CVE-2020-8558

CDK - Zero Dependency Container Penetration Toolkit English | 简体中文 Legal Disclaimer Usage of CDK for attacking targets without prior mutual consent is illegal CDK is for security testing purposes only Overview CDK is an open-sourced container penetration toolkit, designed for offering stable exploitation in different slimmed containers without any OS dependency It c

Crafting raw TCP/IP packets to send to poorly configured servers - CVE-2020-8558 PoC

Martian Packets A repo containing a python script which can be used to craft raw TCP/IP packets Used for testing out martian packets following a vulnerability announced in kubernetes (kube-proxy: CVE-2020-8558) This PoC covers the pod -> node (host) localhost boundary bypass For a simple and robust PoC for the node -> node portion of the vulnerability, see here

关于我 公众号: leveryd 我关注: 安全产品、云/云原生、应用安全 以下是公众号上的原创文章 WAF 开源WAF规则运营入门 安全规则中的正则表达式 基于openresty-lua的反爬插件 反爬检测小结(1) WAF攻防(5) WAF攻防实践(4) 你的扫描器可以绕过防火墙么（三） 你的扫描器可以绕过防火墙么？（二）

Information about Kubernetes CVE-2020-8558, including proof of concept exploit.

Overview CVE-2020-8558 is a Kubernetes venerability which was published because kube-proxy unexpectedly makes localhost-bound host services available to others on the network I place the emphasis on unexpectedly because this vulnerability is due to a design flaw (oversight), not an implementation flaw (bug) The code does exactly what it says it does, but we all failed to reco

Guía de pentesting en kubernetes

Kubernetes is a maze: deployments, pods, containers, namespaces, services… When you arrive at kube-world as a beginner (like me) nothing has sense For a while, I’ve been thinking about to create a checklist for pentesting purposes and put together every tool, repo or technique I’ve been discovering about kubernetes lately, but every implementation of kube is

🌏 [WIP]整理好了之后迁移到 cdk-team/document，包含各类容器、K8s攻防场景的CDK文档。

CDK - Zero Dependency Container Penetration Toolkit English | 简体中文 Legal Disclaimer Usage of CDK for attacking targets without prior mutual consent is illegal CDK is for security testing purposes only Overview CDK is an open-sourced container penetration toolkit, designed for offering stable exploitation in different slimmed containers without any OS dependency It c

CKS 官方考纲 CKS 官方考纲: [CKS_Curriculum_ v119pdf](/CKS_Curriculum_ v119pdf) Cluster Setup - 10% Securing a Cluster Use Network security policies to restrict cluster level access kubernetesio/docs/concepts/services-networking/network-policies/ Use CIS benchmark to review the security configuration of Kubernetes components(etcd, kubelet, kubedns, ku