k0otkit is a universal post-penetration technique which could be used in penetrations against Kubernetes clusters.
☆301Aug 30, 2021Updated 4 years ago
Alternatives and similar repositories for k0otkit
Users that are interested in k0otkit are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Metarget is a framework providing automatic constructions of vulnerable infrastructures.☆1,394Apr 16, 2025Updated last year
- awesome resources about cloud native security 🐿☆328Nov 4, 2023Updated 2 years ago
- 📦 Make security testing of K8s, Docker, and Containerd easier.☆4,670May 1, 2026Updated last month
- 🌶 一些和容器化/容器编排/服务网格等技术相关的安全代码片段[自用备份]☆81Jul 23, 2021Updated 4 years ago
- (周瑜)Java - SpringBoot 持久化 WebShell(不仅仅是SpringBoot,适合任何符合JavaEE规范的服务)☆615Dec 29, 2021Updated 4 years ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- [WIP] 整理过去我和K8s、容器、虚拟化相关的分享 🧐☆3,161Nov 6, 2025Updated 7 months ago
- ☆16Jan 5, 2021Updated 5 years ago
- 《云原生安全:攻防实践与体系构建》资料仓库☆777Feb 19, 2023Updated 3 years ago
- 阿里云ECS、策略组辅助小工具☆882Mar 2, 2023Updated 3 years ago
- Burp suite 分块传输辅助插件☆2,034Feb 23, 2022Updated 4 years ago
- 模拟Cobalt Strike的Beacon与C2通信过程,实现了基于HTTP协议的Linux C2☆141Jun 25, 2020Updated 5 years ago
- ☆153Jun 24, 2019Updated 6 years ago
- Java RCE 回显测试代码☆1,013Oct 15, 2020Updated 5 years ago
- TerraformGoat is HXSecurity research lab's "Vulnerable by Design" multi cloud deployment tool.☆637Nov 30, 2022Updated 3 years ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- a PoC for Linux to get around agents that log commands being executed, without root privilege. Linux低权限模糊化执行的程序名和参数,避开基于execve系统调用监控的命令日志☆244May 8, 2019Updated 7 years ago
- A helpful Java Deserialization exploit framework.☆1,240Feb 17, 2025Updated last year
- WINDOWS TELEMETRY权限维持☆258Jul 2, 2020Updated 5 years ago
- Kubernetes security notes and best practices☆731Apr 15, 2022Updated 4 years ago
- 一个利用ASM对字节码进行污点传播分析的静态代码审计应用(添加了大量代码注释,适合大家进行源码学习)。也加入了挖掘Fastjson反序列化gadget chains和SQLInject(JdbcTemplate、MyBatis、JPA、Hibernate、原生jdbc等)静…☆457Mar 24, 2022Updated 4 years ago
- Kubernetes POC for utilizing write mount to /var/log for getting a root on the host☆100Nov 18, 2020Updated 5 years ago
- 利用任意文件下载漏洞循环下载反编译 Class 文件获得网站 Java 源代码☆714May 10, 2021Updated 5 years ago
- ServerScan一款使用Golang开发的高并发网络扫描、服务探测工具。☆1,647Jun 16, 2024Updated last year
- docker container escape check || Docker 容器逃逸检测☆662Apr 19, 2022Updated 4 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- 一些Java RASP demo☆11Sep 26, 2019Updated 6 years ago
- 一个各种方式突破Disable_functions达到命令执行的shell☆1,195Oct 17, 2023Updated 2 years ago
- 总结了20+.Net反序列化文章,持续更新☆746Apr 3, 2024Updated 2 years ago
- A Bypass Anti-virus Software Lateral Movement Command Execution Tool☆1,465Jan 20, 2025Updated last year
- Flask 内存马☆314Mar 26, 2021Updated 5 years ago
- Some payloads of JNDI Injection in JDK 1.8.0_191+☆483Dec 9, 2020Updated 5 years ago
- 适用于weblogic和Tomcat的无文件的内存马(memshell)☆272Mar 4, 2022Updated 4 years ago
- Elkeid is an open source solution that can meet the security requirements of various workloads such as hosts, containers and K8s, and ser…☆2,641May 11, 2026Updated 3 weeks ago
- attackRmi☆258Oct 14, 2020Updated 5 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Hyuga is a tool for monitoring Out-of-Band (OOB) traffic, supporting DNS, HTTP, LDAP, RMI, and DNS-Rebinding。🪤☆540Dec 27, 2025Updated 5 months ago
- JNDI服务利用工具 RMI/LDAP,支持部分场景回显、内存shell,高版本JDK场景下利用等,fastjson rce命令执行,log4j rce命令执行 漏洞检测辅助工具☆2,018May 21, 2024Updated 2 years ago
- 基于亚马逊S3\阿里云OSS\腾讯COS通信隧道的远程管理工具☆328Oct 10, 2020Updated 5 years ago
- 六大云存储,泄露利用检测工具☆1,258Mar 28, 2025Updated last year
- veinmind-tools 是由长亭科技自研,基于 veinmind-sdk 打造的容器安全工具集☆1,648Jan 10, 2024Updated 2 years ago
- 红队作战中比较常遇到的一些重点系统漏洞整理。☆2,518Jul 17, 2021Updated 4 years ago
- CVE-2021-3156非交互式执行命令☆204Feb 9, 2021Updated 5 years ago