nginx

ingress

tools

penetration-testing

Exploit Code for Ingress Nginx CVE-2023-5044

18 January 2024

I was delivering a Kubernetes Security Review this week and the cluster was running version 1.7 of the ingress-nginx controller. This is affected by a few CVEs but notably CVE-2023-5044. This is a quick post about a PoC tool I’ve released to exploit it. Background CVE-2023-5044 allows for …
Read

kubeletmein

tools

Kubeletmein EKS (and other) Updates

5 March 2021

sri

tools

SRI Check Tool

6 February 2021

penetration-testing

kubernetes

Hacking DigitalOcean’s New Kubernetes Service

13 December 2018

penetration-testing

kubernetes

Kubeletmein - A tool for abusing kubelet credentials

6 December 2018

penetration-testing

kubernetes

Hacking Kubelet on Google Kubernetes Engine

29 November 2018