Command and KubeCTL - Real-World Kubernetes Security for Pentesters

Explore real-world Kubernetes security challenges and attack techniques in this comprehensive conference talk from Shmoocon 2020. Dive into tactics, tools, and methodologies for assessing and exploiting Kubernetes clusters, including intercepting service mesh traffic, evading runtime syscall filters, and exploiting custom sidecars. Learn about chaining attacks from compromising build environments to exploiting production applications. Gain practical advice and guidance based on experience from hundreds of containerized environment reviews. Discover the intricacies of container breakouts, attack simulations, devops pipeline architecture reviews, and working with developers on applications leveraging containerization technologies. Cover essential topics such as namespace isolation, Linux kernel controls, syscall filtering, and integration with Docker and Kubernetes. Understand the threat model, direct access challenges, node pools, and service exploits in Kubernetes environments. Explore KubeCTL roles, attack pods, pod security policies, and serverside request forgery. Delve into multi-tenant environments, isolation models, and crucial next steps for enhancing Kubernetes security.