Exploit that launches a process on the host from within a Docker container run with the --privileged flag by abusing the Linux cgroup v1 “notification on release” feature.
Atomic Reactor is a Python library with a command-line interface for building Docker images. It allows you to push images to a registry, build inside a separate Docker container, use Git as a source for your Dockerfile, collect build logs, integrate with the koji build system and Fedora packaging system, inject arbitrary yum repos, retag base images, change base images in Dockerfiles, and run tests after image builds.
Exploit that launches a process on the host from within a Docker container run with the --privileged flag by abusing the Linux cgroup v1 “notification on release” feature.
Show the history and changes between configuration versions of AWS resources
Analyzes CloudTrail data of a given AWS account and generates a summary of recently active IAM principals, API calls they made, as well as regions, IP addresses and user agents they used.
Exploring the transition towards real sandbox containers and the differences in privileges compared to traditional sandboxes like Chrome.
An open-source security tool for AWS, Azure, Google Cloud, and Kubernetes security assessments and audits.
Grype is a vulnerability scanner for container images and filesystems that scans for known vulnerabilities and supports various image formats.