DEF CON Forum Site Header Art
DEF CON Forum Site Header Art


No announcement yet.

Kubernetes Goat Demolab at DEF CON 29

  • Filter
  • Time
  • Show
Clear All
new posts

  • Kubernetes Goat Demolab at DEF CON 29

    Tool or Project Name: Kubernetes Goat

    Short Abstract:
    Kubernetes Goat is “vulnerable by design” Kubernetes Cluster environment to practice and learn about Kubernetes Security. It has step by step detailed guide and digital book on how to get started with Kubernetes Goat by exploring different vulnerabilities in Kubernetes Cluster and Containerized environments. Also, it has scenarios taken from the real-world vulnerabilities and maps the Kubernetes Goat scenarios. The complete documentation and instruction to practice Kubernetes Security for performing security assessments, pentesting, and in general Kubernetes Security. As a defender you will see how we can learn these attacks, misconfigurations to understand and improve your cloud native infrastructure security posture.

    Short Developer Bio:
    Madhu Akula is the creator of Kubernetes Goat, an intentionally vulnerable by design Kubernetes Cluster to learn and practice Kubernetes Security. Also published author and Cloud Native security architect with extensive experience. Also, he is an active member of the international security, DevOps, and Cloud Native communities (null, DevSecOps, AllDayDevOps, etc). Holds industry certifications like OSCP (Offensive Security Certified Professional), CKA (Certified Kubernetes Administrator), etc.

    Madhu frequently speaks and runs training sessions at security events and conferences around the world including DEF CON (24, 26, 27, 28), Black Hat USA (2018, 19, 21), USENIX LISA (2018, 19, 21), O’Reilly Velocity EU 2019, GitHub Satellite 2020, Appsec EU (2018 & 19), All Day DevOps (2016, 17, 18, 19 & 20), DevSecCon (London, Singapore, Boston), DevOpsDays India, c0c0n(2017, 18, 20), Nullcon (2018, 19, 21), SACON 2019, Serverless Summit, null and multiple others.

    His research has identified vulnerabilities in over 200+ companies and organizations including; Google, Microsoft, LinkedIn, eBay, AT&T, WordPress, NTOP and Adobe, etc, and credited with multiple CVE’s, Acknowledgements, and rewards. He is co-author of Security Automation with Ansible2 (ISBN-13: 978-1788394512), which is listed as a technical resource by Red Hat Ansible. Also, technical reviewer of Learn Kubernetes Security book published by Packt. Won 1st prize for building Infrastructure Security Monitoring solution at InMobi flagship hackathon among 100+ engineering teams

    URL to any additional information:Detailed Explanation of Tool:
    Kubernetes Goat is designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security.
    Some of the high-level scenarios include, but not limited to below:
    • Sensitive keys in code bases
    • DIND (docker-in-docker) exploitation
    • SSRF in K8S world
    • Container escape to access host system
    • Docker CIS Benchmarks analysis
    • Kubernetes CIS Benchmarks analysis
    • Attacking private registry
    • NodePort exposed services
    • Helm v2 tiller to PwN the cluster
    • Analysing crypto miner container
    • Kubernetes Namespaces bypass
    • Gaining environment information
    • DoS the memory/cpu resources
    • Hacker Container preview
    • Hidden in layers
    Supporting Files, Code, etc:

    Target Audience:
    Offense, Defense

    The adoption of Kubernetes use in production has increased to 83% from a survey by CNCF. Still, most of the security teams struggle to understand these modern technologies. So this project helps and brings a completely new area of research to share with the community to learn and practice from years of experience.
    PGP Key:

  • #2
    Super excited and looking forward :)