COURSE IS SELF-PACED, AVAILABLE ON DEMAND

DURATION: 18 hours

CPE POINTS: On completion, you get a certificate granting you 18 CPE points. 

The course starts on the 20th of June.

Kubernetes is the most popular open-source container orchestration platform with over 50% of organizations using it and will go up to 75% in near future. So it becomes more crucial to manage the security of it. This course involves simulating an attack on a Kubernetes system in order to identify vulnerabilities and exploit them to evaluate the security posture of the system. This is done to understand how the system would respond to an attack and whether it could be compromised by an attacker. The goal of our Kubernetes ethical hacking is to identify any weaknesses in the system that could be exploited by bad guys, and to make recommendations to strengthen the security of the system.

Who is this course for? 

Ethical hackers

Penetration testers

Red Teamers

DevOps

DevSecOps

Web Developers

Security engineers

Why take it NOW?

This course includes methodology, tools, techniques and procedures (TTP) to execute an assessment that enables a tester to deliver consistent and complete results.

Why this course?

This course is practical and highly focused towards hacking Kubernetes in a wider approach.


Course benefits:

What will you learn about? 

You will be ready for penetration testing Kubernetes (K8s) cluster security. You will have hands-on knowledge of using command line tools, automated security tools to assess the security posture of the clusters.

What tools will you use? 

  • Kube-Hunter
  • KubiScan
  • Kube-bench
  • Trivy 
  • Kubersec
  • Kube audit
  • Nmap
  • cURL
  • Kube auto analyzer
  • Kube ATF
  • Kube Goat
  • Kubescape
  • Kube-bence
  • Kubei

What skills will you gain?

  • In-depth insights of Kubernetes security
  • Readiness to test deployed clusters 
  • Conduction of the security testing 
  • Securing the Kubernetes clusters

Course general information: 

Course format: 

  • Self-paced
  • Pre-recorded
  • Accessible even after you finish the course
  • No preset deadlines
  • Materials are video, labs, and text
  • All videos captioned

What will you need?

  • Computer with good internet connection 
  • At least 40 GB of HDD and 8 GB of RAM
  • VirtualBox or VMware

What should you know before you join?

Basics of containers and familiarity with command line tools.


YOUR INSTRUCTOR: ATUL TIWARI

 

Atul Tiwari has over 10 years in security training. He has trained more than 45k students across 162 countries in online mode. Atul has specialized in web security testing and has conducted hundreds of pentests, audits, and tests of web applications since 2013. He holds CISSP certifications with CEH, cyber laws, CCNA.  

He is the founder and CTO at gray hat | security (INDIA) www.grayhat.in

 


COURSE SYLLABUS


Module 0

Before the course

Introduction to Kubernetes.


Module 1

Basics of Kubernetes & Setting up Lab

This is the first module, which will cover the basics of Kubernetes and provide you with detailed, hands-on information before you begin identifying and attacking Kubernetes clusters. You will learn about Kubernetes clusters, their components, and architectures, and then proceed to set up our lab to simulate attacks later in this course.

Workload: 4h

Covered topics

  • Basics of Kubernetes
  • Installing Kubernetes 
  • Understanding Kubernetes components
  • Kubernetes architectures 
  • Kubernetes dashboard
  • Nodes

Exercises

2-3 exercises will be assigned after each module to test the knowledge you gained from the module. It will test the skills you got from the lessons.


Module 2

Identifying vulnerabilities in K8s clusters

Once you have the deep information about the Kubernetes cluster information, architectures, nodes, components etc. you will now attempt to find more detailed information, vulnerabilities, API request, RBAC abuse, information exposure PODs data, namespace information etc. that all is covered in this module to use that information and attack the clusters.

Workload: 4h

Covered topics

  • Port scanning (Finding exposed pods)
  • Misconfiguration vulnerability
  • REST API Requests
  • Kubernetes Role-Based-access control(RBAC)
  • K8s Service account tokens
  • Kubelet information exposure 
  • Anonymous authentication and authorisation
  • Getting Inside PODs
  • Getting virtual clusters (Namespaces)
  • Abusing Cluster Roles in Kubernetes
  • Container Break-Outs
  • Log-viewing
  • HostPID
  • NetworkPID
  • Shared Memory
  • Worker nodes
  • Master node
  • Backdoors

Exercises

2-3 exercises will be assigned after each module to test the knowledge you gained from the module. It will test the skills you got from the lessons.


Module 3

Exploitation of Kubernetes vulnerabilities

After enumerating numerous services, nodes, default credentials, misconfigurations, insecure clusters, and vulnerabilities, you will learn how to attack the clusters. This will enable you to gain access to higher privileges and obtain critical information for further attacks in the post-exploitation phase.

Workload: 4h

Covered topics

  • Unauthenticated etc access
  • Privileged/root containers
  • Unsecured Kubelet API and servers
  • Getting access to pods secrets 
  • Secret Tokens attacks
  • Escalating privileges 
  • Namespace escalation 
  • Hunting inside the POD
  • POD escaping 
  • Hunting with Kube-Hunter to get sensitive data
  • Attacking compromised containers
  • Kubernetes pivoting 
  • Node post exploitation (Stealing secrets)
  • Command injection
  • Limited Capabilities
  • Bypassing SELinux
  • Side-car attacks
  • Fuzzing

Exercises 

2-3 exercises will be assigned after each module to test the knowledge you gained from the module. It will test the skills you got from the lessons.


Module 4

Security Hardening Kubernetes clusters

In this module, you will learn in depth to harden the security of Kubernetes clusters against the malicious attacks.

Workload: 4h

Covered topics

  • Kubernetes security contexts
  • Kubernetes general hardening 
  • Kubernetes API Hardening
  • And various methods to security harden the Kubernetes clusters 

Exercises 

2-3 exercises will be assigned after each module to test the knowledge you gained from the module. It will test the skills you got from the lessons.


Final exam

MCQ

Workload: 1h


QUESTIONS? 

If you have any questions, please contact our eLearning Manager at [email protected].

(707 views)

Course Reviews

N.A

ratings
  • 5 stars0
  • 4 stars0
  • 3 stars0
  • 2 stars0
  • 1 stars0

No Reviews found for this course.

© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023
What certifications or qualifications do you hold?
Max. file size: 150 MB.

What level of experience should the ideal candidate have?
What certifications or qualifications are preferred?

Download Free eBook

Step 1 of 4

Name(Required)

We’re committed to your privacy. Hakin9 uses the information you provide to us to contact you about our relevant content, products, and services. You may unsubscribe from these communications at any time. For more information, check out our Privacy Policy.