CDK: Penetration Toolkit for Containers

The CDK contains a collection of penetration testing open source tools for containers, designed to deliver exploits on vulnerable machines, without any OS dependency.

Comes with useful networking tools and many powerful PoCs / EXPs to help you easily access a K8s cluster.

Specifications

The CDK has three modules:

1. Evaluate: collect information inside the container to find potential vulnerabilities.
2. Exploit: for container escaping and exploiting vulnerabilities
3. Tool: network tools and APIs for TCP/HTTP requests, tunnels and management K8s cluster.

Use

cdk evaluate [–full] cdk run (–list | […])
cdk auto-escape
CDK [...]

Evaluate:

cdk evaluate Gather information to find weakness inside container.
cdk evaluate –full Enable file scan during information gathering.

Exploit:

cdk run –list List all available exploits.
cdk run […] Run single exploit, docs in https://github.com/cdk-team/CDK/wiki

Auto Escape:
cdk auto-escape Escape container in different ways then let target execute .

Tools:

vi Edit files in container like “vi” command.
ps Show process information like “ps -ef” command.
nc [options] Create TCP tunnel.

ifconfig Show network information.

kcurl (get|post) Make request to K8s api-server.
ucurl (get|post) Make request to docker unix socket.

probe TCP port scan, example: cdk probe 10.0.1.0-255 80,8080-9443 50 1000

Options:

-h –help Show this help msg.
-v –version Show version.

You can download it program from here.