Autoplay
Autocomplete
Previous Lesson
Complete and Continue
Hacking and Securing Kubernetes Clusters
Course Introduction
Course Introduction (1:22)
Help & Support
Kubernetes Fundamentals
What is Kubernetes (2:00)
Fundamentals of Kubernetes (0:25)
Required Virtual Machines Download (3:13)
Instructor's Lab Setup (1:48)
Downloadable files for lab setup
Setting up a Kubernetes Cluster (11:43)
Lab set up on Ubuntu 24.04 - Updated August 2024
Verify The Setup (0:45)
Common Kubernetes Terms (5:44)
Understanding various Kubernetes components (5:38)
Deploying the vulnerable application (13:54)
An introduction to Kubectl (8:22)
Hacking Kubernetes Cluster
Introduction (0:52)
Kubernetes Attack Surface (4:05)
Role Based Access Controls - Part 1 (4:19)
Role Based Access Controls - Part 2 (11:16)
Role Based Access Controls - Part 3 (8:29)
Misconfiguring our cluster (3:38)
Getting started with pentesting a Kubernetes cluster- NMAP (2:14)
Initial foot hold through Remote Command Execution (7:10)
Post Exploitation - Enumeration (3:15)
Post Exploitation - More Enumeration (6:49)
Post Exploitation - Interacting with containers in the cluster (5:51)
Getting access to the underlying host - Compromising the worker node (5:58)
Getting access to the underlying host - Compromising the master node (4:01)
Full cluster compromise - Summary of the attack (1:00)
Misconfiguring and Attacking the API Server (10:31)
Misconfiguring and Attacking the Kubelet API (9:31)
Exploring and abusing etcd storage (12:04)
Misconfiguring and Attacking exposed Kubernetes Dashboards (13:15)
Automated Assesments
Introduction to automated tools (0:46)
Kube bench (8:16)
Kube hunter (3:52)
Trivy (4:17)
Kube audit (4:03)
Kubesec (3:39)
Defenses
Introduction (1:25)
Limiting Network Exposure (1:45)
Use of Authorization (4:20)
Introduction to Secrets (2:01)
Introduction to Admission Controllers (2:54)
Implementing Network Policies to limit the attack surface (10:58)
Using Security Context to harden the containers (14:18)
Hardening using Apparmor profiles (6:30)
Hardening using Seccomp profiles (4:06)
Teach online with
Getting access to the underlying host - Compromising the worker node
Lesson content locked
If you're already enrolled,
you'll need to login
.
Enroll in Course to Unlock