The CDK contains a collection of penetration testing open source tools for containers, designed to deliver exploits to vulnerable machines without any dependency on the operating system.
Comes with useful networking tools and many powerful PoCs / EXPs to help you easily access a K8s cluster.
The CDK has three modules:
- Evaluate: collect information inside the container to find potential vulnerabilities.
- Exploit: for container escaping and exploiting vulnerabilities
- Tool: network and API tools for TCP / HTTP requests, tunnels and K8s cluster management.
cdk evaluate [–full] cdk run (–list | [ …])
cdk [ …]
cdk evaluate Gather information to find weakness inside container.
cdk evaluate –full Enable file scan during information gathering.
cdk run –list List all available exploits.
cdk run [ …] Run single exploit, docs in https://github.com/cdk-team/CDK/wiki
cdk auto-escape Escape container in different ways then let target execute .
vi Edit files in container like “vi” command.
ps Show process information like “ps -ef” command.
nc [options] Create TCP tunnel.
ifconfig Show network information.
kcurl (get | post) Make request to K8s api-server.
ucurl (get | post) Make request to docker unix socket.
probe TCP port scan, example: cdk probe 10.0.1.0-255 80,8080-9443 50 1000
-h –help Show this help msg.
-v –version Show version.
You can download the program from here.