danielsagi / kube-pod-escapeView external linksLinks
Kubernetes POC for utilizing write mount to /var/log for getting a root on the host
☆100Nov 18, 2020Updated 5 years ago
Alternatives and similar repositories for kube-pod-escape
Users that are interested in kube-pod-escape are comparing it to the libraries listed below
Sorting:
- ☆16Jan 5, 2021Updated 5 years ago
- 云原生安全漏洞收集☆18Jul 9, 2025Updated 7 months ago
- Spring Boot Actuator + Spring Cloud Vul Env☆19Dec 25, 2019Updated 6 years ago
- ☆14Jun 7, 2018Updated 7 years ago
- k0otkit is a universal post-penetration technique which could be used in penetrations against Kubernetes clusters.☆301Aug 30, 2021Updated 4 years ago
- Executes commands in a container on a kubelet endpoint that allows anonymous authentication (default)☆114Jan 14, 2019Updated 7 years ago
- A POC for DNS spoofing in kubernetes clusters. Runs with minimum capabilities, on default installations of kuberentes.☆78Aug 30, 2019Updated 6 years ago
- Post-exploit a compromised etcd, gain persistence and remote shell to nodes.☆91May 7, 2024Updated last year
- ☆271Jan 14, 2026Updated last month
- HTML5 WebSocket message fuzzer☆148Nov 23, 2018Updated 7 years ago
- 基于 puppeteer-core + chromium 的 XSS 机器人☆26Jun 27, 2019Updated 6 years ago
- 就是一个练习RMI反序列化的最简单环境☆30Jan 8, 2022Updated 4 years ago
- Code-Breaking Puzzles☆292Apr 6, 2025Updated 10 months ago
- A bunch of useful SSH tools for powershell☆120Oct 24, 2018Updated 7 years ago
- Peirates - Kubernetes Penetration Testing tool☆1,420Jan 20, 2026Updated 3 weeks ago
- flash 劫持轮子,CSRF,劫持,跳转,swf 有需求可以提issues ,src挖掘,劫持response☆86Nov 9, 2019Updated 6 years ago
- this is some scripts for pentesting zabbix server☆13Feb 25, 2018Updated 7 years ago
- rmi、jndi、ldap、jrmp、jmx、jms一些demo测试☆310Jun 17, 2022Updated 3 years ago
- book website☆73Feb 7, 2022Updated 4 years ago
- Apache Solr Injection Research☆579Jan 28, 2020Updated 6 years ago
- 🌶 一些和容器化/容器编排/服务网格等技术相关的安全代码片段[自用备份]☆81Jul 23, 2021Updated 4 years ago
- RCE in NPM VSCode Extension☆20Apr 11, 2021Updated 4 years ago
- CVE-2022-0185 exploit rewritten with pipe primitive☆17Apr 5, 2022Updated 3 years ago
- Going Florida on container keyring masks. A tool to demonstrate the ineffectivity containers have on isolating Linux Kernel keyrings.☆44Updated this week
- Multi-language web CGI interfaces exploits.☆399Aug 22, 2022Updated 3 years ago
- 快速获取图片的GPS和其拍摄地理位置☆20Feb 17, 2019Updated 7 years ago
- Cloud-related research releases from the Rhino Security Labs team.☆392Apr 23, 2020Updated 5 years ago
- CTF writeup for learning☆22Apr 6, 2021Updated 4 years ago
- Tomcat基于动态注册Filter的无文件Webshell☆26Jun 20, 2020Updated 5 years ago
- CVE-2020-10749 PoC (Kubernetes MitM attacks via IPv6 rogue router advertisements)☆25Jun 11, 2020Updated 5 years ago
- Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang, focused on containerized en…☆1,214Feb 3, 2025Updated last year
- Python script to give you subsets of the nmap "top-ports". For example, I want the 10th to 100th most common TCP ports. Spits out a comma…☆18Mar 8, 2020Updated 5 years ago
- MQTT Load Tester and Monitoring Tool☆12Aug 4, 2023Updated 2 years ago
- a webshell resides in the memory of java web server☆699Jun 26, 2018Updated 7 years ago
- Probe endpoints consuming Java serialized objects to identify classes, libraries, and library versions on remote Java classpaths.☆613Mar 4, 2021Updated 4 years ago
- Use java instrument API without JAR file☆47Jun 19, 2022Updated 3 years ago
- 记录流量的http(s)代理+分布式被动漏洞扫描☆24Jun 30, 2019Updated 6 years ago
- Example of passing file descriptors into a container to perform a privilege escalation on the host☆24Jul 3, 2020Updated 5 years ago
- ☆107Nov 15, 2025Updated 3 months ago