Skip to content
master
Switch branches/tags
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 

Kind of Insecure

Collection of kind configuration files that can be used to create deliberately vulnerable clusters, for the purposes of security testing/training.

Each cluster has a single vulnerability which can be exploited.

Config Description
insecure-port.yaml Insecure port enabled on the API server
etcd.yaml Client authentication disabled on the ETCD server
unauthenticated-rw-kubelet.yaml Read/Write Kubelet port (10250/TCP) available without authentication
ro-kubelet.yaml Read-Only kubelet port (10255/TCP) available without authentication
  • After installing kind, each test cluster can be brought up using a command like: kind --config insecure-port.yaml --name insecure create cluster
  • You can then find out the IP address of the container on the docker0 network with: docker inspect -f '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' insecure-control-plane

About

Deliberately insecure Kubernetes test clusters built using kind

Resources

Releases

No releases published

Packages

No packages published