Awesome Cloud Native Security 🐿 / 0 General |
OWASP Cloud-Native Application Security Top 10 | | | |
Hacking and Hardening Kubernetes Clusters by Example (KubeCon 2017) | 308 | about 4 years ago | |
2018绿盟科技容器安全技术报告 (2018-11) | | | |
Awesome Cloud Native Security 🐿 / 0 General / 2018绿盟科技容器安全技术报告 (2018-11) |
2020绿盟科技云原生安全技术报告 (2021-01) | | | |
Awesome Cloud Native Security 🐿 / 0 General |
A Measurement Study on Linux Container Security: Attacks and Countermeasures (ACSAC 2018) | | | |
Kubernetes Security: Operating Kubernetes Clusters and Applications Safely (Book, 2018-09-28) | | | |
Awesome Cloud Native Security 🐿 / 0 General / Kubernetes Security: Operating Kubernetes Clusters and Applications Safely (Book, 2018-09-28) |
Container Security: Fundamental Technology Concepts that Protect Containerized Applications (Book, 2020-04-01) | | | |
Awesome Cloud Native Security 🐿 / 0 General |
MITRE ATT&CK framework for container runtime security with Falco. (2019-05-10) | | | |
Awesome Cloud Native Security 🐿 / 0 General / MITRE ATT&CK framework for container runtime security with Falco. (2019-05-10) |
Threat matrix for Kubernetes (Microsoft, 2020-04-02) | | | |
Awesome Cloud Native Security 🐿 / 0 General / MITRE ATT&CK framework for container runtime security with Falco. (2019-05-10) / Threat matrix for Kubernetes (Microsoft, 2020-04-02) |
Microsoft's Kubernetes Threat Matrix: Here's What's Missing (2020-10-26) | | | |
Secure containerized environments with updated threat matrix for Kubernetes (2021-03-23) | | | |
Awesome Cloud Native Security 🐿 / 0 General / MITRE ATT&CK framework for container runtime security with Falco. (2019-05-10) |
国内首个云上容器ATT&CK攻防矩阵发布,阿里云助力企业容器化安全落地 (2020-06-18) | | | |
MITRE ATT&CK Containers Matrix (2021-04-29) | | | |
最佳实践:发布国内首个K8S ATT&CK攻防矩阵 (青藤, 2021-08-25) | | | |
2021西部云安全峰会召开:“云安全优才计划”发布,腾讯云安全攻防矩阵亮相 (2021-09-26) | | | |
云原生安全:基于容器ATT&CK矩阵模拟攻防对抗的思考 (2021-11-01) | | | |
Awesome Cloud Native Security 🐿 / 0 General |
Containers' Security: Issues, Challenges, and Road Ahead (IEEE Access 2019) | | | |
企业应用容器化的攻与防 (JINQI-CON 2019) | 2,954 | 5 months ago | |
Sysdig 2021 Container Security and Usage Report (2021-01-01) | | | |
CNCF Cloud Native Security Whitepaper (2021-02-17) | 2,104 | 3 days ago | |
Metarget:云原生攻防靶场开源啦! (2021-05-10) | | | |
컨테이너에서 버그 찾기 어디까지 해봤니 (How to Find Container Platform Bug, CodeEngn 2021) | 90 | 3 months ago | |
Kubernetes Hardening Guidance (by NSA & CISA, 2021-08-03) | | | |
Kubernetes Security Checklist and Requirements | 467 | about 3 years ago | |
《云原生安全:攻防实践与体系构建》 | 729 | almost 2 years ago | |
Security Challenges in the Container Cloud (IEEE TPS-ISA 2021) | 22 | 9 months ago | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.1 General |
Container Security: Examining Potential Threats to the Container Environment (2019-05-14) | | | |
云原生环境渗透工具考察 (2020-06-22) | | | |
红蓝对抗中的云原生漏洞挖掘及利用实录 (2021-03-02) | | | |
靶机实验:综合场景下的渗透实战 | 729 | almost 2 years ago | |
Exploit Symlink for Fun and Profit: from Native to Cloud Native (2021-12-08) | 22 | 9 months ago | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.2 Kubernetes |
Walls Within Walls: What if your attacker knows parkour? (KubeCon 2019) | | | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.2 Kubernetes / Walls Within Walls: What if your attacker knows parkour? (KubeCon 2019) |
Walls Within Walls: What if Your Attacker Knows Parkour? (Video) | | | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.2 Kubernetes |
k0otkit:针对K8s集群的通用后渗透控制技术 (CIS 2020) | 281 | over 3 years ago | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.2 Kubernetes / k0otkit:针对K8s集群的通用后渗透控制技术 (CIS 2020) |
k0otkit: Hack K8s in a K8s Way (Paper) | | | |
k0otkit: Hack K8s in a K8s Way (Video) | | | |
Github Repo for k0otkit | 281 | over 3 years ago | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.2 Kubernetes |
Advanced Persistence Threats: The Future of Kubernetes Attacks (RSA 2020) | | | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.2 Kubernetes / Advanced Persistence Threats: The Future of Kubernetes Attacks (RSA 2020) |
Advanced Persistence Threats: The Future of Kubernetes Attacks (Video) | | | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.2 Kubernetes |
Compromising Kubernetes Cluster by Exploiting RBAC Permissions (RSA 2020) | | | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.2 Kubernetes / Compromising Kubernetes Cluster by Exploiting RBAC Permissions (RSA 2020) |
Compromising Kubernetes Cluster by Exploiting RBAC Permissions (Video) | | | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.2 Kubernetes |
Kubernetes Privilege Escalation: Excessive Permissions in Popular Platforms | | | |
|
Kubernetes Privilege Escalation: Container Escape == Cluster Admin? (Video) | | | |
Kubernetes Privilege Escalation: Container Escape == Cluster Admin? (PPT) | | | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.2 Kubernetes |
Command and KubeCTL: Real-world Kubernetes Security for Pentesters (Shmoocon 2020) | | | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.2 Kubernetes / Command and KubeCTL: Real-world Kubernetes Security for Pentesters (Shmoocon 2020) |
Deep Dive into Real-World Kubernetes Threats (2020-02-12) | | | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.2 Kubernetes |
Using Kubelet Client to Attack the Kubernetes Cluster (2020-08-19) | | | |
Attacking Kubernetes Clusters Through Your Network Plumbing: Part 1 (2020-11-05) | | | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.2 Kubernetes / Attacking Kubernetes Clusters Through Your Network Plumbing: Part 1 (2020-11-05) |
Attacking Kubernetes Clusters Through Your Network Plumbing: Part 2 (2021-05-17) | | | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.2 Kubernetes |
Metadata service MITM allows root privilege escalation (EKS / GKE) (2021-02-28) | | | |
etcd未授权访问的风险及修复方案详解 (2021-04-09) | | | |
New Attacks on Kubernetes via Misconfigured Argo Workflows (2021-07-20) | | | |
Creating Malicious Admission Controllers (2021-08-09) | | | |
Don’t let Prometheus Steal your Fire (2021-10-12)) | | | |
Attack Cloud Native Kubernetes (HITB 2021) | 2,954 | 5 months ago | |
Metasploit in Kubernetes (2021-11-04) | 34,393 | 4 days ago | |
【技术推荐】云原生之Kubernetes安全 (2021-12-18) | | | |
Understanding about CVE-2017–1002101 on kubernetes (2018-03-19) | | | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.2 Kubernetes / Understanding about CVE-2017–1002101 on kubernetes (2018-03-19) |
Fixing the Subpath Volume Vulnerability in Kubernetes (2018-04-04) | | | |
ExP: CVE-2017-1002101 by bgeesaman | 35 | over 6 years ago | |
CVE-2017-1002101:突破隔离访问宿主机文件系统 | 729 | almost 2 years ago | |
逃逸风云再起:从CVE-2017-1002101到CVE-2021-25741 (2021-10-12) | | | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.2 Kubernetes |
Exploiting path traversal in kubectl cp (CVE-2018-1002100, 2018-05-04) | | | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.2 Kubernetes / Exploiting path traversal in kubectl cp (CVE-2018-1002100, 2018-05-04) |
Disclosing a directory traversal vulnerability in Kubernetes copy – CVE-2019-1002101 (2019-03-28) | | | |
CVE-2019-11246: Clean links handling in cp's tar code (2019-04-30) | 111,689 | 4 days ago | |
CVE-2019-11249: Incomplete fixes for CVE-2019-1002101 and CVE-2019-11246, kubectl cp potential directory traversal (2019-08-05) | 111,689 | 4 days ago | |
CVE-2019-11251: kubectl cp symlink vulnerability (2020-02-03) | 111,689 | 4 days ago | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.2 Kubernetes |
The Story of the First Kubernetes Critical CVE (CVE-2018-1002105, 2018-12-04) | | | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.2 Kubernetes / The Story of the First Kubernetes Critical CVE (CVE-2018-1002105, 2018-12-04) |
CVE-2018-1002105(k8s特权提升)原理与利用分析报告 (2018-12-08) | | | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.2 Kubernetes |
CVE-2018-1002103:远程代码执行与虚拟机逃逸 | 729 | almost 2 years ago | |
Kubernetes hostPort allow services traffic interception when using kubeproxy IPVS (CVE-2019-9946, 2019-03-28) | | | |
Non-Root Containers, Kubernetes CVE-2019-11245 and Why You Should Care, (2019-08-28) | | | |
When it’s not only about a Kubernetes CVE... (CVE-2020-8555, 2020-06-03) | | | |
Kubernetes Vulnerability Puts Clusters at Risk of Takeover (CVE-2020-8558, 2020-07-27) | | | |
Kubernetes man in the middle using LoadBalancer or ExternalIPs (CVE-2020-8554, 2020-12-08) | | | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.2 Kubernetes / Kubernetes man in the middle using LoadBalancer or ExternalIPs (CVE-2020-8554, 2020-12-08) |
Protecting Against an Unfixed Kubernetes Man-in-the-Middle Vulnerability (CVE-2020-8554, 2020-12-21) | | | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.2 Kubernetes |
Host MITM attack via IPv6 rogue router advertisements (K8S CVE-2020-10749 / Docker CVE-2020-13401 / LXD / WSL2 / …) (2021-02-28) | | | |
Exploiting and detecting CVE-2021-25735: Kubernetes validating admission webhook bypass (2021-04-28) | | | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.2 Kubernetes / Exploiting and detecting CVE-2021-25735: Kubernetes validating admission webhook bypass (2021-04-28) |
ExP: CVE-2021-25735 by darryk10 | 18 | over 3 years ago | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.2 Kubernetes |
Detecting and Mitigating CVE-2021-25737: EndpointSlice validation enables host network hijack (2021-05-24) | | | |
浅谈云上攻防——CVE-2020-8562漏洞为k8s带来的安全挑战 (2021-10-25) | | | |
cr8escape: New Vulnerability in CRI-O Container Engine Discovered by CrowdStrike (CVE-2022-0811) | | | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.2 Kubernetes / cr8escape: New Vulnerability in CRI-O Container Engine Discovered by CrowdStrike (CVE-2022-0811) |
谁动了我的core_pattern?CVE-2022-0811容器逃逸漏洞分析 | | | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.3 Container |
Abusing Privileged and Unprivileged Linux Containers (2016-06-01) | | | |
Bypassing Docker Authz Plugin and Using Docker-Containerd for Privesc (2019-07-11) | | | |
A Methodology for Penetration Testing Docker Systems (Bachelor Theses, 2020-01-17) | | | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.3 Container / A Methodology for Penetration Testing Docker Systems (Bachelor Theses, 2020-01-17) |
针对容器的渗透测试方法 (2020-04-17) | | | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.3 Container |
里应外合:借容器root提权 (2020-12-03) | | | |
CVE-2021-21287: 容器与云的碰撞——一次对MinIO的测试 (2021-01-30) | | | |
New Vulnerability Affecting Container Engines CRI-O and Podman (CVE-2021-20291) (2021-04-14) | | | |
Container escape through open_by_handle_at (shocker exploit) (2014-06-18) | | | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.3 Container / Container escape through open_by_handle_at (shocker exploit) (2014-06-18) |
Docker breakout exploit analysis (2014-06-19) | | | |
PoC: Shocker by gabrtv | 117 | over 10 years ago | |
Docker 容器逃逸案例分析 (2016-07-19) | | | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.3 Container |
Dirty COW - (CVE-2016-5195) - Docker Container Escape (2017-09) | | | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.3 Container / Dirty COW - (CVE-2016-5195) - Docker Container Escape (2017-09) |
ExP: CVE-2016-5195 by scumjr | 492 | almost 3 years ago | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.3 Container |
Escaping Docker container using waitid() – CVE-2017-5123 (2017-12-27) | | | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.3 Container / Escaping Docker container using waitid() – CVE-2017-5123 (2017-12-27) |
Escaping Docker container using waitid() - CVE-2017-5123 (Video) | | | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.3 Container |
A Compendium of Container Escapes (Black Hat 2019) | | | |
In-and-out - Security of Copying to and from Live Containers (Open Source Summit 2019) | | | |
CVE-2019-5736: Escape from Docker and Kubernetes containers to root on host (2019-02-13) | | | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.3 Container / CVE-2019-5736: Escape from Docker and Kubernetes containers to root on host (2019-02-13) |
ExP: CVE-2019-5736 by Frichetten | 642 | almost 3 years ago | |
Escaping a Broken Container - 'namespaces' from 35C3 CTF (2019-04-15) | | | |
容器逃逸成真:从CTF到CVE-2019-5736 (2019-11-20) | | | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.3 Container |
An Exercise in Practical Container Escapology (2019-03-07) | | | |
Felix Wilhelm's Twitter on the Escape Technique utilizing release_agent (2019-07-17) | | | |
|
Understanding Docker container escapes (2019-07-19) | | | |
Privileged Container Escape - Control Groups release_agent (2020-11-19) | | | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.3 Container |
Kubernetes Pod Escape Using Log Mounts (2019-08-01) | | | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.3 Container / Kubernetes Pod Escape Using Log Mounts (2019-08-01) |
Kubelet follows symlinks as root in /var/log from the /logs server endpoint (debate on hackerone, 2021-04-02) | | | |
PoC: kube-pod-escape | 92 | about 4 years ago | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.3 Container |
Original Tweet on CVE-2019-16884 (2019-09-22) | | | |
CVE-2019-19921: Volume mount race condition with shared mounts (2020-01-01) | 11,987 | 2 days ago | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.3 Container / CVE-2019-19921: Volume mount race condition with shared mounts (2020-01-01) |
PoC: runc-masked-race.sh | | | |
PATCH RFC 1/1 mount: universally disallow mounting over symlinks (2019-12-30) | | | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.3 Container |
容器逃逸技术概览 (2020-02-21) | | | |
Escaping Virtualized Containers (Black Hat 2020) | | | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.3 Container / Escaping Virtualized Containers (Black Hat 2020) |
Kata Containers逃逸研究 (2020-09-25) | | | |
Security advisory for four vulnerabilities in Kata Containers (2020-12-04) | | | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.3 Container |
CVE-2020-14386: Privilege Escalation Vulnerability in the Linux kernel (2020-10-09) | | | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.3 Container / CVE-2020-14386: Privilege Escalation Vulnerability in the Linux kernel (2020-10-09) |
Containing a Real Vulnerability (2020-09-18) | | | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.3 Container |
host模式容器逃逸漏洞(CVE-2020-15257)技术分析 (2020-12-02) | | | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.3 Container / host模式容器逃逸漏洞(CVE-2020-15257)技术分析 (2020-12-02) |
ABSTRACT SHIMMER (CVE-2020-15257): Host Networking is root-Equivalent, Again (2020-12-10) | | | |
容器逃逸CVE-2020-15257 containerd-shim Exploit开发 (2020-12-14) | | | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.3 Container |
The Strange Case of How We Escaped the Docker Default Container (CVE-2020-27352, 2021-03-04) | | | |
runc mount destinations can be swapped via symlink-exchange to cause mounts outside the rootfs (CVE-2021-30465, 2021-05-30) | | | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.3 Container / runc mount destinations can be swapped via symlink-exchange to cause mounts outside the rootfs (CVE-2021-30465, 2021-05-30) |
RunC TOCTOU逃逸CVE-2021-30465分析 (2021-08-18) | | | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.3 Container |
利用Linux内核漏洞实现Docker逃逸 (2021-06-11) | | | |
【安全干货】Docker CVE-2018-6552 (2021-06-30) | | | |
CVE-2021-22555: Turning \x00\x00 into 10000$ (2021-07-07) | | | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.3 Container / CVE-2021-22555: Turning \x00\x00 into 10000$ (2021-07-07) |
CVE-2021-22555:Linux 内核提权导致 Docker 逃逸 (2021-07-23) | | | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.3 Container |
With Friends like eBPF, who needs enemies? (Defcon 29) | | | |
Container Escape in 2021 (HITB 2021) | | | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.3 Container / Container Escape in 2021 (HITB 2021) |
Container Escape in 2021 (KCon 2021) | 4,595 | 4 months ago | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.3 Container |
Finding Azurescape – Cross-Account Container Takeover in Azure Container Instances (2021-09-09) | | | |
云原生安全攻防|使用eBPF逃逸容器技术分析与实践 (2021-11-03) | | | |
Overflow in netlink bytemsg length field allows attacker to override netlink-based container configuration (CVE-2021-43784, 2021-12-06) | 11,987 | 2 days ago | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.3 Container / Overflow in netlink bytemsg length field allows attacker to override netlink-based container configuration (CVE-2021-43784, 2021-12-06) |
Issue 2241: runc/libcontainer: insecure handling of bind mount sources | | | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.3 Container |
Podman Time-of-check Time-of-use (TOCTOU) Race Condition (CVE-2023-0778) | | | |
Attacks are Forwarded: Breaking the Isolation of MicroVM-based Containers Through Operation Forwarding | | | |
Houdini’s Escape: Breaking the Resource Rein of Linux Control Groups (CCS 2019) | | | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.3 Container / Houdini’s Escape: Breaking the Resource Rein of Linux Control Groups (CCS 2019) |
Houdini’s Escape: Breaking the Resource Rein of Linux Control Groups (Video) | | | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.3 Container |
Docker组件间标准输入输出复制的DoS攻击分析 (网络信息安全学报 2020) | | | |
Demons in the Shared Kernel: Abstract Resource Attacks Against OS-level Virtualization (CCS 2021) | | | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.4 Serverless |
Hacking Serverless Runtimes (Black Hat 2017) | | | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.4 Serverless / Hacking Serverless Runtimes (Black Hat 2017) |
Hacking Serverless Runtimes (Whitepaper) | | | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.4 Serverless |
Serverless Toolkit for Pentesters (2018-11-11) | | | |
Serverless Red Team Infrastructure: Part 1, Web Bugs (2018-09) | | | |
针对AWS Lambda的运行时攻击 (2020-12-02) | | | |
How We Escaped Docker in Azure Functions (2021-01-27) | | | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.4 Serverless / How We Escaped Docker in Azure Functions (2021-01-27) |
Royal Flush: Privilege Escalation Vulnerability in Azure Functions (2021-04-08) | | | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.4 Serverless |
RT又玩新套路,竟然这样隐藏C2 (2021-04-21) | | | |
CDN+FaaS打造攻击前置 (2021-08-11) | | | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.6 Service Mesh |
A Survey of Istio’s Network Security Features (2020-03-04) | | | |
Istio访问授权再曝高危漏洞 (CVE-2020-8595, 2020-03-13) | | | |
Attack in a Service Mesh (CIS 2020) | 2,954 | 5 months ago | |
Istio Security Assessment (2021-07-13 (disclosed), 2020-08-06 (accomplished) by Istio with NCC Group) | | | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.7 API Gateway |
腾讯蓝军安全提醒:开源云原生API网关Kong可能会成为攻击方进入企业内网的新入口(CVE-2020-11710) (2020-04-15) | | | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.8 Windows Containers |
Well, That Escalated Quickly! How Abusing Docker API Led to Remote Code Execution, Same Origin Bypass and Persistence in The Hypervisor via Shadow Containers (Black Hat 2017) | | | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.8 Windows Containers / Well, That Escalated Quickly! How Abusing Docker API Led to Remote Code Execution, Same Origin Bypass and Persistence in The Hypervisor via Shadow Containers (Black Hat 2017) |
Well, That Escalated Quickly! (Whitepaper) | | | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.8 Windows Containers |
What I Learned from Reverse Engineering Windows Containers (2019-12-12) | | | |
Windows Server Containers Are Open, and Here's How You Can Break Out (2020-07-15) | | | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.8 Windows Containers / Windows Server Containers Are Open, and Here's How You Can Break Out (2020-07-15) |
PoC by James Forshaw (the author of post Who Contains the Containers?) | | | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.8 Windows Containers |
Who Contains the Containers? (Project Zero, 2021-04-01) | | | |
|
kube-hunter - Hunt for security weaknesses in Kubernetes clusters | 4,774 | 9 months ago | |
serverless_toolkit - A collection of useful Serverless functions I use when pentesting | 381 | about 2 years ago | |
kubesploit | 1,130 | 5 months ago | |
kubeletmein - Security testing tool for Kubernetes, abusing kubelet credentials on public cloud providers | 160 | about 1 year ago | |
CDK - Zero Dependency Container Penetration Toolkit | 3,976 | about 1 month ago | |
|
Zero Dependency Container Penetration Toolkit (Blackhat 2021) | 2,954 | 5 months ago | |
CDK: Also a Awesome BugBounty Tool for Cloud Platform (WHC 2021) | 2,954 | 5 months ago | |
|
Metarget - framework providing automatic constructions of vulnerable infrastructures | 1,113 | about 2 months ago | |
red-kube - Red Team K8S Adversary Emulation Based on kubectl | 817 | over 3 years ago | |
whoc - A container image that extracts the underlying container runtime | 130 | about 2 years ago | |
kdigger - A context discovery tool for Kubernetes penetration testing | 441 | 6 months ago | |
Awesome Cloud Native Security 🐿 / 1 Offensive / 1.9 Tools / kdigger - A context discovery tool for Kubernetes penetration testing |
Introduction to kdigger | | | |
Awesome Cloud Native Security 🐿 / 2 Defensive / 2.1 Standards and Benchmarks |
NIST.SP.800-190 Application Container Security Guide (2017-09-25) | | | |
NIST.IR.8176 Security Assurance Requirements for Linux Application Container Deployments (2017-10) | | | |
OWASP Container Security Verification Standard | 57 | over 5 years ago | |
CIS Kubernetes Benchmark | | | |
CIS Docker Benchmark | | | |
NIST.SP.800-204 Security Strategies for Microservices-based Application Systems (2019-08) | | | |
Awesome Cloud Native Security 🐿 / 2 Defensive / 2.1 Standards and Benchmarks / NIST.SP.800-204 Security Strategies for Microservices-based Application Systems (2019-08) |
NIST.SP.800-204B Attribute-based Access Control for Microservices-based Applications Using a Service Mesh (2021-08) | | | |
Awesome Cloud Native Security 🐿 / 2 Defensive / 2.2 Kubernetes |
Kubernetes中的异常活动检测 (KCon 2021) | 4,595 | 4 months ago | |
Awesome Cloud Native Security 🐿 / 2 Defensive / 2.3 Container |
Understanding and Hardening Linux Containers (2016-06-29) | | | |
探索Sysdig Falco:容器环境下的异常行为检测工具 (2019-09-25) | | | |
云原生之容器安全实践 (2020-03-12) | | | |
容器环境相关的内核漏洞缓解技术 (2020-08-31) | | | |
Detecting a Container Escape with Cilium and eBPF | | | |
Awesome Cloud Native Security 🐿 / 2 Defensive / 2.4 Secure Container |
Making Containers More Isolated: An Overview of Sandboxed Container Technologies (2019-06-06) | | | |
深度解析 AWS Firecracker 原理篇 – 虚拟化与容器运行时技术 (2019-12-09) | | | |
以Docker为代表的传统容器到了生死存亡之际 (2019-12-24) | | | |
Kata Containers创始人:安全容器导论 (2019-12-26) | | | |
Awesome Cloud Native Security 🐿 / 2 Defensive / 2.5 Network |
BASTION: A Security Enforcement Network Stack for Container Networks (USENIX 2020) | | | |
Awesome Cloud Native Security 🐿 / 2 Defensive / 2.6 Practices |
国外顶尖容器安全产品是怎么做的 (2020-12-04) | | | |
云原生|容器和应用安全运营实践思考 (2021-09-07) | | | |
|
docker-bench-security | 9,195 | about 2 months ago | |
kube-bench | 7,129 | 6 days ago | |
KubiScan | 1,329 | 8 days ago | |
Falco | 7,460 | 7 days ago | |
|
Bypass Falco (2020-11-20) | | | |
Detecting MITRE ATT&CK: Defense evasion techniques with Falco (2021-02-02) | | | |
Detecting MITRE ATT&CK: Privilege escalation with Falco (2021-03-02) | | | |
|
Elkeid - Elkeid is a Cloud-Native Host-Based Intrusion Detection solution project to provide next-generation Threat Detection and Behavior Audition with modern architecture | 2,281 | 15 days ago | |
kubescape - kubescape is the first tool for testing if Kubernetes is deployed securely as defined in Kubernetes Hardening Guidance by to NSA and CISA | 10,292 | 4 days ago | |
veinmind-tools | 1,538 | 11 months ago | |
cnspec - cloud-native security and policy project | | | |
Awesome Cloud Native Security 🐿 / 3 Incidents |
Lessons from the Cryptojacking Attack at Tesla (2018-02-20) | | | |
Graboid: First-Ever Cryptojacking Worm Found in Images on Docker Hub (2019-10-15) | | | |
Detect large-scale cryptocurrency mining attack against Kubernetes clusters (2020-04-08) | | | |
Coinminer, DDoS Bot Attack Docker Daemon Ports (2020-05-06) | | | |
Awesome Cloud Native Security 🐿 / 3 Incidents / Coinminer, DDoS Bot Attack Docker Daemon Ports (2020-05-06) |
TeamTNT团伙对Docker主机发起攻击活动,植入挖矿木马 (2020-08-04) | | | |
Team TNT – The First Crypto-Mining Worm to Steal AWS Credentials (2020-08-16) | | | |
Cetus: Cryptojacking Worm Targeting Docker Daemons (2020-08-27) | | | |
Black-T: New Cryptojacking Variant from TeamTNT (2020-10-05) | | | |
TeamTNT 挖矿木马利用Docker Remote API未授权访问漏洞入侵云服务器 (2020-11-27) | | | |
TeamTNT Now Deploying DDoS-Capable IRC Bot TNTbotinger (2020-12-18) | | | |
Hildegard: New TeamTNT Cryptojacking Malware Targeting Kubernetes (2021-02-03) | | | |
TeamTNT Targets Kubernetes, Nearly 50,000 IPs Compromised in Worm-like Attack (2021-05-25) | | | |
Tracking the Activities of TeamTNT: A Closer Look at a Cloud-Focused Malicious Actor Group (2021-06) | | | |
TeamTNT Actively Enumerating Cloud Environments to Infiltrate Organizations (2021-06-04) | | | |
TeamTNT with new campaign aka "Chimaera" (2021-09-08) | | | |
Team TNT Deploys Malicious Docker Image On Docker Hub (2021-10-07) | | | |
再次捕获云上在野容器攻击,TeamTNT黑产攻击方法揭秘 (2021-10-20) | | | |
Compromised Docker Hub Accounts Abused for Cryptomining Linked to TeamTNT (2021-11-09) | | | |
Awesome Cloud Native Security 🐿 / 3 Incidents |
Misconfigured Kubeflow workloads are a security risk (2020-06-10) | | | |
鉴权配置不当,蠕虫在自建K8s集群自由出入 (2020-09-16) | | | |
Siloscape: First Known Malware Targeting Windows Containers to Compromise Cloud Environments (2021-06-07) | | | |
NSA, Partners Release Cybersecurity Advisory on Brute Force Global Cyber Campaign (2021-07-01) | | | |
Awesome Cloud Native Security 🐿 / 3 Incidents / NSA, Partners Release Cybersecurity Advisory on Brute Force Global Cyber Campaign (2021-07-01) |
Russian GRU Conducting Global Brute Force Campaign to Compromise Enterprise and Cloud Environments (2021-07) | | | |
Awesome Cloud Native Security 🐿 / 3 Incidents |
DockerHub再现百万下载量黑产镜像,小心你的容器被挖矿 (2021-08-30) | | | |
Misconfigured Kafdrop Puts Companies’ Apache Kafka Completely Exposed (2021-12-06) | | | |