kubernetes goat v2.2 releases: “Vulnerable by Design” Kubernetes Cluster
Kubernetes Goat
The Kubernetes Goat designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security.
🏁 Scenarios
- Sensitive keys in codebases
- DIND (docker-in-docker) exploitation
- SSRF in the Kubernetes (K8S) world
- Container escape to the host system
- Docker CIS benchmarks analysis
- Kubernetes CIS benchmarks analysis
- Attacking private registry
- NodePort exposed services
- Helm v2 tiller to PwN the cluster – [Deprecated]
- Analyzing crypto miner container
- Kubernetes namespaces bypass
- Gaining environment information
- DoS the Memory/CPU resources
- Hacker container preview
- Hidden in layers
- RBAC least privileges misconfiguration
- KubeAudit – Audit Kubernetes clusters
- Falco – Runtime security monitoring & detection
- Popeye – A Kubernetes cluster sanitizer
- Secure network boundaries using NSP
Changelog v2.2
- Corrected the Version_id by @hexachordanu in #68
- Update why.md by @malwareowl in #77
- Minor spelling and a wording change. by @phpsystems in #76
- Update scenario-20.md by @malwareowl in #75
- Update scenario-2.md by @phpsystems in #72
- Update README.md by @malwareowl in #73
- Update scenario-3.md by @phpsystems in #74
- Update scenario-19.md by @malwareowl in #78
- Update scenario-4.md by @malwareowl in #79
- Change Content-Type suggestion by @adamhurm in #82
- Duct tape fix for broken gotty arm binary by @ravenium in #83
- make setup-kubernetes-goat.sh executable by @AmeerAssadi in #88
- Bump express from 4.17.1 to 4.17.3 in /infrastructure/internal-api/code by @dependabot in #90
- Bump qs and body-parser in /infrastructure/internal-api/code by @dependabot in #92
- fix scenarios/kube-bench-security run error. by @bzd111 in #91
- Add How to Run doc for AWS and fix SSRF scenario pod by @suneshgovind in #94
- updated the docs docusaurus configs and metadata by @madhuakula in #98
- Fixed broken links by @madhuakula in #99
- fix broken links by @madhuakula in #100
- Added Scenario-21 Cilium Tetragon – eBPF-based Security Observability and Runtime Enforcement by @madhuakula in #101
Install & Use
Copyright (c) 2020 Madhu Akula