Kubernetes Security: from Image Hygiene to Network Policies
☆144May 30, 2018Updated 7 years ago
Alternatives and similar repositories for k8s-sec
Users that are interested in k8s-sec are comparing it to the libraries listed below
Sorting:
- Links and resources for the O'Reilly Kubernetes Security book☆101Jan 22, 2021Updated 5 years ago
- A versioned collection of snippets showing how to use client-go☆10Sep 3, 2017Updated 8 years ago
- Some debug notes and exploit(not blind)☆39Jul 28, 2019Updated 6 years ago
- 使用JS监听获取dz密码☆12Sep 5, 2017Updated 8 years ago
- Kubernetes Auto Analyzer☆191Dec 11, 2019Updated 6 years ago
- CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4☆68Feb 3, 2020Updated 6 years ago
- The Demo for CVE-2017-11427☆12Mar 3, 2018Updated 8 years ago
- RememberMe Padding Oracle Vulnerability RCE☆72Nov 14, 2019Updated 6 years ago
- tomcat使用了自带session同步功能时,不安全的配置(没有使用EncryptInterceptor)导致存在的反序列化漏洞,通过精心构造的数据包, 可以对使用了tomcat自带session同步功能的服务器进行攻击。PS:这个不是CVE-2020-9484,9484…☆212May 19, 2020Updated 5 years ago
- Kubernauts training☆22Dec 30, 2019Updated 6 years ago
- A place for documenting threats and mitigations related to containers orchestrators (Kubernetes, Swarm etc)☆25Jul 3, 2018Updated 7 years ago
- A collection of tools and references around container networking☆79Apr 2, 2018Updated 7 years ago
- Kubernetes security notes and best practices☆729Apr 15, 2022Updated 3 years ago
- CVE-2019-10392 RCE Jackson with Git Client Plugin 2.8.2 (Authenticated)☆21Sep 26, 2019Updated 6 years ago
- CVE-2020-8163 - Remote code execution of user-provided local names in Rails☆61Dec 14, 2022Updated 3 years ago
- SharpAddDomainMachine☆69Oct 12, 2021Updated 4 years ago
- A hands-on walkthrough for creating an extremely insecure Kubernetes cluster and then hardening it, step by step.☆200Dec 28, 2018Updated 7 years ago
- 解密好的AWVS10.5 data/script/目录下的脚本☆267Nov 11, 2017Updated 8 years ago
- awesome resources about cloud native security 🐿☆326Nov 4, 2023Updated 2 years ago
- A Java runtime information-gathering tool which uses the Java Attach API for information acquisition☆204Apr 26, 2021Updated 4 years ago
- RCE on Apache Solr using deserialization of untrusted data via jmx.serviceUrl☆210Mar 10, 2019Updated 7 years ago
- This is a filter bypass exploit that results in arbitrary file upload and remote code execution in class.upload.php <= 2.0.4☆36Dec 8, 2019Updated 6 years ago
- 🚀Faster Github Monitor🚀☆104Jan 7, 2023Updated 3 years ago
- Kubernetes Security - Best Practice Guide☆2,717Sep 11, 2019Updated 6 years ago
- GitLab 11.4.7 SSRF配合redis远程执行代码☆120Apr 24, 2019Updated 6 years ago
- ☆131Jun 17, 2022Updated 3 years ago
- ssrf、ssrfIntranetFuzz、dnsRebinding、recordEncode、dnsPoisoning、Support ipv4/ipv6☆217Aug 17, 2017Updated 8 years ago
- Some helpful Helm Charts for pentesters☆38Jan 28, 2019Updated 7 years ago
- The babelfish of Kubernetes app lifecycle management☆35Apr 27, 2018Updated 7 years ago
- Apache Tomcat + MongoDB Remote Code Execution☆113Jan 15, 2021Updated 5 years ago
- A lightweight workshop build on the shoulders of giants.☆18Sep 13, 2019Updated 6 years ago
- API that leverages Clair to scan Docker Registries and Kubernetes Clusters for vulnerabilities☆151Apr 23, 2023Updated 2 years ago
- CobaltStrike External C2 for Websockets☆197Jul 16, 2019Updated 6 years ago
- CatchMail can be used to find some email addresses!☆73May 22, 2023Updated 2 years ago
- GSP is a container platform and curated suite of components helping government deploy, run, observe and secure their services☆30Apr 30, 2021Updated 4 years ago
- Apache Log4j 1.2.X存在反序列化远程代码执行漏洞☆78Dec 25, 2019Updated 6 years ago
- Easily write tests and fuzz many different programs.☆12Dec 13, 2022Updated 3 years ago
- ☆16Jul 25, 2023Updated 2 years ago
- A collection of shell functions for Kubernetes native dabbling☆52Oct 23, 2018Updated 7 years ago