CVE-2018-1002105

Alcide Kubernetes Advisor Pipeline Integrations Alcide Advisor is an agentless service for Kubernetes audit and compliance that’s built to ensure a frictionless and secured DevSecOps workflow by layering a hygiene scan of Kubernetes cluster & workloads early in the development process and before moving to production With Alcide Advisor, you can cover the followin

Test utility for cve-2018-1002105

CVE-2018-1002105 Test utility that checks a cluster for the high severity kubernetes CVE published here A stakeholder-level writeup of the CVE-2018-1002105 may be found at gravitationalcom/blog/kubernetes-websocket-upgrade-security-vulnerability/ Warning Running this test through layer 7 load balancers or proxies in front of you're kubernetes apiserver may be unr

文章 Attack Code 的详细全文。安全和开发总是具有伴生属性，尤其是云的安全方向，本篇文章是希望能帮助到读者的云安全入门材料。Full text of the article Attack Code. Security and development always have concomitant attributes, and this is especially true with the security direction of the cloud. This article is an introduction to cloud security that I hope will help readers.

Intro This article is more of an(?) introductory article If you are already familiar with these topics or have prior penetration testing experience, feel free to briefly review the conclusion and content, expand your thinking, have a laugh, and move on Of course, if you have any thoughts or want to add something to the text, you can leave a comment below or directly email me

Find Kubernetes across your environment, even if it's not installed via your package manager.

find_k8s Find Kubernetes across your environment, even if it's not installed via your package manager What it does This script uses the server processes inventory feature as well as the SVM module's installed software inventory feature to search for all instances of Kubernetes in your Halo-protected environment Indicates which are vulnerable to CVE-2018-1002105 Req

PoC for CVE-2018-1002105.

CVE-2018-1002105 PoC Authenticated PoC Demo Usage Unauthenticated PoC Demo Usage Authenticated PoC Proof-of-Concept exploit for CVE-2018-1002105 The current exploit requires create and get privileges on pods and pods/exec Support has been added for portforward and attach, which require similar permissions The current PoC dumps the secrets from the default etcd-kubern

Connecting to OKE Private API with NetFoundry Networking Oracle Cloud Infrastructure (OCI) & Oracle Container Engine for Kubernetes (OKE) reduce the operational burden of setting up and managing enterprise-grade Kubernetes clusters NetFoundry and Oracle recognize that connecting to your Kubernetes cluster and its ecosystem is complex, so NetFoundry allows you to conn

Alcide Kubernetes Advisor ... Cluster Hygiene & Security Scanner - Pipeline Integration

Alcide Kubernetes Advisor Alcide Advisor is an agentless service for Kubernetes audit and compliance that’s built to ensure a frictionless and secured DevSecOps workflow by layering a hygiene scan of Kubernetes cluster & workloads early in the development process and before moving to production With Alcide Advisor, you can cover the following security checks: K

PoC command injection example for cve-2018-1002105 based off https://github.com/gravitational/cve-2018-1002105

This was modified from gravitationalcom/blog/kubernetes-websocket-upgrade-security-vulnerability/ All credit goes to the kind folks at Gravitational The original PoC code was modified to go a bit beyond checking for vulnerability and to actually run a command inside the first container in the first namespace In this case, curl -s googlecom inside the first pod/co

fork 自giteecom/imlzw/Kubernetes-1123-all-auto-install Kubernetes-1123-all-auto-install 项目介绍 个人整理的Centos7x + Kubernetes-1123 + Dashboard-183 无 CVE-2018-1002105 漏洞的master节点全自动快速一键安装部署文件，适用于测试环境，生产环境的快速安装部署 准备工作 配置好centos的网络环境，使其可连�

Alcide Kubernetes Advisor ... Cluster Hygiene & Security Scanner - Pipeline Integration

Alcide Kubernetes Advisor Pipeline Integrations Alcide Advisor is an agentless service for Kubernetes audit and compliance that’s built to ensure a frictionless and secured DevSecOps workflow by layering a hygiene scan of Kubernetes cluster & workloads early in the development process and before moving to production With Alcide Advisor, you can cover the followin

KubeCon-CloudNativeCon-Europe-2019's slides. / 2019欧洲CNCF大会PPT。

KubeCon-CloudNativeCon-Europe-2019 KubeCon-CloudNativeCon-Europe-2019's slides This repo hosts published slide files The detailed schedule can refer to the event website KubeCon-CloudNativeCon-Europe-2019 And you can find the Video lists of CNCF YouTube channel (Barcelona '19: KubeCon + CloudNativeCon) on youtube, enjoy it 😍 Slides list (TOC): accelerating-t

渗透逆向个人工具箱整理backup

ToolBox 安全研究渗透工具箱 目录 Android Binary CTF CVE IOT Pentest Web 工作机工具 Android 安卓相关工具箱 ACF AndBug - Android Debugging Library android_run_root_shell - android root 脚本 android-backup-extractor - manifest backup属性问题测试工具 android-forensics - Open source Android Forensics app and framework android-simg2img - Tool to con

Links and resources for the O'Reilly Kubernetes Security book

Hello and welcome to Kubernetes Security, the resource center for the O'Reilly book on this topic by Liz Rice and Michael Hausenblas In the book we explore security concepts including defense in depth, least privilege, and limiting the attack surface We discuss and show how to secure clusters, and you'll also learn how Kubernetes uses authentication and authorizati

个人整理的Centos7.x + Kubernetes-1.12.3 + Dashboard-1.8.3 无 CVE-2018-1002105 漏洞的master节点全自动快速一键安装部署文件，适用于测试环境，生产环境的快速安装部署

Kubernetes-1123-all-auto-install 项目介绍 个人整理的Centos7x + Kubernetes-1123 + Dashboard-183 无 CVE-2018-1002105 漏洞的master,node节点全自动快速一键安装部署文件，适用于测试环境，生产环境的快速安装部署 参考文档 kubernetesio/docs/setup/independent/create-cluster-kubeadm/ master节点安装准备工作 配置�

HPE Express Containers with Docker Enterprise Edition on HPE SimpliVity Executive Summary Release Notes Playbook updates Configuration updates Fixed in this release Solution overview Solution configuration HPE SimpliVity configuration Linux-only VM configuration Hybrid VM configuration (Windows and Linux) High availability Sizing considerations Disaster Recovery Secur

CMPT733-Group11(0x90) CVE-2018-1002105 Members: Abhishek Rungta, Shubham Saini, Siddhant Sood Environment Setup A linux VM (Such as Ubuntu 2004) Minikube for local deploymnet of kubernetes Any of these older versions(10x— 19x, 1100—11010,1110—1114,1120—1122) Run the exploit We have provided a virtual box image (ova file) Download it a

KubeCon EU'19 Videos and Presentations

KubeCon EU'19 Videos and Presentations Lightning Talks Topics Video Presentation Lightning Talk: Cloud Native Wales: How We Contributed to the Community - Lewis Denham-Parry Video Slides Lightning Talk: How to Regain the Trust of Your Users - Eduard Iacoboaia, Bookingcom Video Slides Lightning Talk: Slow Starting Containers, How to Check Their Health? - Matt

个人整理的Centos7.x + Kubernetes-1.12.3 + Dashboard-1.8.3的master、node节点全自动快速一键安装部署文件，适用于测试环境，生产环境的快速安装部署

Kubernetes-1123-all-auto-install 项目介绍 个人整理的Centos7x + Kubernetes-1123 + Dashboard-183 无 CVE-2018-1002105 漏洞的master,node节点全自动快速一键安装部署文件，适用于测试环境，生产环境的快速安装部署 参考文档 kubernetesio/docs/setup/independent/create-cluster-kubeadm/ master节点安装准备工作 配置�

A curated list of starred project sorted by languages

Awesome Stars A curated list of my GitHub stars! Generated by starred Contents ASP Assembly Batchfile C C# C++ CMake CSS Cirru Clojure CoffeeScript Common Lisp Cuda D Dart Dockerfile Elixir Emacs Lisp Erlang F# Gherkin Gnuplot Go Groovy HCL HTML Haskell Inno Setup Java JavaScript Jsonnet Julia Jupyter Notebook Kotlin LLVM Lua Makefile Mathematica Nim OCaml Objective-C Othe