Time to speak about Cracking Containers without SMS and Registration
Nowadays released Cloud Container Attack Tool (CCAT ☁🐈) - offencive tool for testing security of container environments.
Now it can automatically found images with 'latest' tag in your AWS ECR, generate and push backdored image in two clicks, so you can see what can happens if some keys was leaked.
In future, RhinoSecurityLabs promise add support ECS/EKS attack options, Container Escape Features and same 'features' for Azure, GCP, Alibaba, IBM and OpenShift.
Another usefull stuff on this topic:
- Docker Bench for Security
- Kube-hunter
#security #containers
Nowadays released Cloud Container Attack Tool (CCAT ☁🐈) - offencive tool for testing security of container environments.
Now it can automatically found images with 'latest' tag in your AWS ECR, generate and push backdored image in two clicks, so you can see what can happens if some keys was leaked.
In future, RhinoSecurityLabs promise add support ECS/EKS attack options, Container Escape Features and same 'features' for Azure, GCP, Alibaba, IBM and OpenShift.
Another usefull stuff on this topic:
- Docker Bench for Security
- Kube-hunter
#security #containers
