mhausenblas / k8s-secView external linksLinks
Kubernetes Security: from Image Hygiene to Network Policies
☆144May 30, 2018Updated 7 years ago
Alternatives and similar repositories for k8s-sec
Users that are interested in k8s-sec are comparing it to the libraries listed below
Sorting:
- Some debug notes and exploit(not blind)☆39Jul 28, 2019Updated 6 years ago
- Links and resources for the O'Reilly Kubernetes Security book☆101Jan 22, 2021Updated 5 years ago
- CVE-2019-8449 Exploit for Jira v2.1 - v8.3.4☆68Feb 3, 2020Updated 6 years ago
- The Demo for CVE-2017-11427☆12Mar 3, 2018Updated 7 years ago
- Kubernetes Auto Analyzer☆191Dec 11, 2019Updated 6 years ago
- Kubernetes security notes and best practices☆726Apr 15, 2022Updated 3 years ago
- RememberMe Padding Oracle Vulnerability RCE☆72Nov 14, 2019Updated 6 years ago
- RCE on Apache Solr using deserialization of untrusted data via jmx.serviceUrl☆210Mar 10, 2019Updated 6 years ago
- ☆16Jul 25, 2023Updated 2 years ago
- ssrf、ssrfIntranetFuzz、dnsRebinding、recordEncode、dnsPoisoning、Support ipv4/ipv6☆217Aug 17, 2017Updated 8 years ago
- Writeup of CVE-2017-1002101 with sample "exploit"/escape☆35Mar 23, 2018Updated 7 years ago
- CVE-2020-8163 - Remote code execution of user-provided local names in Rails☆61Dec 14, 2022Updated 3 years ago
- GitLab 11.4.7 SSRF配合redis远程执行代码☆120Apr 24, 2019Updated 6 years ago
- A Java runtime information-gathering tool which uses the Java Attach API for information acquisition☆204Apr 26, 2021Updated 4 years ago
- Easily write tests and fuzz many different programs.☆12Dec 13, 2022Updated 3 years ago
- awesome resources about cloud native security 🐿☆323Nov 4, 2023Updated 2 years ago
- tomcat使用了自带session同步功能时,不安全的配置(没有使用EncryptInterceptor)导致存在的反序列化漏洞,通过精心构造的数据包, 可以对使用了tomcat自带session同步功能的服务器进行攻击。PS:这个不是CVE-2020-9484,9484…☆212May 19, 2020Updated 5 years ago
- ☆131Jun 17, 2022Updated 3 years ago
- 解密好的AWVS10.5 data/script/目录下的脚本☆267Nov 11, 2017Updated 8 years ago
- SharpAddDomainMachine☆69Oct 12, 2021Updated 4 years ago
- CVE-2019-10392 RCE Jackson with Git Client Plugin 2.8.2 (Authenticated)☆21Sep 26, 2019Updated 6 years ago
- A place for documenting threats and mitigations related to containers orchestrators (Kubernetes, Swarm etc)☆25Jul 3, 2018Updated 7 years ago
- This is a filter bypass exploit that results in arbitrary file upload and remote code execution in class.upload.php <= 2.0.4☆36Dec 8, 2019Updated 6 years ago
- 🚀Faster Github Monitor🚀☆104Jan 7, 2023Updated 3 years ago
- API that leverages Clair to scan Docker Registries and Kubernetes Clusters for vulnerabilities☆151Apr 23, 2023Updated 2 years ago
- 使用JS监听获取dz密码☆12Sep 5, 2017Updated 8 years ago
- A simple way to evaluate the security of your Kubernetes deployment against sets of best practices defined by various community sources☆28Jan 31, 2020Updated 6 years ago
- A lightweight workshop build on the shoulders of giants.☆18Sep 13, 2019Updated 6 years ago
- A collection of tools and references around container networking☆79Apr 2, 2018Updated 7 years ago
- Apache Log4j 1.2.X存在反序列化远程代码执行漏洞☆78Dec 25, 2019Updated 6 years ago
- CatchMail can be used to find some email addresses!☆73May 22, 2023Updated 2 years ago
- CobaltStrike External C2 for Websockets☆197Jul 16, 2019Updated 6 years ago
- Reconnaissance test in Kubernetes clusters☆21Oct 19, 2018Updated 7 years ago
- CVE-2020-11890: Improper input validations in the usergroup table class could lead to a broken ACL configuration to RCE☆62Jun 1, 2023Updated 2 years ago
- A hands-on walkthrough for creating an extremely insecure Kubernetes cluster and then hardening it, step by step.☆200Dec 28, 2018Updated 7 years ago
- A plugin that provides resources for beginners to learn reverse engineering using Binary Ninja. It automatically installs several other p…☆26Aug 22, 2017Updated 8 years ago
- Some helpful Helm Charts for pentesters☆38Jan 28, 2019Updated 7 years ago
- Securely store secrets at rest using Hashicorp Vault☆55Mar 7, 2023Updated 2 years ago
- a simple tool to detect potential security threat in php code☆317Sep 9, 2024Updated last year