工具集合:
后渗透:Kubesploit : https://github.com/cyberark/kubesploit
后渗透:k0otkit: https://github.com/Metarget/k0otkit
安全评估:Red Kube :https://github.com/lightspin-tech/red-kube
容器攻击工具:ccat : https://github.com/RhinoSecurityLabs/ccat
安全测试:Kubestriker :https://github.com/vchinnipilli/kubestriker
提升权限和横向运动:peirates:
peirates: Kubernetes Penetration Testing tool ? Penetration Testing
地址
GitHub - aquasecurity/kube-hunter: Hunt for security weaknesses in Kubernetes clusters
pip3安装后通过kube-hunter进入交互式界面
扫描master
扫描node