The CDK contains a collection of penetration testing open source tools for containers, designed to deliver exploits on vulnerable machines, without any OS dependency.
Comes with useful networking tools and many powerful PoCs / EXPs to help you easily access in a K8s cluster.
Specifications
The CDK has three modules:
- Evaluate: collect information inside the container to find possible vulnerabilities.
- Exploit: for container escaping and exploiting vulnerabilities
- Tool: network and API tools for TCP / HTTP requests, tunnels and K8s cluster management.
Use
cdk evaluate [–full] cdk run (–list |
cdk auto-escape
CDK
Evaluate:
cdk evaluate Gather information to find weakness inside container.
cdk evaluate –full Enable file scan during information gathering.
Exploit:
cdk run –list List all available exploits.
cdk run
Auto Escape:
cdk auto-escape
Tools:
vi
ps Show process information like “ps -ef” command.
nc [options] Create TCP tunnel.
ifconfig Show network information.
kcurl
ucurl (get|post)
probe
Options:
-h –help Show this help msg.
-v -version Show version.
You can download the program from here.