madhuakula / Kubernetes Goat
Licence: mit
Kubernetes Goat is "Vulnerable by Design" Kubernetes Cluster. Designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security.
Stars: ✭ 868
Projects that are alternatives of or similar to Kubernetes Goat
Hacker Container
Container with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters
Stars: ✭ 105 (-87.9%)
Mutual labels: hacking, pentesting, container
Docker Security Images
🔐 Docker Container for Penetration Testing & Security
Stars: ✭ 172 (-80.18%)
Mutual labels: pentesting, devsecops, container
Powershell Rat
Python based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.
Stars: ✭ 636 (-26.73%)
Mutual labels: hacking, pentesting
Security whitepapers
Collection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi
Stars: ✭ 644 (-25.81%)
Mutual labels: hacking, pentesting
Lockdoor Framework
🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources
Stars: ✭ 677 (-22%)
Mutual labels: hacking, pentesting
Passphrase Wordlist
Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords
Stars: ✭ 556 (-35.94%)
Mutual labels: hacking, pentesting
Juice Shop
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Stars: ✭ 6,270 (+622.35%)
Mutual labels: hacking, pentesting
Dumpsterfire
"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
Stars: ✭ 775 (-10.71%)
Mutual labels: hacking, pentesting
Evillimiter
Tool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.
Stars: ✭ 764 (-11.98%)
Mutual labels: hacking, pentesting
Privesc
A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.
Stars: ✭ 786 (-9.45%)
Mutual labels: hacking, pentesting
Red Teaming Toolkit
This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
Stars: ✭ 5,615 (+546.89%)
Mutual labels: hacking, pentesting
Security Tools
Collection of small security tools, mostly in Bash and Python. CTFs, Bug Bounty and other stuff.
Stars: ✭ 509 (-41.36%)
Mutual labels: hacking, pentesting
Linkedin2username
OSINT Tool: Generate username lists for companies on LinkedIn
Stars: ✭ 504 (-41.94%)
Mutual labels: hacking, pentesting
Phishing Frenzy
Ruby on Rails Phishing Framework
Stars: ✭ 643 (-25.92%)
Mutual labels: hacking, pentesting
Ciphey
⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡
Stars: ✭ 9,116 (+950.23%)
Mutual labels: hacking, pentesting
Pentestkit
Useful tools and scripts during Penetration Testing engagements
Stars: ✭ 463 (-46.66%)
Mutual labels: hacking, pentesting
Thc Archive
All releases of the security research group (a.k.a. hackers) The Hacker's Choice
Stars: ✭ 474 (-45.39%)
Mutual labels: hacking, pentesting
Kubernetes Goat
The Kubernetes Goat is designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security.
Refer to https://madhuakula.com/kubernetes-goat for the guide.
Recent Kubernetes Goat Presentations
OWASP Bay Area Meetup
DEFCON Red Team Village
EkoParty 2020 - DevSecOps
Try now
🎲 Just click and Play in the browser for free using Katacoda Playground -https://katacoda.com/madhuakula/scenarios/kubernetes-goat
⚙️ Setting up Kubernetes Goat
- Before we set up the Kubernetes Goat, ensure that you have created and have admin access to the Kubernetes cluster
kubectl version --short
- Set up the helm version 2 in your path as
helm2
. Refer to helm releases for more information about setup
helm2 --help
- Then finally setup Kubernetes Goat by running the following command
git clone https://github.com/madhuakula/kubernetes-goat.git
cd kubernetes-goat
bash setup-kubernetes-goat.sh
- To export the ports/services locally to start learning, run the following command
bash access-kubernetes-goat.sh
- Then navigate to http://127.0.0.1:1234
Kubernetes Goat - KIND setup
- If you want to setup Kubernetes Goat using KIND, refer to kind-setup
🏁 Scenarios
- Sensitive keys in code-bases
- DIND (docker-in-docker) exploitation
- SSRF in K8S world
- Container escape to access host system
- Docker CIS Benchmarks analysis
- Kubernetes CIS Benchmarks analysis
- Attacking private registry
- NodePort exposed services
- Helm v2 tiller to PwN the cluster
- Analysing crypto miner container
- Kubernetes Namespaces bypass
- Gaining environment information
- DoS the memory/CPU resources
- Hacker Container preview
❤️ Showcase
- Presented at OWASP Bay Area Meetup at https://youtu.be/DQllxpb46Yw
- Presented at DEF CON RED Team Village https://youtu.be/aEaSZJRbnTo
- Presented at OWASP San Diego at https://www.meetup.com/Open-Web-Application-Security-Project-San-Diego-OWASP-SD/events/hmbbkrybckbvb/
- Featured in the official Kubernetes Podcast at https://kubernetespodcast.com/episode/109-kubermatic
- Featured in tl;dr sec https://tldrsec.com/blog/tldr-sec-039
- Featured in CloudSecList https://cloudseclist.com/issues/issue-42
- Presented at EkoParty 2020 DevSecOps https://youtu.be/XqwbVU-gtng
- Presented at c0c0cn 2020 https://india.c0c0n.org/2020/speakers#madhu_akula
- Featured in Info Ck YouTube channel https://youtu.be/5ojho4L6Xfo
- Presented in Cloud Native Indonesia Meetup https://youtu.be/pf5jOGWoWU0
⚠️ Disclaimer
Kubernetes Goat creates intentionally vulnerable resources into your cluster. DO NOT deploy Kubernetes Goat in a production environment or alongside any sensitive cluster resources.
Kubernetes Goat comes with absolutely no warranties whatsoever. By using Kubernetes Goat, you take full responsibility for all outcomes that result.
✨ Contributors
Thanks goes to these wonderful people 🎉
madhuakula |
macagr |
NF997 |
smoyer64 |
wurstbrot |
podjackel |
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].