OpenSecAtlas
OPENSECATLAS
11/12 free views
Educational Resource
Framework
Container Security

kubernetes-goat

by madhuakula

5.4Kstars
957forks
56watchers
Updated 3 months ago
About

Kubernetes Goat is an intentionally vulnerable Kubernetes cluster environment designed for hands-on learning and practicing Kubernetes security.

Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀

Primary Use Case

This tool is used by security professionals, developers, and learners to explore and understand Kubernetes security risks through practical exploitation scenarios in a controlled environment. It enables users to simulate attacks, identify vulnerabilities, and improve their skills in container and cluster security.

Key Features
  • Intentionally vulnerable Kubernetes cluster environment
  • Hands-on interactive playground for Kubernetes security training
  • Multiple real-world attack scenarios like SSRF, container escape, and private registry attacks
  • Supports setup on various Kubernetes platforms including GKE, EKS, AKS, K3S, KIND
  • Includes Docker and Kubernetes CIS benchmark analysis
  • Helm-based deployment and management
  • Accessible via local port-forwarding for easy interaction
  • Open source with active community and documentation

Installation

  • Ensure admin access to your Kubernetes cluster and install kubectl
  • Install the helm package manager
  • Clone the repository: git clone https://github.com/madhuakula/kubernetes-goat.git
  • Change directory: cd kubernetes-goat
  • Make setup script executable: chmod +x setup-kubernetes-goat.sh
  • Run setup script: bash setup-kubernetes-goat.sh
  • Verify pods are running with: kubectl get pods
  • Expose resources locally using: bash access-kubernetes-goat.sh
  • Access the Kubernetes Goat UI at http://127.0.0.1:1234

Usage

>_ git clone https://github.com/madhuakula/kubernetes-goat.git

Clone the Kubernetes Goat repository to your local machine.

>_ chmod +x setup-kubernetes-goat.sh

Make the setup script executable.

>_ bash setup-kubernetes-goat.sh

Run the setup script to deploy Kubernetes Goat resources to your cluster.

>_ kubectl get pods

Check that all Kubernetes Goat pods are running successfully.

>_ bash access-kubernetes-goat.sh

Expose Kubernetes Goat services to the local system via port-forwarding.

>_ Navigate to http://127.0.0.1:1234

Access the Kubernetes Goat interactive web interface.

Security Frameworks
Initial Access
Execution
Privilege Escalation
Defense Evasion
Discovery
Usage Insights
  • Integrate Kubernetes Goat into purple team exercises to simulate realistic Kubernetes attack and defense scenarios.
  • Use the tool to train developers and DevOps teams on secure Kubernetes deployment and configuration best practices.
  • Combine with CI/CD pipeline security tools to continuously test Kubernetes cluster resilience against common attack vectors.
  • Leverage the included CIS benchmark analyses to benchmark cluster security posture and guide remediation efforts.
  • Extend the playground by chaining Kubernetes Goat scenarios with automated exploitation frameworks like Metasploit for advanced red team training.

Docs Take 2 Hours. AI Takes 10 Seconds.

Ask anything about kubernetes-goat. Installation? Config? Troubleshooting? Get answers trained on real docs and GitHub issues—not generic ChatGPT fluff.

3 free chats per tool • Instant responses • No credit card

Security Profile
Red Team85%
Blue Team40%
Purple Team75%
Details
LicenseMIT License
LanguageHTML
Open Issues65
Topics
kubernetes
vulnerable-app
security
hacking
pentesting
infrastructure
cloud-security
docker
container
kubernetes-goat

Related Tools

portainer icon

portainer

portainer/portainer

Tool

Making Docker and Kubernetes management easy.

33.2K
11 months ago
slim icon

slim

slimtoolkit/slim

Tool

Slim(toolkit): Don't change anything in your container image and minify it by up to 30x (and for compiled languages even more) making it secure too! (free and open source)

22.7K
4 months ago
kubescape icon

kubescape

kubescape/kubescape

Tool

Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernetes users and administrators precious time, effort, and resources.

11.1K
4 months ago
kube-bench icon

kube-bench

aquasecurity/kube-bench

Tool

Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark

7.9K
3 months ago
kubernetes-learning-path icon

kubernetes-learning-path

techiescamp/kubernetes-learning-path

Educational Resource

A roadmap to learn Kubernetes from scratch (Beginner to Advanced level)

7.4K
3 months ago
kata-containers icon

kata-containers

kata-containers/kata-containers

Framework

Kata Containers is an open source project and community working to build a standard implementation of lightweight Virtual Machines (VMs) that feel and perform like containers, but provide the workload isolation and security advantages of VMs. https://katacontainers.io/

7.3K
4 months ago