The Kubernetes Goat is designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security.
Refer to https://madhuakula.com/kubernetes-goat for the guide.
Show us somePlease feel free to send us a PR and show some
Upcoming Training's and Sessions
DEFCON DEMO Labs
Cloud Village - DEFCON
Recent Kubernetes Goat Presentations
OWASP Bay Area Meetup
DEFCON Red Team Village
Just click and Play in the browser for free using Katacoda Playground - Try now
https://katacoda.com/madhuakula/scenarios/kubernetes-goat
Setting up Kubernetes Goat
- Before we set up the Kubernetes Goat, ensure that you have created and have admin access to the Kubernetes cluster
kubectl version --short- Set up the helm version 2 in your path as
helm2. Refer to helm releases for more information about setup
helm2 --help- Then finally setup Kubernetes Goat by running the following command
git clone https://github.com/madhuakula/kubernetes-goat.git
cd kubernetes-goat
bash setup-kubernetes-goat.sh- To export the ports/services locally to start learning, run the following command
bash access-kubernetes-goat.shKubernetes Goat - KIND setup
- If you want to setup Kubernetes Goat using KIND, refer to kind-setup
- Sensitive keys in code-bases
- DIND (docker-in-docker) exploitation
- SSRF in K8S world
- Container escape to access host system
- Docker CIS Benchmarks analysis
- Kubernetes CIS Benchmarks analysis
- Attacking private registry
- NodePort exposed services
- Helm v2 tiller to PwN the cluster
- Analysing crypto miner container
- Kubernetes Namespaces bypass
- Gaining environment information
- DoS the memory/CPU resources
- Hacker Container preview
- Hidden in layers
- RBAC Least Privileges Misconfiguration
- KubeAudit - Audit Kubernetes Clusters
- Sysdig Falco - Runtime Security Monitoring & Detection
- Popeye - A Kubernetes Cluster Sanitizer
- Secure network boundaries using NSP
Disclaimer
Kubernetes Goat creates intentionally vulnerable resources into your cluster. DO NOT deploy Kubernetes Goat in a production environment or alongside any sensitive cluster resources.
Kubernetes Goat comes with absolutely no warranties whatsoever. By using Kubernetes Goat, you take full responsibility for all outcomes that result.
You may be interested in:
>> Is a Chromebook worth replacing a Windows laptop?
>> Find out in detail the outstanding features of Google Pixel 4a
>> Top 7 best earbuds you should not miss
Related Posts:
>> Recognizing 12 Basic Body Shapes To Choose Better Clothes
>>Ranking the 10 most used smart technology devices
>> Top 5+ Best E-readers: Compact & Convenient Pen
0 Comments:
Post a Comment