twistlock / whoc

Related projects: ⓘ

• raesene / container-security-site
  ☆90Updated 4 months ago
• twistlock / sa-hunter
  Correlates serviceaccounts and pods to the permissions granted to them via rolebindings and clusterrolesbindings.
  ☆34Updated 2 years ago
• 4ARMED / kubeletmein
  Security testing tool for Kubernetes, abusing kubelet credentials on public cloud providers.
  ☆159Updated 10 months ago
• blackberry / Falco-bypasses
  Research on various techniques to bypass default falco ruleset (based on falco v0.28.1).
  ☆78Updated 7 months ago
• danielsagi / kube-pod-escape
  Kubernetes POC for utilizing write mount to /var/log for getting a root on the host
  ☆89Updated 3 years ago
• danielsagi / kube-dnsspoof
  A POC for DNS spoofing in kubernetes clusters. Runs with minimum capabilities, on default installations of kuberentes.
  ☆74Updated 5 years ago
• praetorian-inc / snowcat
  a tool to audit the istio service mesh
  ☆173Updated 2 years ago
• nccgroup / ConMachi
  Container Blackbox Security Auditing Tool: enumerates security configuration from within the target container
  ☆84Updated 5 years ago
• alexivkin / kubepwn
  Kubernetes Pwnage for all
  ☆54Updated 3 years ago
• nccgroup / insject
  insject is a tool for poking at containers. It enables you to run an arbitrary command in a container or any mix of Linux namespaces.
  ☆49Updated 2 years ago
• NodyHub / k8s-ctf-rocks
  Kubernetes Easter CTF
  ☆58Updated 4 years ago
• bgeesaman / kube-env-stealer
  Automated GKE Kubelet Impersonation and Cluster Secret Stealer via kube-env
  ☆102Updated 5 years ago
• raesene / eathar
  ☆24Updated 4 months ago
• heroku / terrier
  Terrier is a Image and Container analysis tool that can be used to scan Images and Containers to identify and verify the presence of spec…
  ☆227Updated 11 months ago
• raesene / kube_security_lab
  ☆230Updated last week
• PaloAltoNetworks / rbac-police
  Evaluate the RBAC permissions of Kubernetes identities through policies written in Rego
  ☆331Updated 8 months ago
• k8s-sec / k8s-sec.github.io
  Links and resources for the O'Reilly Kubernetes Security book
  ☆98Updated 3 years ago
• quarkslab / minik8s-ctf
  A beginner-friendly CTF about Kubernetes security.
  ☆76Updated 2 years ago
• antitree / keyctl-unmask
  Going Florida on container keyring masks. A tool to demonstrate the ineffectivity containers have on isolating Linux Kernel keyrings.
  ☆43Updated last year
• kinvolk / seccompagent
  agent for handling seccomp descriptors for container runtimes
  ☆41Updated 7 months ago
• krisnova / kush
  Kubernetes Unhinged Shell 😎
  ☆46Updated last year
• bgeesaman / malicious-compliance
  Supporting code and demos for KubeCon EU 2023 talk "Malicious Compliance: Reflections on Trusting Container Image Scanners"
  ☆64Updated 9 months ago
• avolens / kubefuzz
  Generative and mutative fuzzer for Kubernetes admission controller chains by automatically parsing the cluster api specification.
  ☆71Updated last year
• knative-extensions / security-guard
  Runtime security plug to protect user containers
  ☆64Updated this week
• antitree / cmd_and_kubectl_demos
  ☆27Updated 2 months ago
• cncf / cncf-fuzzing
  ✨🔐 CNCF Fuzzers
  ☆111Updated this week
• twistlock / RunC-CVE-2019-5736
  CVE-2019-5736 POCs
  ☆81Updated 4 years ago
• rad-security / fingerprints
  A repository to store Rad Fingerprinting data.
  ☆23Updated last month
• tabbysable / POC-2020-8558
  Information about Kubernetes CVE-2020-8558, including proof of concept exploit.
  ☆42Updated 4 years ago
• Betep0k / CVE-2021-25741
  Exploit for CVE-2021-25741 vulnerability
  ☆28Updated 2 years ago