Can I use this for Docker image forensic analysis?

Yes, it provides commands to extract image layers, analyze container history, and search for embedded secrets using tools like 'dive' or standard CLI utilities.

Does it support Kubernetes security assessments?

Absolutely. It includes techniques for service account token enumeration, API access testing, and checking for overly permissive RBAC settings.

Can this skill identify specific Docker misconfigurations?

Yes, it specifically scans for common risks like the Docker socket being mounted, privileged flag usage, excessive capabilities (CAP_SYS_ADMIN), and insecure host network modes.

What kind of escape techniques are included?

It covers a wide range of escapes including cgroup abuse, privileged container mounting, Docker socket hijacking, and exploiting known runtime vulnerabilities like CVE-2019-5736.

Container Security & Escape Expert

Name: Container Security & Escape Expert
Author: trilwu

bytrilwu

Seguridad y Pruebas

Conducts deep security assessments and penetration tests for Docker and Kubernetes environments to identify and exploit vulnerabilities.

Acerca de

The Container Security & Escape skill empowers Claude to act as a specialized security researcher for containerized environments. It provides structured methodologies for environment detection, misconfiguration auditing, and advanced escape techniques such as Docker socket abuse and Kubernetes API exploitation. By integrating best practices from the security community, this skill enables users to proactively identify excessive capabilities, insecure mounts, and RBAC flaws, ensuring that containerized infrastructure is both resilient and properly hardened against breakout attempts.

Características Principales

Kubernetes API enumeration and RBAC privilege escalation
Automated detection of container types and kernel capabilities
Comprehensive Docker escape techniques for privileged containers
Deep analysis of Docker images for secrets and sensitive data
Identification of common misconfigurations in container runtimes
0 GitHub stars

Casos de Uso

Performing authorized penetration tests on Docker or Kubernetes clusters
Auditing container configurations for excessive privileges or insecure mounts
Analyzing container images for accidentally exposed credentials and keys

Acerca de

Características Principales

Kubernetes API enumeration and RBAC privilege escalation
Automated detection of container types and kernel capabilities
Comprehensive Docker escape techniques for privileged containers
Deep analysis of Docker images for secrets and sensitive data
Identification of common misconfigurations in container runtimes
0 GitHub stars

Casos de Uso

Performing authorized penetration tests on Docker or Kubernetes clusters
Auditing container configurations for excessive privileges or insecure mounts
Analyzing container images for accidentally exposed credentials and keys