Docker Exploitation Framework

#exploitation #container-security #docker #kubernetes #cloud-pentesting #privilege-escalation #lateral-movement

Focus Areas: 📦 Software Supply Chain Security , ☁️ Cloud Security , 🎯 Penetration Testing

This tool demo covers following tools where the speaker has contributed or authored
DOCKER EXPLOITATION FRAMEWORK

Abstract

Docker Exploitation Framework is a cross-platform framework that is focused on attacking container environment (think kubernetes, docker etc). It can identify vulnerabilities, misconfigurations, and potential attack vectors. It also helps to automate different stages of a successful kill-chain through features such as:

Vulnerability Scanning
Container breakouts
Pod2Pod Lateral movement
File layers deep inspection and extraction
Attack Surface discovery and mapping
Privilege Escalation etc

It uses a agent/server architecture. The agents are modular and are designed to be portable with minimal dependencies for maximum compatibility in restricted containers. This is a tool created for pentesters and red teamers.