Kubernetes-goat

kubernetes-goat

제품 정보

즐겨찾기

오픈소스 사용 사례

공개 채팅

지원 계획

현재 사용할 수 있는 OSS 플랜이 없습니다.

저장소의 제공자 또는 기여자인 경우 OSS 플랜 추가를 시작할 수 있습니다.

OSS 플랜 추가
여기에서 자세히 알아보세요

이 오픈소스에 대한 플랜을 찾고 있다면 저희에게 문의해 주세요.

전문 공급자와 연락하실 수 있도록 도와드리겠습니다.

제품 세부 정보

Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground

Kubernetes Goat

Kubernetes Goat

✨ The Kubernetes Goat is designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security 🚀

🙌 Refer to https://madhuakula.com/kubernetes-goat for the guide 📖

Netlify Status License: MIT GitHub release Github Stars PRs Welcome Docker Pulls Kubernetes Goat Twitter Discord

Kubernetes Goat Home

🧰 Setting up Kubernetes Goat

  • Ensure you have admin access to the Kubernetes cluster and installed kubectl. Refer to the docs for installation

  • Ensure you have the helm package manager installed. Refer to the docs for installation

  • To set up the Kubernetes Goat resources in your cluster, run the following commands:

git clone https://github.com/madhuakula/kubernetes-goat.git
cd kubernetes-goat
chmod +x setup-kubernetes-goat.sh
bash setup-kubernetes-goat.sh
  • Ensure the pods are running before running the access script
kubectl get pods

all pods running in kubectl get pods

  • Access Kubernetes Goat by exposing the resources to the local system (port-forward) by the following command:
bash access-kubernetes-goat.sh

Refer to https://madhuakula.com/kubernetes-goat/docs/how-to-run for setting up Kubernetes Goat in various environments like GKE, EKS, AKS, K3S, KIND, etc.

🏆 Scenarios

  1. Sensitive keys in codebases
  2. DIND (docker-in-docker) exploitation
  3. SSRF in the Kubernetes (K8S) world
  4. Container escape to the host system
  5. Docker CIS benchmarks analysis
  6. Kubernetes CIS benchmarks analysis
  7. Attacking private registry
  8. NodePort exposed services
  9. Helm v2 tiller to PwN the cluster - [Deprecated]
  10. Analyzing crypto miner container
  11. Kubernetes namespaces bypass
  12. Gaining environment information
  13. DoS the Memory/CPU resources
  14. Hacker container preview
  15. Hidden in layers
  16. RBAC least privileges misconfiguration
  17. KubeAudit - Audit Kubernetes clusters
  18. Falco - Runtime security monitoring & detection
  19. Popeye - A Kubernetes cluster sanitizer
  20. Secure network boundaries using NSP
  21. Cilium Tetragon - eBPF-based Security Observability and Runtime Enforcement
  22. Securing Kubernetes Clusters using Kyverno Policy Engine

📖 Documentation Guide

Here is the detailed step by step guide for learning and using Kubernetes Goat 🎉: documentation guide

Kubernetes Goat Documentation Guide

Reference: https://madhuakula.com/kubernetes-goat

⚠️ Disclaimer

Kubernetes Goat has intentionally created vulnerabilities, applications, and configurations to attack and gain access to your cluster and workloads. Please DO NOT run this alongside your production environments and infrastructure. We highly recommend running this in a safe and isolated (contained) environment.

Kubernetes Goat is used for educational purposes only. Do not test or apply these attacks on any systems without permission. Kubernetes Goat comes with absolutely no warranties, by using it you take full responsibility for all outcomes.

📝 License

MIT

✨ Acknowledgements

Thanks to to these wonderful people: 🎉

madhuakula
madhuakula
phpsystems
phpsystems
adamhurm
adamhurm
malwareowl
malwareowl
za
za
0xCardinal
0xCardinal
dependabot[bot]
dependabot[bot]
davi-cruz
davi-cruz
mkcn
mkcn
rewanthtammana
rewanthtammana
nayanballa08
nayanballa08
gvoden
gvoden
avicoder
avicoder
macagr
macagr
commjoen
commjoen
ravenium
ravenium
podjackel
podjackel
hexachordanu
hexachordanu
bzd111
bzd111
William-LP
William-LP
wurstbrot
wurstbrot
suneshgovind
suneshgovind
SumoSumir
SumoSumir
smoyer64
smoyer64
pichuang
pichuang
nmiekley
nmiekley
NF997
NF997
Like0x
Like0x
AmeerAssadi
AmeerAssadi
apvarun
apvarun
ant4g0nist
ant4g0nist

문의하기

  • 비즈니스 개발자를 위한 최신 정보를 원하십니까? 소스 코드 프로젝트에 대한 PieceX 커뮤니티의 요구사항을 알아보세요. PieceX의 최신 무료 커뮤니티 코드를 빠르게 알려드립니다.
PieceX Logo