Time to speak about
Cracking Containers without SMS and RegistrationNowadays released Cloud Container Attack Tool (CCAT
☁🐈) - offencive tool for testing security of container environments.
Now it can automatically found images with 'latest' tag in your AWS ECR, generate and push backdored image in two clicks, so you can see what can happens if some keys was leaked.
In future, RhinoSecurityLabs promise add support ECS/EKS attack options, Container Escape Features and same 'features' for Azure, GCP, Alibaba, IBM and OpenShift.
Another usefull stuff on this topic:
-
Docker Bench for Security-
Kube-hunter#security #containers