Red Team K8S Adversary Emulation Based on kubectl
Red Kube is a collection of kubectl commands to be used in k8s penetration testing or k8s security audit. The project helps achieve the right point of view for your Kubernetes Security Posture from the attacker’s perspective by leveraging the extensive capabilities in kubectl and Linux commands.
The commands are either active or passive with mapping to the MITRE ATT&CK Matrix.
The project uses python3 to orchestrate the running commands in Linux.
Warning: You should NOT use red-kube commands on a Kubernetes cluster that you don’t own!
Commands by MITRE ATT&CK Tactics
| Tactic | Count |
|---|---|
| Reconnaissance | 2 |
| Initial Access | 0 |
| Execution | 0 |
| Persistence | 2 |
| Privilege Escalation | 4 |
| Defense Evasion | 1 |
| Credential Access | 8 |
| Discovery | 15 |
| Lateral Movement | 0 |
| Collection | 1 |
| Command and Control | 2 |
| Exfiltration | 1 |
| Impact | 0 |
Install
Copyright (C) 2020 azarzar15
