k0otkit is a universal post-penetration technique which could be used in penetrations against Kubernetes clusters.
☆301Aug 30, 2021Updated 4 years ago
Alternatives and similar repositories for k0otkit
Users that are interested in k0otkit are comparing it to the libraries listed below
Sorting:
- Metarget is a framework providing automatic constructions of vulnerable infrastructures.☆1,372Apr 16, 2025Updated 11 months ago
- awesome resources about cloud native security 🐿☆326Nov 4, 2023Updated 2 years ago
- 📦 Make security testing of K8s, Docker, and Containerd easier.☆4,583Feb 23, 2026Updated 3 weeks ago
- 🌶 一些和容器化/容器编排/服务网格等技术相关的安全代码片段[自用备份]☆81Jul 23, 2021Updated 4 years ago
- (周瑜)Java - SpringBoot 持久化 WebShell(不仅仅是SpringBoot,适合任何符合JavaEE规范的服务)☆614Dec 29, 2021Updated 4 years ago
- [WIP] 整理过去我和K8s、容器、虚拟化相关的分享 🧐☆3,151Nov 6, 2025Updated 4 months ago
- ☆16Jan 5, 2021Updated 5 years ago
- 《云原生安全:攻防实践与体系构建》资料仓库☆779Feb 19, 2023Updated 3 years ago
- 阿里云ECS、策略组辅助小工具☆880Mar 2, 2023Updated 3 years ago
- Burp suite 分块传输辅助插件☆2,026Feb 23, 2022Updated 4 years ago
- 模拟Cobalt Strike�的Beacon与C2通信过程,实现了基于HTTP协议的Linux C2☆141Jun 25, 2020Updated 5 years ago
- ☆153Jun 24, 2019Updated 6 years ago
- Java RCE 回显测试代码☆1,015Oct 15, 2020Updated 5 years ago
- TerraformGoat is HXSecurity research lab's "Vulnerable by Design" multi cloud deployment tool.☆631Nov 30, 2022Updated 3 years ago
- a PoC for Linux to get around agents that log commands being executed, without root privilege. Linux低权限模糊化执行的程序名和参数,避开基于execve系统调用监控的命令日志☆245May 8, 2019Updated 6 years ago
- A helpful Java Deserialization exploit framework.☆1,242Feb 17, 2025Updated last year
- WINDOWS TELEMETRY权限维持☆258Jul 2, 2020Updated 5 years ago
- 一个利用ASM对字节码进行污点传播分析的静态代码审计应用(添加了大量代码注释,适合大家进行源码学习)。也加入了挖掘Fastjson反序列化gadget chains和SQLInject(JdbcTemplate、MyBatis、JPA、Hibernate、原生jdbc等)静…☆458Mar 24, 2022Updated 3 years ago
- Kubernetes security notes and best practices☆729Apr 15, 2022Updated 3 years ago
- 利用任意文件下载漏洞循环下载反编译 Class 文件获得网站 Java 源代码☆712May 10, 2021Updated 4 years ago
- ServerScan一款使用Golang开发的高并发网络扫描、服务探测工具。☆1,634Jun 16, 2024Updated last year
- Kubernetes POC for utilizing write mount to /var/log for getting a root on the host☆100Nov 18, 2020Updated 5 years ago
- docker container escape check || Docker 容器逃逸检测☆652Apr 19, 2022Updated 3 years ago
- 一些Java RASP demo☆11Sep 26, 2019Updated 6 years ago
- 一个各种方式突破Disable_functions达到命令执行的shell☆1,198Oct 17, 2023Updated 2 years ago
- 总结了20+.Net反序列化文章,持续更新☆749Apr 3, 2024Updated last year
- A Bypass Anti-virus Software Lateral Movement Command Execution Tool☆1,464Jan 20, 2025Updated last year
- Flask 内存马☆314Mar 26, 2021Updated 4 years ago
- Some payloads of JNDI Injection in JDK 1.8.0_191+☆484Dec 9, 2020Updated 5 years ago
- 适用于weblogic和Tomcat的无文件的内存马(memshell)☆270Mar 4, 2022Updated 4 years ago
- Elkeid is an open source solution that can meet the security requirements of various workloads such as hosts, containers and K8s, and ser…☆2,606Mar 9, 2026Updated last week
- attackRmi☆258Oct 14, 2020Updated 5 years ago
- JNDI服务利用工具 RMI/LDAP,支持部分场景回显、内存shell,高版本JDK场景下利用等,fastjson rce命令执行,log4j rce命令执行 漏洞检测辅助工具☆2,014May 21, 2024Updated last year
- Hyuga is a tool for monitoring Out-of-Band (OOB) traffic, supporting DNS, HTTP, LDAP, RMI, and DNS-Rebinding。🪤☆538Dec 27, 2025Updated 2 months ago
- 六大云存储,泄露利用检测工具☆1,245Mar 28, 2025Updated 11 months ago
- 基于亚马逊S3\阿里云OSS\腾讯COS通信隧道的远程管理工具☆328Oct 10, 2020Updated 5 years ago
- veinmind-tools 是由长亭科技自研,基于 veinmind-sdk 打造的容器安全工具集☆1,646Jan 10, 2024Updated 2 years ago
- 红队作战中比较常遇到的一些重点系统漏洞整理。☆2,521Jul 17, 2021Updated 4 years ago
- a webshell resides in the memory of java web server☆700Jun 26, 2018Updated 7 years ago