free to send us a PR and show some

**

Upcoming Training’s and Sessions

**

DEFCON DEMO Labs

Cloud Village - DEFCON

Recent Kubernetes Goat Presentations

OWASP Bay Area Meetup

DEFCON Red Team Village

**

Just click and Play in the browser for free using Katacoda Playground - Try now

**

<https://katacoda.com/madhuakula/scenarios/kubernetes-goat&gt;

**

Setting up Kubernetes Goat

**

Kubernetes Goat - KIND setup

  • If you want to setup Kubernetes Goat using KIND, refer to kind-setup

**

Scenarios

**

  1. Sensitive keys in code-bases
  2. DIND (docker-in-docker) exploitation
  3. SSRF in K8S world
  4. Container escape to access host system
  5. Docker CIS Benchmarks analysis
  6. Kubernetes CIS Benchmarks analysis
  7. Attacking private registry
  8. NodePort exposed services
  9. Helm v2 tiller to PwN the cluster
  10. Analysing crypto miner container
  11. Kubernetes Namespaces bypass
  12. Gaining environment information
  13. DoS the memory/CPU resources
  14. Hacker Container preview
  15. Hidden in layers
  16. RBAC Least Privileges Misconfiguration
  17. KubeAudit - Audit Kubernetes Clusters
  18. Sysdig Falco - Runtime Security Monitoring & Detection
  19. Popeye - A Kubernetes Cluster Sanitizer
  20. Secure network boundaries using NSP

**

Showcase

**

**

Disclaimer

**

> Kubernetes Goat creates intentionally vulnerable resources into your cluster. DO NOT deploy Kubernetes Goat in a production environment or alongside any sensitive cluster resources.

> Kubernetes Goat comes with absolutely no warranties whatsoever. By using Kubernetes Goat, you take full responsibility for all outcomes that result.

Download Kubernetes-Goat