The CDK contains a collection of open source penetration testing tools code for containers, designed to deliver exploits on vulnerable machines, without any dependency on the operating system.
Comes with useful networking tools and many powerful PoCs / EXPs to help you easily access a K8s cluster.
Specifications
The CDK has three modules:
- Evaluate: collect information inside the container to find potential vulnerabilities.
- Exploit: for container escaping and exploiting vulnerabilities
- Tool: network and API tools for TCP / HTTP requests, tunnels and K8s cluster management.
Use
cdk evaluate [–full] cdk run (–list |
cdk auto-Escape
CDK
Evaluate:
cdk evaluate Gather information to find weakness inside container.
cdk evaluate –full Enable file scan during information gathering.
Exploit:
cdk run –list List all available exploits.
cdk run
Auto Escape:
cdk auto-escape
Tools:
vi
ps Show process information like “ps -ef” command.
nc [options] Create TCP tunnel.
ifconfig Show network information.
kcurl
ucurl (get|post)
probe
Options:
-h –help Show this help msg.
-v –version Show version.
You can download the program from here.