CVE-2020-15257

CDK - Zero Dependency Container Penetration Toolkit English | 简体中文 Legal Disclaimer Usage of CDK for attacking targets without prior mutual consent is illegal CDK is for security testing purposes only Overview CDK is an open-sourced container penetration toolkit, designed for offering stable exploitation in different slimmed containers without any OS dependency It c

Docker Security Checklist For a more thorough checklist please refer to the latest Docker CIS benchmark Patching Ensure you patch your Docker daemon/containerd etc to protect against escape CVEs such as CVE-2019-5736 CVE-2019-14271 CVE-2020–15257 Follow appropriate Docker security updates Image security Conduct image vulnerability scanning using an appropriate scann

An attempt to document the types of applications which might be using abstract sockets by default. PLEASE READ THE README (esp. the bit about responsible disclosure).

Abstract Sockets Abstract Sockets are a feature of the Linux kernel that lie somewhere between file-based Unix Sockets and port/network-based TCP Sockets They are opened and referenced by name, and have several useful/unique properties: automatically cleaned up when the last process using them exits locking (for singleton-style processes), but without files not tied to speci

🌏 [WIP]整理好了之后迁移到 cdk-team/document，包含各类容器、K8s攻防场景的CDK文档。

CDK - Zero Dependency Container Penetration Toolkit English | 简体中文 Legal Disclaimer Usage of CDK for attacking targets without prior mutual consent is illegal CDK is for security testing purposes only Overview CDK is an open-sourced container penetration toolkit, designed for offering stable exploitation in different slimmed containers without any OS dependency It c

A python script to create daily reports from Threatstack

threatstackReport A python script to create daily reports from Threatstack This script adds state and simple reporting to the threatstack API It can be run on previous reports or in real time First you would create and inventory root@foo:~# /threatstackpy --inventory +----------------------------+-------+ | Option | Value | +---------------------------

Tool to test if you're in a Docker container and attempt simple breakouts

Docker Escape Tool Work In Progress This tool will help identify if you're in a Docker container and try some quick escape techniques to help assess the security of your containers This tool is focused specifically on Docker escapes though some of the logic may apply to other container runtimes I intend to follow this up with a blog post on helping secure your Docker co

exploits-open Available exploits CVE-2020-15257 Available proof of concepts

Docker Escape Tool Work In Progress This tool will help identify if you're in a Docker container and try some quick escape techniques to help assess the security of your containers This tool is focused specifically on Docker escapes though some of the logic may apply to other container runtimes I intend to follow this up with a blog post on helping secure your Docker co

Docker Security Checklist For a more thorough checklist please refer to the latest Docker CIS benchmark Patching Ensure you patch your Docker daemon/containerd etc to protect against escape CVEs such as CVE-2019-5736 CVE-2019-14271 CVE-2020–15257 Follow appropriate Docker security updates Image security Conduct image vulnerability scanning using an appropriate scann

网上阅读过的文章记录

2021-Read-article 有兴趣可以看看我的云渗透课程：wwwyuquecom/u8047536/supvqp/ri4ft0 渗透 githubcom/ihebski/DefaultCreds-cheat-sheet 网络设备默认密码 JumpServer 从信息泄露到远程代码执行漏洞分析 标题描述有问题，泄漏机器user_id等，通过websocket获取token，再利用token通过相关的API来执行机�