Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details

All Projects → madhuakula → Kubernetes Goat

madhuakula / Kubernetes Goat

Licence: mit

Kubernetes Goat is "Vulnerable by Design" Kubernetes Cluster. Designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security.

Labels

html docker security kubernetes hacking microservices pentesting container infrastructure devsecops

Projects that are alternatives of or similar to Kubernetes Goat

Hacker Container

Container with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters

Stars: ✭ 105 (-87.9%)

Mutual labels: hacking, pentesting, container

Docker Security Images

🔐 Docker Container for Penetration Testing & Security

Stars: ✭ 172 (-80.18%)

Mutual labels: pentesting, devsecops, container

Python based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.

Stars: ✭ 636 (-26.73%)

Mutual labels: hacking, pentesting

Security whitepapers

Collection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi

Stars: ✭ 644 (-25.81%)

Mutual labels: hacking, pentesting

Lockdoor Framework

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

Stars: ✭ 677 (-22%)

Mutual labels: hacking, pentesting

Advanced Web Shell

Stars: ✭ 551 (-36.52%)

Mutual labels: hacking, pentesting

Passphrase Wordlist

Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords

Stars: ✭ 556 (-35.94%)

Mutual labels: hacking, pentesting

Web path scanner

Stars: ✭ 7,246 (+734.79%)

Mutual labels: hacking, pentesting

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

Stars: ✭ 6,270 (+622.35%)

Mutual labels: hacking, pentesting

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

Stars: ✭ 775 (-10.71%)

Mutual labels: hacking, pentesting

Tool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.

Stars: ✭ 764 (-11.98%)

Mutual labels: hacking, pentesting

A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.

Stars: ✭ 786 (-9.45%)

Mutual labels: hacking, pentesting

Red Teaming Toolkit

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

Stars: ✭ 5,615 (+546.89%)

Mutual labels: hacking, pentesting

Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.

Stars: ✭ 509 (-41.36%)

Mutual labels: hacking, pentesting

Hacking Toolkit

Stars: ✭ 635 (-26.84%)

Mutual labels: hacking, pentesting

Linkedin2username

OSINT Tool: Generate username lists for companies on LinkedIn

Stars: ✭ 504 (-41.94%)

Mutual labels: hacking, pentesting

Phishing Frenzy

Ruby on Rails Phishing Framework

Stars: ✭ 643 (-25.92%)

Mutual labels: hacking, pentesting

⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡

Stars: ✭ 9,116 (+950.23%)

Mutual labels: hacking, pentesting

Useful tools and scripts during Penetration Testing engagements

Stars: ✭ 463 (-46.66%)

Mutual labels: hacking, pentesting

All releases of the security research group (a.k.a. hackers) The Hacker's Choice

Stars: ✭ 474 (-45.39%)

Mutual labels: hacking, pentesting

View All Similar Projects ➔

Kubernetes Goat

The Kubernetes Goat is designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security.

Refer to https://madhuakula.com/kubernetes-goat for the guide.

Recent Kubernetes Goat Presentations

OWASP Bay Area Meetup

DEFCON Red Team Village

EkoParty 2020 - DevSecOps

🎲 Just click and Play in the browser for free using Katacoda Playground - Try now

https://katacoda.com/madhuakula/scenarios/kubernetes-goat

⚙️ Setting up Kubernetes Goat

Before we set up the Kubernetes Goat, ensure that you have created and have admin access to the Kubernetes cluster

kubectl version --short

Set up the helm version 2 in your path as helm2. Refer to helm releases for more information about setup

helm2 --help

Then finally setup Kubernetes Goat by running the following command

git clone https://github.com/madhuakula/kubernetes-goat.git
cd kubernetes-goat
bash setup-kubernetes-goat.sh

To export the ports/services locally to start learning, run the following command

bash access-kubernetes-goat.sh

Then navigate to http://127.0.0.1:1234

Kubernetes Goat - KIND setup

If you want to setup Kubernetes Goat using KIND, refer to kind-setup

🏁 Scenarios

Sensitive keys in code-bases
DIND (docker-in-docker) exploitation
SSRF in K8S world
Container escape to access host system
Docker CIS Benchmarks analysis
Kubernetes CIS Benchmarks analysis
Attacking private registry
NodePort exposed services
Helm v2 tiller to PwN the cluster
Analysing crypto miner container
Kubernetes Namespaces bypass
Gaining environment information
DoS the memory/CPU resources
Hacker Container preview

❤️ Showcase

Presented at OWASP Bay Area Meetup at https://youtu.be/DQllxpb46Yw
Presented at DEF CON RED Team Village https://youtu.be/aEaSZJRbnTo
Presented at OWASP San Diego at https://www.meetup.com/Open-Web-Application-Security-Project-San-Diego-OWASP-SD/events/hmbbkrybckbvb/
Featured in the official Kubernetes Podcast at https://kubernetespodcast.com/episode/109-kubermatic
Featured in tl;dr sec https://tldrsec.com/blog/tldr-sec-039
Featured in CloudSecList https://cloudseclist.com/issues/issue-42
Presented at EkoParty 2020 DevSecOps https://youtu.be/XqwbVU-gtng
Presented at c0c0cn 2020 https://india.c0c0n.org/2020/speakers#madhu_akula
Featured in Info Ck YouTube channel https://youtu.be/5ojho4L6Xfo
Presented in Cloud Native Indonesia Meetup https://youtu.be/pf5jOGWoWU0

⚠️ Disclaimer

Kubernetes Goat creates intentionally vulnerable resources into your cluster. DO NOT deploy Kubernetes Goat in a production environment or alongside any sensitive cluster resources.

Kubernetes Goat comes with absolutely no warranties whatsoever. By using Kubernetes Goat, you take full responsibility for all outcomes that result.

✨ Contributors

Thanks goes to these wonderful people 🎉

madhuakula

macagr

NF997

smoyer64

wurstbrot

podjackel

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].

Stars: ✭ 868

Visit Git Page 🔗Visit User Page 🔗Visit Issues Page (6) 🔗