https://r4x7.pages.dev/en/categories/containers/ Recent content in Containers on r4x7's Blog Hugo -- 0.154.5 en Wed, 01 Apr 2026 18:00:00 +0200 https://r4x7.pages.dev/en/posts/tools/k8s-audit-tool/ Wed, 01 Apr 2026 18:00:00 +0200 https://r4x7.pages.dev/en/posts/tools/k8s-audit-tool/ <h3 id="introduction">Introduction</h3> <p><code>k8s_audit.py</code> is a security auditing tool for Kubernetes clusters focused on misconfiguration enumeration and penetration testing in containerised environments. All operations are strictly read-only: the tool never modifies cluster state, making it safe to run against production environments without risk of disruption or unintended side effects.</p> <p>The tool is organised into twelve independent audit modules, each targeting a specific attack surface within a Kubernetes cluster. Modules can be run individually or in any combination, allowing the scope of the audit to be tailored to the specific needs of each environment. The available modules are:</p> https://r4x7.pages.dev/en/posts/linux/kubernetes-pentesting/ Sun, 01 Mar 2026 18:00:00 +0100 https://r4x7.pages.dev/en/posts/linux/kubernetes-pentesting/ <h2 id="introduction">Introduction</h2> <p>When auditing a Kubernetes cluster for the first time, whether as part of an internal pentesting exercise, a configuration review, or simply to understand what is running in production, most of the real problems do not show up in fancy automated scanners but in patient reading of the cluster state. Excessive permissions, privileged containers nobody remembers deploying, secrets in environment variables, TLS certificates about to expire, and <code>hostPath</code> volumes mounting sensitive node paths are recurring findings that anyone can detect with <code>kubectl</code> and a bit of method.</p>