mirror of
https://github.com/m0nad/awesome-privilege-escalation.git
synced 2024-12-22 13:55:02 -05:00
Reorganizing docker section and adding docker security checklist
This commit is contained in:
parent
8697afad45
commit
226c37d51a
10
README.md
10
README.md
@ -21,7 +21,6 @@ A curated list of awesome privilege escalation
|
|||||||
* [Presentations](#presentations-1)
|
* [Presentations](#presentations-1)
|
||||||
* [Linux and Windows](#linux-and-windows)
|
* [Linux and Windows](#linux-and-windows)
|
||||||
* [Docker](#docker)
|
* [Docker](#docker)
|
||||||
* [Docker escape](#docker-escape)
|
|
||||||
* [Tools](#tools-2)
|
* [Tools](#tools-2)
|
||||||
* [Cloud](#cloud)
|
* [Cloud](#cloud)
|
||||||
* [AWS](#aws)
|
* [AWS](#aws)
|
||||||
@ -210,15 +209,14 @@ is intended to be executed locally on a Linux box to enumerate basic system info
|
|||||||
|
|
||||||
## Docker
|
## Docker
|
||||||
- [Container security notes](https://gist.github.com/FrankSpierings/5c79523ba693aaa38bc963083f48456c)
|
- [Container security notes](https://gist.github.com/FrankSpierings/5c79523ba693aaa38bc963083f48456c)
|
||||||
- [Escaping Docker container using waitid() – CVE-2017-5123](https://www.twistlock.com/labs-blog/escaping-docker-container-using-waitid-cve-2017-5123/)
|
|
||||||
- [Escaping the Whale: Things you probably shouldn’t do with Docker (Part 1)](https://blog.secureideas.com/2018/05/escaping-the-whale-things-you-probably-shouldnt-do-with-docker-part-1.html)
|
|
||||||
- [Hacking Docker the Easy way](https://pt.slideshare.net/BorgHan/hacking-docker-the-easy-way)
|
|
||||||
|
|
||||||
### Docker escape
|
|
||||||
- [Dirty COW - (CVE-2016-5195) - Docker Container Escape](https://blog.paranoidsoftware.com/dirty-cow-cve-2016-5195-docker-container-escape/)
|
- [Dirty COW - (CVE-2016-5195) - Docker Container Escape](https://blog.paranoidsoftware.com/dirty-cow-cve-2016-5195-docker-container-escape/)
|
||||||
|
- [Docker security checklist](https://github.com/PercussiveElbow/docker-security-checklist)
|
||||||
- [Don't expose the Docker socket (not even to a container)](https://web.archive.org/web/20190623234615/https://www.lvh.io/posts/dont-expose-the-docker-socket-not-even-to-a-container.html)
|
- [Don't expose the Docker socket (not even to a container)](https://web.archive.org/web/20190623234615/https://www.lvh.io/posts/dont-expose-the-docker-socket-not-even-to-a-container.html)
|
||||||
- [Escaping Containers to Execute Commands on Play with Docker Servers](https://www.bleepingcomputer.com/news/security/escaping-containers-to-execute-commands-on-play-with-docker-servers/)
|
- [Escaping Containers to Execute Commands on Play with Docker Servers](https://www.bleepingcomputer.com/news/security/escaping-containers-to-execute-commands-on-play-with-docker-servers/)
|
||||||
|
- [Escaping Docker container using waitid() – CVE-2017-5123](https://www.twistlock.com/labs-blog/escaping-docker-container-using-waitid-cve-2017-5123/)
|
||||||
|
- [Escaping the Whale: Things you probably shouldn’t do with Docker (Part 1)](https://blog.secureideas.com/2018/05/escaping-the-whale-things-you-probably-shouldnt-do-with-docker-part-1.html)
|
||||||
- [Hack Allows Escape of Play-with-Docker Containers](https://threatpost.com/hack-allows-escape-of-play-with-docker-containers/140831/)
|
- [Hack Allows Escape of Play-with-Docker Containers](https://threatpost.com/hack-allows-escape-of-play-with-docker-containers/140831/)
|
||||||
|
- [Hacking Docker the Easy way](https://pt.slideshare.net/BorgHan/hacking-docker-the-easy-way)
|
||||||
|
|
||||||
### Tools
|
### Tools
|
||||||
- [Deepce](https://github.com/stealthcopter/deepce): Docker Enumeration, Escalation of Privileges and Container Escapes (DEEPCE)
|
- [Deepce](https://github.com/stealthcopter/deepce): Docker Enumeration, Escalation of Privileges and Container Escapes (DEEPCE)
|
||||||
|
Loading…
Reference in New Issue
Block a user