kube-pod-escape
Host log exploit
An exploit allowing unauthorized access to sensitive data on a host machine through Kubernetes logs
Kubernetes POC for utilizing write mount to /var/log for getting a root on the host
92 stars
5 watching
14 forks
Language: Python
last commit: about 4 years ago
Linked from 1 awesome list
metarget/awesome-cloud-native-securityRelated projects:
| Repository | Description | Stars |
|---|---|---|
 bgeesaman/subpath-exploit | Demonstrates an escape vulnerability in Kubernetes allowing privileged access to a pod through symlinks | 35 |
 bishopfox/badpods | A collection of Kubernetes pod manifests demonstrating the impact of elevated privileges on security and functionality. | 599 |
 caiobegotti/pod-dive | Provides a tool to inspect and view details of pods on Kubernetes nodes | 58 |
 cyberark/kubesploit | A cross-platform post-exploitation toolset for containerized environments | 1,122 |
 keikoproj/kube-forensics | Tool to create checkpoint snapshots of running Kubernetes pods for forensic analysis after termination. | 221 |
 darryk10/cve-2021-25735 | An exploit demonstrating a Kubernetes validation admission webhook bypass vulnerability | 18 |
 zjj2wry/kubectl-login | A kubernetes authentication plugin that provides oidc-based login functionality | 1 |
 jpdasma/kubectl-exec-all | Tool to execute commands in all containers of a given Kubernetes resource | 4 |
 danigargu/cve-2020-0796 | An exploit tool for a Windows SMBv3 vulnerability | 1,304 |
 yokawasa/kubectl-plugin-ssh-jump | A tool to access Kubernetes nodes or remote services through an intermediary SSH gateway | 176 |
 towolf/kubectl-nsenter | A tool that allows debugging and interaction with pods in Kubernetes | 11 |
 makocchi-git/kubectl-free | A tool that displays resource usage of pods on Kubernetes nodes in a format similar to the `free` command. | 22 |
 marjamis/kubectl-kcn | Makes it easier to remotely access nodes within a Kubernetes cluster | 4 |
 yggheim/k | A tool to easily execute commands inside a Kubernetes pod from the command line | 15 |
 trsnium/kubectl-texec | An extension to kubectl that allows attaching a Tmux session to a running pod | 1 |