This scenario is mainly to perform the Docker CIS benchmarks analysis on top of Kubernetes nodes to identify the possible security vulnerabilities.
- To get started with this scenario you can either access the node and perform by following docker bench security or run the following command to deploy docker bench security as a DaemonSet
kubectl apply -f scenarios/docker-bench-security/deployment.yaml kubectl get daemonsets
- Access the each
docker-bench-security-xxxxxpod based on how many nodes you have in Kubernetes cluster and run the Docker CIS benchmarks
kubectl exec -it docker-bench-security-xxxxx -- sh cd docker-bench-security
- Run the Docker CIS benchmarks script
- Now based on the vulnerabilities you see from the Docker CIS benchmarks, you can proceed with further exploitation