Skip to content

ashifly/kubeshadow-attack-labs

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
manifests
manifests
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
lab.go
lab.go
 
 
main.tf
main.tf
 
 
outputs.tf
outputs.tf
 
 
variables.tf
variables.tf
 
 

Repository files navigation

KubeShadow Attack Labs

A dedicated Infrastructure-as-Code repo for deploying intentionally vulnerable Kubernetes environments used to test the KubeShadow red-team framework.

Architecture

kubeshadow-attack-labs/
├── main.tf          # Dynamic Terraform — auto-loads all manifests
├── variables.tf     # Input variables
├── outputs.tf       # Deployed resource names
├── lab.go           # Cluster provisioning (AWS/GCP/Azure/minikube/kind)
├── manifests/       # 24 attack-lab YAML files (single source of truth)
└── README.md

To add a new lab scenario: drop a YAML file in manifests/ and run terraform apply. No other changes needed.

Usage

Via KubeShadow (recommended)

kubeshadow lab apply --provider minikube
kubeshadow lab apply --provider aws --cluster-size minimal --use-spot
kubeshadow lab apply --manifest 05-secrets.yaml   # deploy one scenario

kubeshadow lab destroy --provider minikube

Standalone (Terraform directly)

# Apply all 24 lab environments
terraform init
terraform apply -auto-approve

# Apply a single manifest
terraform apply -auto-approve -var="target_manifest=05-secrets.yaml"

# Tear down
terraform destroy -auto-approve

Lab Environments (24 scenarios)

# File Scenario
01 01-namespace.yaml Namespace setup
02 02-rbac.yaml RBAC misconfigurations
03 03-pods.yaml Vulnerable pods
04 04-services.yaml Exposed services
05 05-secrets.yaml Secrets exposure
06 06-configmaps.yaml ConfigMap abuse
07 07-network-policies.yaml Network policy gaps
08 08-persistent-volumes.yaml PV/PVC attacks
09 09-ephemeral-containers.yaml Ephemeral container abuse
10 10-secure-ephemeral.yaml Secure ephemeral baseline
11 11-ephemeral-attack-scenarios.yaml Ephemeral attack chains
12 12-advanced-vulnerabilities.yaml Advanced vuln scenarios
13 13-chroot-escape.yaml Chroot container escape
14 14-secure-chroot.yaml Secure chroot baseline
15 15-highly-vulnerable.yaml Highly vulnerable workloads
16 16-owasp-comprehensive.yaml OWASP Top 10 K8s
17 17-ssrf-vulnerability.yaml SSRF attack surface
18 18-container-escape.yaml Container escape
19 19-supply-chain-attack.yaml Supply chain attack
20 20-crypto-miner.yaml Crypto miner detection
21 21-dns-poisoning.yaml DNS poisoning lab
22 22-cve-2025-1974-ingress-nginx-rce.yaml CVE-2025-1974 ingress-nginx RCE
23 23-cve-2025-5187-node-ownerreference.yaml CVE-2025-5187 node ownerref
24 24-tls-bootstrap-azure.yaml Azure TLS bootstrap attack

Requirements

  • terraform >= 1.5.0
  • kubectl configured and pointing at your cluster
  • For cloud clusters: eksctl (AWS), gcloud (GCP), or az (Azure)

Variables

Variable Default Description
kubeconfig_path ~/.kube/config Path to kubeconfig
kube_context "" Kubeconfig context
target_manifest "" Deploy only this YAML (empty = all)
provider_name minikube Cloud/local provider
cluster_name kubeshadow-lab Cluster name
cluster_size minimal minimal / small / medium
use_spot false Use spot instances

About

Vulnerable Kubernetes attack labs for the KubeShadow framework

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages