Skip to content
Kubernetes security notes and best practices
Shell Smarty Python
Branch: master
Clone or download
Latest commit 1c6e786 Aug 19, 2019
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
attacks/helm add helm chart guide Aug 19, 2019
demo Add attacks demo Aug 14, 2019
imgs add picture Aug 11, 2019
k8numerate add k8enumerate README Aug 13, 2019
ATTACKER.md add helm chart guide Aug 19, 2019
FLAGS.md add authz flags Aug 12, 2019
HARDENING.md fix typo Aug 14, 2019
NOTES.md add subresource filed to interesting fields Aug 14, 2019
README.md fix internship reference Aug 19, 2019
VULN.md add some vuns Aug 13, 2019

README.md

Kubernetes security

This repo is a collection of kubernetes security stuff and research.

The research was conducted during Summ3r 0f h4ck traineeship.

Overview

  • Security notes

    In-depth research about security of kubernetes features and misconfigurations. Source for all documents below

  • Security hardening and best practices

    A "must do"/best practices list of things to make attacker's life hard

  • Security flags checklist

    A checklist of flags to quickly test if your cluster has security features enabled.

  • Attacker's guide

    A guide for attacker: what to do if he gets to pod/cluster.

    Also, some attacks included

  • Vulnerabilities

    Page with sources for security announces and previous vulnerabilities

Tools

  • k8numerator

    Script for enumerating services in kubernetes cluster. Common services dictionary provided.

Slides

References

You can’t perform that action at this time.