🙄
p1k4chu@p1k4chu-host
  • About Me
  • Tools
    • Defensive Tools
      • H0neyTr4p
    • Offensive Tools
      • Ransomware Simulator - PyRan
  • Security Research
    • AI Security Research
      • Attacking using (and defending against) Input manipulation attacks against AI
      • (Ab)using AI to attack M365 and other services to conduct plethora of attacks
    • Cloud Security Research
      • Azure Storage Account Security - Attack & Defend: Part 1
      • Attack and Defend Azure Serial Console - Part 1
      • Azure Serial Console Attack and Defense - Part 2
    • Adversarial Tradecraft Research & Detection
      • RDP Exfil - The technique that works almost every time
      • Smishing Traid targets India with large scale "India Post" themed iMessage phish texts
      • Quick Assist: Friend or Foe? How adversaries can exploit this tool and how can you defend?
      • EDR Silencer - Embracing the Silence
      • Dissecting & Detecting Lsass Shtinkering
      • Detecting malicious OOB: Part -1: Hunting for OOB server - Interact.sh
      • Abusing Windows VPN for EXFIL
      • Analyzing Nobelium's HTML Dropper - EnvyScout
    • Web & Mobile App Sec
      • [CVE-2015-2300] ENL-Newsletter CSRF Full Disclosure
      • Yandex Mobile App vulnerable to Insecure Data storage
      • Bug on paypal worth 1000$
      • Session fixation bug on coinbase.
      • CyanogenMod (In)Secure Folder Lock !
  • Security Talk
    • Review of CRTP - Pentester Academy
    • Review of Hacking and Securing Kubernetes
Powered by GitBook
On this page
  • What's Kubernetes?
  • Why should I care?
  • Intended Audience & Prerequisites?
  • Course content
  • Review
  • Pros
  • Cons
  • Verdict

Was this helpful?

  1. Security Talk

Review of Hacking and Securing Kubernetes

A tale of learning to hack and secure the world of containers. Course Link: https://theoffensivelabs.com/p/hacking-and-securing-kubernetes-clusters

PreviousReview of CRTP - Pentester Academy

Last updated 1 year ago

Was this helpful?

I love learning new things and with great knowledge comes great responsibility to share the source of the knowledge. I recently came across a course called Hacking and Securing kubernetes and it instantly caught my eye as it was one of the few things that was on my long wish list to learn.

TLDR; If you're interested to register for the course, check this link.

What's Kubernetes?

Kubernetes is a container orchestration platform that lets you maintain container based applications at scale. It was open-sourced by Google in early 2000's.

Why should I care?

Well, containers are taking over the application developments life cycle's by storm. I can probably take liberty to draw lines from the evolution of smartphones ruining pagers to the current container ecosystem overtaking the traditional development and deployment life-cycle.

Kubernetes reduces cost and increases reliability, flexibility making it a great choice for teams and Security of the environment is of paramount importance as organisations are well aware about the optics of data leakage in the current arena.

So if you're a pentester, it's important to understand the best practices to be followed in a containerized environment.

Intended Audience & Prerequisites?

You'd need to know the basics of containerization and basics of how web applications and routing works. This course is intended for

  • Developers who want to learn to secure their application environment

  • Penetration testing teams who want to secure their organisation

  • Security researchers and consultants who want to secure their clients

Course content

The course content covers everything from basics of setting up a cluster setup to owning the underlying host to laterally moving and compromising master node. One of the best part of the course that fascinated me was the defenses section which had various mechanisms like using seccomp, apparmor, admission controllers and role based access controls (to name a few)..

What was covered?

The following are the exhaustive list of topics that were covered as a part of the course.

  • Introduction to kubernetes

  • Common terms and tools of trade for controlling the setup

  • Vulnerable application based lab setup and verification

  • Attack surface of kubernetes

  • Concepts of authentication, authorization, access control inside a cluster

  • Penetration testing of a cluster setup

  • Post exploitation and lateral movement techniques

  • Breaking out of a cluster to own the master node

  • Various commonly-found mis-configurations in kubernetes setups

  • Automated VAPT of clusters

  • Various defenses to secure cluster against the bad guys.

Review

Pros

  • The course content was really good. The trainer went straight to the point without discussing generic "Why information security" content (meh! I hate it when people do it all the time)

  • The content was on-par with some reputed internal conference training's and the content was articulated well.

  • Their support was really awesome. The team was always available through discord to support me through issues in setting up labs and other queries.

  • Unlike other courses, defenses section for blue teams was also covered exhaustively.

Cons

  • I wish there were hands-on labs associated with the course, I'd not hesitate to pay few extra bucks for that. However, the walk-through for the hands-on in the videos were quiet sufficient.

Verdict

If you're looking to invest in learning, there's no better time. If you're interested to learn about Kuberenetes security, I'd suggest you to sign-up at https://theoffensivelabs.com. Full Link. ( https://theoffensivelabs.com/p/hacking-and-securing-kubernetes-clusters)

Disclaimer: I'm no where associated with the offensive labs. Don't direct your queries to me ;) You can ping them at https://theoffensivelabs.com

Image taken from offensivelabs