Hackers of India

Kubernetes Goat: Interactive Kubernetes Security Learning Playground

By  Madhu Akula  on 11 May 2023 @ Blackhat : Arsenal

This Tool Demo covers following tools where the speaker has contributed or authored
KUBERNETES GOAT

Abstract

Kubernetes Goat is a “vulnerable by design” Kubernetes Cluster environment to practice and learn about Kubernetes Security. It has step by step detailed guide and digital book on how to get started with Kubernetes Goat by exploring different vulnerabilities in Kubernetes Cluster and Containerized environments. Also, it has scenarios taken from the real-world vulnerabilities and maps the Kubernetes Goat scenarios. The complete documentation and instruction to practice Kubernetes Security for performing security assessments, pentesting, and in general Kubernetes Security. As a defender you will see how we can learn these attacks, misconfigurations to understand and improve your cloud-native infrastructure security posture.

Some of the high-level scenarios include, but are not limited to

  1. Sensitive keys in code-bases
  2. DIND (docker-in-docker) exploitation
  3. SSRF in K8S world
  4. Container escape to access host system
  5. Docker CIS Benchmarks analysis
  6. Kubernetes CIS Benchmarks analysis
  7. Attacking private registry
  8. NodePort exposed services
  9. Helm v2 tiller to PwN the cluster
  10. Analysing crypto miner container
  11. Kubernetes Namespaces bypass
  12. Gaining environment information
  13. DoS the memory/CPU resources
  14. Hacker Container preview
  15. Hidden in layers
  16. RBAC Least Privileges Misconfiguration
  17. KubeAudit - Audit Kubernetes Clusters
  18. Sysdig Falco - Runtime Security Monitoring & Detection
  19. Popeye - A Kubernetes Cluster Sanitizer
  20. Secure network boundaries using NSP