More links to articles and talks to come!
Tools
Container Breakout
brompwnie/botb (Break out the Box)
A container analysis and exploitation tool for pentesters and engineers by
Chris Le Roy. Written in Golang, can exploit
common container vulnerabilities, perform common container post exploitation
actions, and provide capabilities when certain tools or binaries are not
available in the container. Easy to hook into CI/CD.
genuinetools/amicontained
A Golang container introspection tool by Jessie
Frazelle that determines what container runtime
is being used as well as features available.
nccgroup/ConMachi (Container Blackbox Security Auditing Tool)
ConMachi is a Golang tool by Vikas Kumar and
Rob Glew that can be dropped into a container to
collect information about its configuration, environment, and list potential
security issues. Potential issues ConMachi scans for include: disabled process
and user namespacing, dangerous capabilities, disabled Seccomp/AppArmor
profiles, devices mounted from the host, and more.
antitree/keyctl-unmask
A tool by Mark Manning to demonstrate the
ineffectivity that containers have on isolating Linux Kernel keyrings. It works
by brute forcing an int32 to guess the keyring IDs, asking the Linux kernel
for information about the keyring, if they’re found, try to “Possess” them and
subsequently read the keys of other containers, … and even worse, the host.