1.
Welcome
2.
Introduction
2.1.
Disclaimer
2.2.
Agenda
3.
Environment Setup
3.1.
Importing Virtual Machines
3.2.
SSH into machines from your host
3.3.
Common troubleshooting steps
3.4.
Internet Check
4.
Getting started with docker
4.1.
docker run
4.2.
Dockerfile
4.3.
docker management
5.
Docker Advanced Concepts
5.1.
docker-compose wordpress
5.2.
docker volumes and networks
5.3.
docker swarm
5.4.
Portainer
6.
Attacking Insecure Volume Mounts
6.1.
Scenario
6.2.
Solution
7.
Learning More
7.1.
Namespaces
7.2.
Capabilities
7.3.
Control Groups
8.
Attacking docker misconfiguration
8.1.
Scenario
8.2.
Solution
9.
Auditing Docker containers and images
9.1.
Docker images and containers
9.2.
Scenario
9.3.
Solution
10.
Auditing Docker networks and volumes
10.1.
Docker volumes and networks
10.2.
Scenario
10.3.
Solution
11.
Docker integrity checks
12.
amicontained
13.
Attacking & Auditing Docker Runtime & Registries
13.1.
Docker runtime endpoints
13.2.
Docker registries
14.
Attacking container capabilities
14.1.
Scenario
14.2.
Solution
15.
Linux Security Module: Apparmor
16.
Attacking swarm cluster secrets
16.1.
Scenario
16.2.
Solution
17.
Attacking private registry images
17.1.
Scenario
17.2.
Solution
18.
Docker Bench security audit
19.
Container Security Monitoring
19.1.
Docker logging
19.2.
Docker Events
19.3.
Sysdig Faclo
20.
Kubernetes Environment Setup
20.1.
Cluster Setup
20.2.
Import VM
20.3.
Configure kubectl
20.4.
Vulnerable Apps
21.
Getting Started with Kubernetes
21.1.
The Illustrated Children's Guide to Kubernetes
21.2.
Introduction to Kubernetes
21.3.
Kubernetes Overview
21.4.
Understanding Kubernetes specific technical terms
21.5.
kubectl usage for pentesters
22.
Deploying simple application in Kubernetes Cluster
22.1.
Using yaml manifest
22.2.
Using helm chart
23.
Scenario-1 - Exploiting Private Registry via Misconfiguration
23.1.
Scenario
23.2.
Solution
23.3.
Discussion
24.
Scenario-2 - Attacking Kubernetes Cluster Metadata using SSRF vulnerability
24.1.
Scenario
24.2.
Solution
24.3.
Discussion
25.
Scenario-3 - Testing for the sensitive configurations and secrets in Kubernetes cluster
25.1.
Scenario
25.2.
Solution
25.3.
Discussion
26.
Scenario-4 - Docker escape using Pod Volume Mounts to access the nodes and host systems
26.1.
Scenario
26.2.
Solution
26.3.
Discussion
27.
Scenario-5 - Attacking applications in different namespaces in Kubernetes cluster
27.1.
Scenario
27.2.
Solution
27.3.
Discussion
28.
Scenario-6 - Attacking Helm tiller without RBAC setup
28.1.
Scenario
28.2.
Solution
28.3.
Discussion
29.
Running kube-bench
30.
Running kubesec
31.
Running kube-hunter
32.
Running kubeaudit
33.
Logging and Monitoring
34.
Automated Security Defense using Sysdig Falco
35.
DEMO's
35.1.
CVE-2018-1002105
35.2.
CVE-2019-5736
35.3.
CVE-2019-9901
36.
Fun Learning About Kubernetes
36.1.
Contained.af
36.2.
Play with Docker
36.3.
Katacoda Docker Security
36.4.
Play with Kubernetes
37.
Popular Attacks
37.1.
Dockerhub 190k accounts
37.2.
Cryptojacking using public docker containers
37.3.
Dockerhub known vulnerable images
37.4.
BSidesSF CTF cluster pwn
37.5.
Shopify metadata to cluster pwn
38.
References & Resources
39.
Terminology Glossary
License
Light (default)
Rust
Coal
Navy
Ayu
Attacking and Auditing Docker Containers and Kubernetes Clusters
Popular Attacks
Dockerhub 190k accounts
Cryptojacking using public docker containers
Dockerhub known vulnerable images
BSidesSF CTF cluster pwn
Shopify metadata to cluster pwn