CDK: Penetration Toolkit for Containers

The CDK contains a collection of penetration testing tools open source for containers, designed to provide exploits on vulnerable machines, without any dependency on operating system.

Comes with useful networking tools and many powerful PoCs / EXPs to help you easily access a K8s cluster.

Specifications

The CDK has three modules:

1. Evaluate: collect information inside the container to find potential vulnerabilities.
2. Exploit: for container escaping and exploiting vulnerabilities
3. Tool: network and API tools for TCP / HTTP requests, tunnels and K8s cluster management.

Use

cdk evaluate [–full] cdk run (–list | […])
cdk auto-escape
CDK [...]

Evaluate:

cdk evaluate Gather information to find weakness inside container.
cdk evaluate –full Enable file scan during information gathering.

Exploit:

cdk run –list List all available exploits.
cdk run […] Run single exploit, docs in https://github.com/cdk-team/CDK/wiki

Auto Escape:
cdk auto-escape Escape container in different ways then let target execute .

Tools:

vi Edit files in container like “vi” command.
ps Show process information like “ps -ef” command.
nc [options] Create TCP tunnel.

ifconfig Show network information.

kcurl (get|post) Make request to K8s api-server.
ucurl (get|post) Make request to docker unix socket.

probe TCP port scan, example: cdk probe 10.0.1.0-255 80,8080-9443 50 1000

Options:

-h –help Show this help msg.
-v –version Show version.

You can download the program from here.