Abstract

Docker Exploitation Framework is a cross-platform framework that is focused on attacking container environment (think kubernetes, docker etc). It can identify vulnerabilities, misconfigurations, and potential attack vectors. It also helps to automate different stages of a successful kill-chain through features such as:

• Vulnerability Scanning
• Container breakouts
• Pod2Pod Lateral movement
• File layers deep inspection and extraction
• Attack Surface discovery and mapping
• Privilege Escalation etc

It uses a agent/server architecture. The agents are modular and are designed to be portable with minimal dependencies for maximum compatibility in restricted containers. This is a tool created for pentesters and red teamers.