Skip to content
/ redk8s Public

Collection of k8s exploition tools in an Ubuntu container

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

edenberger/redk8s

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits
manifests
manifests
 
 
static
static
 
 
tmp
tmp
 
 
.gitignore
.gitignore
 
 
Dockerfile
Dockerfile
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
get_bins.sh
get_bins.sh
 
 

Repository files navigation

redk8s

Collection of k8s exploitation tools in an Ubuntu container

Heavly changed from alpine-containertools.

The tools that were added to this image

amicontained - Container introspection tool. Find out what container runtime is being used as well as features available.
botb - A container analysis and exploitation tool for pentesters and engineers.
conmachi - Container Blackbox Security Auditing Tool: enumerates security configuration from within the target container.
deepce.sh - Docker Enumeration, Escalation of Privileges and Container Escapes.
undock.sh
keyctl-unmask - Going Florida on container keyring masks. A tool to demonstrate the ineffectivity containers have on isolating Linux Kernel keyrings.
ed - Ed is a tool used to identify and exploit accessible UNIX Domain Sockets.
auger - Directly access data objects stored in etcd by kubernetes.
etcdctl - etcdctl is a command line client for etcd.
kubectl - Command line tool for communicating with a Kubernetes cluster's control plane.
kubectl-who-can - Show who has RBAC permissions to perform actions on different resources in Kubernetes.
kubeletctl - A client for kubelet.
kubetcd - Post-exploit a compromised etcd, gain persistence and remote shell to nodes.
rakkess - Review Access: kubectl plugin to show an access matrix for k8s server resources.
rbac-tool - Kubernetes RBAC Power Toys - Visualize, Analyze, Generate & Query.
kube-hunter - Hunt for security weaknesses in Kubernetes clusters.
red-kube - Red Team K8S Adversary Emulation Based on kubectl.
reg - Docker registry v2 command line client and repo listing generator with security checks.
kdigger - Kubernetes focused container assessment and context discovery tool for penetration testing.
kubesploit - Cross-platform post-exploitation HTTP/2 Command & Control, focused on containerized environments.

Preprequisites to build this image on Ubuntu

docker.io
docker-buildx
make
git
wget

Build and run instructions

git clone github.com/edenberger/redk8s
cd redk8s
make build
make run
make exec

If you're running it for the lab github.com/edenberger/kube_security_lab, after you set up the lab, run

git clone github.com/edenberger/redk8s
cd redk8s
make build
make lab
make exec

About

Collection of k8s exploition tools in an Ubuntu container

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages