DataDog / stratus-red-team

:cloud: :zap: Granular, Actionable Adversary Emulation for the Cloud
https://stratus-red-team.cloud
Apache License 2.0
1.83k stars 215 forks source link

New attack techniques: Kubernetes #550

Open micahhausler opened 3 months ago

micahhausler commented 3 months ago

There are other publicly known attack methods in Kubernetes, would be great to see documented and automated.

Cred Access:

Persistence:

Defense Evasion:

christophetd commented 3 months ago

Thanks a lot for the great suggestions! Do you have any thoughts on exploitation/usage in the wild (whether by attackers or pentesters) that would be helpful for prioritization?

micahhausler commented 3 months ago

I don't have any data on usage, but in terms of accessibility to an attacker, changing an aud on a TokenRequest by a kubelet is the greatest current risk as the kubelet can legitimately specify whatever aud it wants.