[addtool] Kubesploit

[gwen001]

[tags]kubernetes,postexploitation,c2c,containers[/tags] [short_descr]Cross-platform command & control server and agent focused on containerized environments.[/short_descr] [link] https://github.com/cyberark/kubesploit [/link] [long_descr] Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent dedicated for containerized environments written in Golang and built on top of Merlin.

The currently available modules are:

• Container breakout using mounting
• Container breakout using docker.sock
• Container breakout using CVE-2019-5736 exploit
• Scan for Kubernetes cluster known CVEs
• Port scanning with focus on Kubernetes services
• Kubernetes service scan from within the container
• Light kubeletctl containing the following options: Scan for containers with RCE, Scan for Pods and containers, Scan for tokens from all available containers, Run command with multiple options
• cGroup breakout
• Kernel module breakout
• Var log escape
• Deepce: Docker enumeration (Open-Source project integrated as a module)
• Vulnerability test: check which of kubesploit exploits your container is vulnerable to [/long_descr] [image] https://raw.githubusercontent.com/gwen001/offsectools_www/main/tmp/037a2268b7bfe128b6594698cf5ef1c7.png [/image]

[gwen001]

Issue correctly handled, tool is waiting for human validation.

[gwen001]

Tool has been accepted by the team: https://offsec.tools/tool/kubesploit

Thank you for your contribution!