The CDK contains a collection of penetration testing open source tools for containers, designed to deliver exploits on vulnerable machines, without any OS dependency.
Comes with useful networking tools and many powerful PoCs / EXPs to help you easily access a K8s cluster.
Specifications
The CDK has three modules:
- Evaluate: collect information inside the container to find potential vulnerabilities.
- Exploit: for container escaping and exploiting vulnerabilities
- Tool: network tools and APIs for TCP/HTTP requests, tunnels and management K8s cluster.
Use
cdk evaluate [–full] cdk run (–list |
cdk auto-escape
CDK
Evaluate:
cdk evaluate Gather information to find weakness inside container.
cdk evaluate –full Enable file scan during information gathering.
Exploit:
cdk run –list List all available exploits.
cdk run
Auto Escape:
cdk auto-escape
Tools:
vi
ps Show process information like “ps -ef” command.
nc [options] Create TCP tunnel.
ifconfig Show network information.
kcurl
ucurl (get|post)
probe
Options:
-h –help Show this help msg.
-v –version Show version.
You can download it program from here.