r0binak

Sergey K.'s starred repositories

kubernetes

Production-Grade Container Scheduling and Management

Language:GoApache-2.0108861 3221 45537

traitor

:arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock

Language:GoMIT6574 125 42

OpenLens

OpenLens Binary Build Repository

Language:JavaScript3937 36 120

CDK

📦 Make security testing of K8s, Docker, and Containerd easier.

Language:GoApache-2.03781 70 43

kubetools

Kubetools - Curated List of Kubernetes Tools

Language:HTMLApache-2.02656 71 135

cloudfox

Automating situational awareness for cloud penetration tests.

Language:GoMIT1861 28 21

cvemap

Navigate the CVE jungle with ease.

Language:GoMIT1565 23 45

microcks

The open source, cloud native tool for API Mocking and Testing. Microcks is a Cloud Native Computing Foundation sandbox project 🚀

Language:JavaApache-2.01295 24 939

AutoPWN-Suite

AutoPWN Suite is a project for scanning vulnerabilities and exploiting systems automatically.

Language:PythonNOASSERTION903 28 28

DDexec

A technique to run binaries filelessly and stealthily on Linux by "overwriting" the shell's process with another.

Language:ShellGPL-3.0788 14 10

KubeHound

Tool for building Kubernetes attack paths

Language:GoApache-2.0705 15 23

security-labs-pocs

Proof of concept code for Datadog Security Labs referenced exploits.

Language:CNOASSERTION414 39 1

awesome-kubernetes-threat-detection

A curated list of resources about detecting threats and defending Kubernetes systems.

351 100

CVE-2022-2992

Authenticated Remote Command Execution in Gitlab via GitHub import

Language:Python220 4 1

MTKPI

🧰 Multi Tool Kubernetes Pentest Image

Language:ShellMIT203 5 1

sbom-operator

Catalogue all images of a Kubernetes cluster to multiple targets with Syft

Language:GoMIT186 6 41

KubeLight

OWASP Kubernetes security and compliance tool [WIP]

Language:PythonApache-2.0100 8 7

Falco-bypasses

Research on various techniques to bypass default falco ruleset (based on falco v0.28.1).

Language:CMIT78 100

kubetcd

Post-exploit a compromised etcd, gain persistence and remote shell to nodes.

Language:GoApache-2.065 6 1

malicious-compliance

Supporting code and demos for KubeCon EU 2023 talk "Malicious Compliance: Reflections on Trusting Container Image Scanners"

Language:Makefile64 6 1

Sneefer is a PoC project showing how to filter out irrelevent vulnerabilities from container image vulnerability scan results. It is based on application monitoring using eBPF and Falco base libraries and writes results in Kubernetes CRDs

Language:Go25 4 6

kubekit

kubernetes rootkit

Language:CGPL-3.02200

gatekeeper-external-data-provider

A template repository for building external data providers for Gatekeeper.

Language:ShellApache-2.09 4 3

kuball

Multicontext CLI for kubectl. All contexts at once or by keyword.

Language:Go5 10

russian-checkers

Russian checkers on C# with mini-max and alpha-beta pruning

Language:C#Apache-2.04 20

metrics-collector

Language:Go200

r0binak

Sergey K.'s starred repositories

kubernetes

traitor

OpenLens

CDK

kubetools

cloudfox

cvemap

microcks

AutoPWN-Suite

DDexec

KubeHound

hacktricks-cloud

security-labs-pocs

CVE-2022-0185

awesome-kubernetes-threat-detection

CVE-2022-2992

MTKPI

sbom-operator

KubeLight

container-security-site

Falco-bypasses

kubetcd

malicious-compliance

DDexec

sneeffer

kubekit

gatekeeper-external-data-provider

kuball

russian-checkers

metrics-collector