k0otkit is a universal post-penetration technique which could be used in penetrations against Kubernetes clusters.
☆301Aug 30, 2021Updated 4 years ago
Alternatives and similar repositories for k0otkit
Users that are interested in k0otkit are comparing it to the libraries listed below
Sorting:
- Metarget is a framework providing automatic constructions of vulnerable infrastructures.☆1,369Apr 16, 2025Updated 10 months ago
- awesome resources about cloud native security 🐿☆323Nov 4, 2023Updated 2 years ago
- 📦 Make security testing of K8s, Docker, and Containerd easier.☆4,562Updated this week
- (周瑜)Java - SpringBoot 持久化 WebShell(不仅仅是SpringBoot,适合任何符合JavaEE规范的服务)☆615Dec 29, 2021Updated 4 years ago
- 🌶 一些和容器化/容器编排/服务网格等技术相关的安全代码片段[自用备份]☆81Jul 23, 2021Updated 4 years ago
- [WIP] 整理过去我和K8s、容器、虚拟化相关的分享 🧐☆3,146Nov 6, 2025Updated 3 months ago
- 阿里云ECS、策略组辅助小工具☆881Mar 2, 2023Updated 2 years ago
- 模拟Cobalt Strike�的Beacon与C2通信过程,实现了基于HTTP协议的Linux C2☆141Jun 25, 2020Updated 5 years ago
- Burp suite 分块传输辅助插件☆2,022Feb 23, 2022Updated 4 years ago
- 《云原生安全:攻防实践与体系构建》资料仓库☆780Feb 19, 2023Updated 3 years ago
- ☆16Jan 5, 2021Updated 5 years ago
- Java RCE 回显测试代码☆1,016Oct 15, 2020Updated 5 years ago
- Kubernetes security notes and best practices☆726Apr 15, 2022Updated 3 years ago
- ServerScan一款使用Golang开发的高并发网络扫描、服务探测工具。☆1,635Jun 16, 2024Updated last year
- TerraformGoat is HXSecurity research lab's "Vulnerable by Design" multi cloud deployment tool.☆627Nov 30, 2022Updated 3 years ago
- ☆153Jun 24, 2019Updated 6 years ago
- 利用任意文件下载漏洞循环下载反编译 Class 文件获得网站 Java 源代码☆711May 10, 2021Updated 4 years ago
- 适用于weblogic和Tomcat的无文件的内存马(memshell)☆269Mar 4, 2022Updated 3 years ago
- A helpful Java Deserialization exploit framework.☆1,240Feb 17, 2025Updated last year
- WINDOWS TELEMETRY权限维持☆257Jul 2, 2020Updated 5 years ago
- 总结了20+.Net反序列化文章,持续更新☆748Apr 3, 2024Updated last year
- 一个各种方式突破Disable_functions达到命令执行的shell☆1,198Oct 17, 2023Updated 2 years ago
- 基于亚马逊S3\阿里云OSS\腾讯COS通信隧道的远程管理工具☆327Oct 10, 2020Updated 5 years ago
- Bypass firewall for traffic forwarding using webshell☆1,430Sep 29, 2021Updated 4 years ago
- A Bypass Anti-virus Software Lateral Movement Command Execution Tool☆1,464Jan 20, 2025Updated last year
- Hyuga is a tool for monitoring Out-of-Band (OOB) traffic, supporting DNS, HTTP, LDAP, RMI, and DNS-Rebinding。🪤☆538Dec 27, 2025Updated 2 months ago
- 一个利用ASM对字节码进行污点传播分析的静态代码审计应用(添加了大量代码注释,适合大家进行源码学习)。也加入了挖掘Fastjson反序列化gadget chains和SQLInject(JdbcTemplate、MyBatis、JPA、Hibernate、原生jdbc等)静…☆458Mar 24, 2022Updated 3 years ago
- 红队作战中比较常遇到的一些�重点系统漏洞整理。☆2,522Jul 17, 2021Updated 4 years ago
- a PoC for Linux to get around agents that log commands being executed, without root privilege. Linux低权限模糊化执行的程序名和参数,避开基于execve系统调用监控的命令日志☆245May 8, 2019Updated 6 years ago
- Elkeid is an open source solution that can meet the security requirements of various workloads such as hosts, containers and K8s, and ser…☆2,559Updated this week
- attackRmi☆258Oct 14, 2020Updated 5 years ago
- Flask 内存马☆313Mar 26, 2021Updated 4 years ago
- 这是一个抓取浏览器密码的工具,后续会添加更多功能☆1,456May 21, 2022Updated 3 years ago
- 这是一个一键辅助抓取360安全浏览器密码的CobaltStrike脚本以及解密小工具,用于节省红队工作量,通过下载浏览器数据库、记录密钥来离线解密浏览器密码。☆638Apr 4, 2021Updated 4 years ago
- docker container escape check || Docker 容器逃逸检测☆653Apr 19, 2022Updated 3 years ago
- Weblogic环境搭建工具☆796Apr 23, 2020Updated 5 years ago
- a webshell resides in the memory of java web server☆699Jun 26, 2018Updated 7 years ago
- sharpwmi是一个基于rpc的横向移动工具,具有上传文件和执行命令功能。☆716Aug 3, 2021Updated 4 years ago
- Collect JSP webshell of various implementation methods. 梳理和发现的JSP Webshell各种姿势☆1,404Jan 18, 2022Updated 4 years ago