The CDK contains a collection of penetration testing open source tools for containers, designed to deliver exploits on vulnerable machines, without any OS dependency.
Comes with useful networking tools and many powerful PoCs / EXPs to help you easily access a K8s cluster.
Specifications
The CDK has three modules:
- Evaluate: collect information inside the container to find possible vulnerabilities.
- Exploit: for container escaping and exploiting vulnerabilities
- Tool: network and API tools for TCP / HTTP requests, tunnels and K8s cluster management.
Use
Evaluate:
cdk evaluate Gather information to find weakness inside container.
cdk evaluate –full Enable file scan during information gathering.
Exploit:
cdk run –list List all available exploits.
cdk run [ …] Run single exploit, docs in https://github.com/cdk-team/CDK/wiki
Auto Escape:
Tools:
ps Show process information like “ps -ef” command.
nc [options] Create TCP tunnel.
ifconfig Show network information.
Options:
-h –help Show this help msg.
-v –version Show version.
You can download it program from here.