The CDK contains a collection of penetration testing tools open source for containers, designed to provide exploits on vulnerable machines, without any dependency on operating system.
Comes with useful networking tools and many powerful PoCs / EXPs to help you easily access a K8s cluster.
Specifications
The CDK has three modules:
- Evaluate: collect information inside the container to find potential vulnerabilities.
- Exploit: for container escaping and exploiting vulnerabilities
- Tool: network and API tools for TCP / HTTP requests, tunnels and K8s cluster management.
Use
cdk evaluate [–full]
cdk run (–list |
cdk auto-escape
CDK
Evaluate:
cdk evaluate Gather information to find weakness inside container.
cdk evaluate –full Enable file scan during information gathering.
Exploit:
cdk run –list List all available exploits.
cdk run
Auto Escape:
cdk auto-escape
Tools:
vi
ps Show process information like “ps -ef” command.
nc [options] Create TCP tunnel.
ifconfig Show network information.
kcurl
ucurl (get|post)
probe
Options:
-h –help Show this help msg.
-v –version Show version.
You can download the program from here.