Forwarded from Reconshell
Kubei - Kubernetes Runtime Vulnerabilities Scanner
#Kubernetes #Vulnerabilities #Scanner #Kubei
https://reconshell.com/kubei-kubernetes-runtime-vulnerabilities-scanner/
#Kubernetes #Vulnerabilities #Scanner #Kubei
https://reconshell.com/kubei-kubernetes-runtime-vulnerabilities-scanner/
Penetration Testing Tools, ML and Linux Tutorials
Kubei - Kubernetes Runtime Vulnerabilities Scanner - Penetration Testing Tools, ML and Linux Tutorials
Kubei is a flexible Kubernetes runtime scanner, scanning images of worker and Kubernetes nodes providing accurate vulnerabilities assessment, for more
> kubectl get secrets
> kubectl get secret {mysecret} -o json | jq '.data'
{
"api-key": "c2VjcmV0LWFwaS1rZXk=",
"password": "c2VjcmV0LXBhc3N3b3Jk"
}
You need the the eks:DescribeCluster and eks:ListClusters AWS Identity and Access Management (IAM) policy, which allows you to list all of the Amazon EKS clusters in your AWS account.
AWS Policy example
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"eks:DescribeCluster",
"eks:ListClusters"
],
"Resource": "*"
}
]
}
> aws eks list-clusters
> aws eks update-kubeconfig --name {name}
> gcloud container clusters list
> gcloud container clusters get-credentials <CLUSTER_NAME>
> az aks list
> az group list
> az aks get-credentials --name <CLUSTER_NAME> --resource-group <RESOURCE_GROUP_NAME>
#kubernetes
> kubectl get secret {mysecret} -o json | jq '.data'
{
"api-key": "c2VjcmV0LWFwaS1rZXk=",
"password": "c2VjcmV0LXBhc3N3b3Jk"
}
You need the the eks:DescribeCluster and eks:ListClusters AWS Identity and Access Management (IAM) policy, which allows you to list all of the Amazon EKS clusters in your AWS account.
AWS Policy example
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"eks:DescribeCluster",
"eks:ListClusters"
],
"Resource": "*"
}
]
}
> aws eks list-clusters
> aws eks update-kubeconfig --name {name}
> gcloud container clusters list
> gcloud container clusters get-credentials <CLUSTER_NAME>
> az aks list
> az group list
> az aks get-credentials --name <CLUSTER_NAME> --resource-group <RESOURCE_GROUP_NAME>
#kubernetes
#kubernetes #full #will_be_updated
Interesting talks:
1) https://www.youtube.com/watch?v=vTgQLzeBfRU&t=2119s
2) https://www.youtube.com/watch?v=fVqCAUJiIn0&t=1637s
3) https://www.youtube.com/watch?v=dxKpCO2dAy8
4) Kubernetes Goat - https://youtu.be/5ojho4L6Xfo
5) На русском: https://youtu.be/MwVXWU324XY
6) https://youtu.be/Ek1oaGwfli0
7) https://youtu.be/PZBLOCSmeiA
8) https://youtu.be/JoLgVBTc73c
9) https://youtu.be/LtCx3zZpOfs
10) https://youtu.be/UdMFTdeAL1s
11) https://youtu.be/xDj4_ZI1Y9A
12) https://youtu.be/iD_klswHJQs
13) https://youtu.be/1w_t6mOaOq4
· https://microsoft.github.io/Threat-Matrix-for-Kubernetes/
· https://infosecwriteups.com/attacking-kubernetes-part-1-9192886b09c5
· https://labs.withsecure.com/publications/attacking-kubernetes-through-kubelet
· https://www.cyberark.com/resources/threat-research-blog/kubernetes-pentest-methodology-part-1
· https://www.cyberark.com/resources/threat-research-blog/kubernetes-pentest-methodology-part-2
· https://www.cyberark.com/resources/threat-research-blog/kubernetes-pentest-methodology-part-3
· https://lobuhisec.medium.com/kubernetes-pentest-recon-checklist-tools-and-resources-30d8e4b69463
· https://madhuakula.com/content/attacking-and-auditing-docker-containers-using-opensource/
· https://cloudsecdocs.com/container_security/offensive/
· https://tbhaxor.com/container-breakout-part-1/
· https://habr.com/ru/company/flant/blog/465141/
· https://habr.com/ru/company/southbridge/blog/655409/
· https://habr.com/ru/company/southbridge/blog/507656/
· https://github.com/g3rzi/HackingKubernetes
· https://gitlab.com/pentest-tools/PayloadsAllTheThings/-/tree/master/Kubernetes
https://www.microsoft.com/en-us/security/blog/2021/03/23/secure-containerized-environments-with-updated-threat-matrix-for-kubernetes/
https://t.me/k8security/756
Course Youtube:
· https://www.youtube.com/@MrIntern/videos
· https://youtu.be/W1eiMWGZwKo
· https://www.youtube.com/@learnwithgvr
· https://www.youtube.com/@learnwithggs6888
HTB:
· https://0xdf.gitlab.io/2021/09/04/htb-unobtainium.html
· https://0xdf.gitlab.io/2022/02/14/htb-steamcloud.html
Goat:
· https://madhuakula.com/kubernetes-goat/
· https://madhuakula.com/content/attacking-and-auditing-docker-containers-using-opensource/
CloudTricks:
· https://cloud.hacktricks.xyz/pentesting-cloud/
CTF:
· https://hackernoon.com/capturing-all-the-flags-in-bsidessf-ctf-by-pwning-our-infrastructure-3570b99b4dd0
Tools:
https://github.com/inguardians/peirates
https://github.com/cdk-team/CDK
https://github.com/cyberark/kubesploit
https://github.com/aquasecurity/kube-hunter
https://github.com/aquasecurity/kube-bench
https://github.com/quarkslab/kdigger
https://github.com/kubescape/kubescape
https://github.com/controlplaneio/kubesec
https://github.com/brompwnie/botb
https://github.com/ctrsploit/ctrsploit
https://github.com/dev-sec/cis-kubernetes-benchmark
https://github.com/dev-sec/cis-docker-benchmark
https://github.com/deepfence/SecretScanner
https://github.com/GitGuardian/ggshield
https://github.com/hadolint/hadolint
https://github.com/goodwithtech/dockle
https://github.com/aquasecurity/trivy
https://github.com/stealthcopter/deepce
https://github.com/Ullaakut/Gorsair
https://github.com/anchore/grype
https://github.com/liamg/traitor
https://github.com/chen-keinan/kube-beacon
https://github.com/cyberark/kubernetes-rbac-audit
Interesting talks:
1) https://www.youtube.com/watch?v=vTgQLzeBfRU&t=2119s
2) https://www.youtube.com/watch?v=fVqCAUJiIn0&t=1637s
3) https://www.youtube.com/watch?v=dxKpCO2dAy8
4) Kubernetes Goat - https://youtu.be/5ojho4L6Xfo
5) На русском: https://youtu.be/MwVXWU324XY
6) https://youtu.be/Ek1oaGwfli0
7) https://youtu.be/PZBLOCSmeiA
8) https://youtu.be/JoLgVBTc73c
9) https://youtu.be/LtCx3zZpOfs
10) https://youtu.be/UdMFTdeAL1s
11) https://youtu.be/xDj4_ZI1Y9A
12) https://youtu.be/iD_klswHJQs
13) https://youtu.be/1w_t6mOaOq4
· https://microsoft.github.io/Threat-Matrix-for-Kubernetes/
· https://infosecwriteups.com/attacking-kubernetes-part-1-9192886b09c5
· https://labs.withsecure.com/publications/attacking-kubernetes-through-kubelet
· https://www.cyberark.com/resources/threat-research-blog/kubernetes-pentest-methodology-part-1
· https://www.cyberark.com/resources/threat-research-blog/kubernetes-pentest-methodology-part-2
· https://www.cyberark.com/resources/threat-research-blog/kubernetes-pentest-methodology-part-3
· https://lobuhisec.medium.com/kubernetes-pentest-recon-checklist-tools-and-resources-30d8e4b69463
· https://madhuakula.com/content/attacking-and-auditing-docker-containers-using-opensource/
· https://cloudsecdocs.com/container_security/offensive/
· https://tbhaxor.com/container-breakout-part-1/
· https://habr.com/ru/company/flant/blog/465141/
· https://habr.com/ru/company/southbridge/blog/655409/
· https://habr.com/ru/company/southbridge/blog/507656/
· https://github.com/g3rzi/HackingKubernetes
· https://gitlab.com/pentest-tools/PayloadsAllTheThings/-/tree/master/Kubernetes
https://www.microsoft.com/en-us/security/blog/2021/03/23/secure-containerized-environments-with-updated-threat-matrix-for-kubernetes/
https://t.me/k8security/756
Course Youtube:
· https://www.youtube.com/@MrIntern/videos
· https://youtu.be/W1eiMWGZwKo
· https://www.youtube.com/@learnwithgvr
· https://www.youtube.com/@learnwithggs6888
HTB:
· https://0xdf.gitlab.io/2021/09/04/htb-unobtainium.html
· https://0xdf.gitlab.io/2022/02/14/htb-steamcloud.html
Goat:
· https://madhuakula.com/kubernetes-goat/
· https://madhuakula.com/content/attacking-and-auditing-docker-containers-using-opensource/
CloudTricks:
· https://cloud.hacktricks.xyz/pentesting-cloud/
CTF:
· https://hackernoon.com/capturing-all-the-flags-in-bsidessf-ctf-by-pwning-our-infrastructure-3570b99b4dd0
Tools:
https://github.com/inguardians/peirates
https://github.com/cdk-team/CDK
https://github.com/cyberark/kubesploit
https://github.com/aquasecurity/kube-hunter
https://github.com/aquasecurity/kube-bench
https://github.com/quarkslab/kdigger
https://github.com/kubescape/kubescape
https://github.com/controlplaneio/kubesec
https://github.com/brompwnie/botb
https://github.com/ctrsploit/ctrsploit
https://github.com/dev-sec/cis-kubernetes-benchmark
https://github.com/dev-sec/cis-docker-benchmark
https://github.com/deepfence/SecretScanner
https://github.com/GitGuardian/ggshield
https://github.com/hadolint/hadolint
https://github.com/goodwithtech/dockle
https://github.com/aquasecurity/trivy
https://github.com/stealthcopter/deepce
https://github.com/Ullaakut/Gorsair
https://github.com/anchore/grype
https://github.com/liamg/traitor
https://github.com/chen-keinan/kube-beacon
https://github.com/cyberark/kubernetes-rbac-audit
YouTube
Hacking and Hardening Kubernetes Clusters by Example [I] - Brad Geesaman, Symantec
Hacking and Hardening Kubernetes Clusters by Example [I] - Brad Geesaman, Symantec
While Kubernetes offers new and exciting ways to deploy and scale container-based workloads in production, many organizations may not be aware of the security risks inherent…
While Kubernetes offers new and exciting ways to deploy and scale container-based workloads in production, many organizations may not be aware of the security risks inherent…