Skip to content
/ kind-of-insecure Public

Deliberately insecure Kubernetes test clusters built using kind

11 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

raesene/kind-of-insecure

BranchesTags

Repository files navigation

Kind of Insecure

Collection of kind configuration files that can be used to create deliberately vulnerable clusters, for the purposes of security testing/training.

Each cluster has a single vulnerability which can be exploited.

Config Description
insecure-port.yaml Insecure port enabled on the API server
etcd.yaml Client authentication disabled on the ETCD server
unauthenticated-rw-kubelet.yaml Read/Write Kubelet port (10250/TCP) available without authentication
ro-kubelet.yaml Read-Only kubelet port (10255/TCP) available without authentication
  • After installing kind, each test cluster can be brought up using a command like: kind --config insecure-port.yaml --name insecure create cluster
  • You can then find out the IP address of the container on the docker0 network with: docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' insecure-control-plane

About

Deliberately insecure Kubernetes test clusters built using kind

Resources

Readme
Activity

Stars

11 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •