performing-kubernetes-penetration-testing

# Performing Kubernetes Penetration Testing ## Overview Kubernetes penetration testing systematically evaluates cluster security by simulating attacker techniques against the API server, kubelet, etcd, pods, RBAC, network policies, and secrets. Using tools like kube-hunter, Kubescape, peirates, and manual kubectl exploitation, testers identify misconfigurations that could lead to cluster compromise. ## When to Use - When conducting security assessments that involve performing kubernetes penetration testing - When following incident response procedures for related security events - When performing scheduled security testing or auditing activities - When validating security controls through hands-on testing ## Prerequisites - Authorized penetration testing engagement - Kubernetes cluster access (various levels for different test scenarios) - kube-hunter, kubescape, kube-bench installed - kubectl configured - Network access to cluster components ## Core Concepts ### Kubernetes Attack Surface | Component | Port | Attack Vectors | |-----------|------|---------------| | API Server | 6443 | Auth bypass, RBAC abuse, anonymous access | | Kubelet | 10250/10255 | Unauthenticated access, command execution | | etcd | 2379/2380 | Unauthenticated read, secret extraction | | Dashboard | 8443 | Default credentials, token theft | | NodePort Services | 30000-32767 | Service exposure, application exploits | | CoreDNS | 53 | DNS spoofing, zone transfer | ### MITRE ATT&CK for Kubernetes...