Brad Geesaman's repositories
kube-env-stealer
Automated GKE Kubelet Impersonation and Cluster Secret Stealer via kube-env
malicious-compliance
Supporting code and demos for KubeCon EU 2023 talk "Malicious Compliance: Reflections on Trusting Container Image Scanners"
subpath-exploit
Writeup of CVE-2017-1002101 with sample "exploit"/escape
registry-search-order
Landing page for those who "accidentally" ran a container image from an org-squatted container registry location
cve-2018-1002105
PoC command injection example for cve-2018-1002105 based off https://github.com/gravitational/cve-2018-1002105
go-webshell
A simple webshell written in Go.
lonimbus.com
At the intersection of cloud technologies, devops, security, and infrastructure as code.