Peirates
Peirates is a Kubernetes penetration testing tool that enables attackers to escalate privileges and pivot through a cluster. It automates techniques to steal service accounts, achieve code execution, and gain cluster control.
Description
Peirates is designed for Kubernetes penetration testing, providing attackers with capabilities to escalate privileges and move laterally through a Kubernetes cluster. The tool automates known attack techniques, making it efficient for security professionals conducting red team exercises or penetration tests against Kubernetes environments.
Primary use cases include testing the security posture of Kubernetes clusters by simulating real-world attack scenarios. It helps identify weaknesses in service account management, API server access controls, and privilege escalation paths. Security teams can use Peirates to validate cluster configurations and ensure proper RBAC (Role-Based Access Control) implementations.
The tool targets common Kubernetes vulnerabilities and misconfigurations, such as overly permissive service accounts and exposed API servers. By automating these attack vectors, Peirates saves time during assessments and provides comprehensive coverage of cluster compromise techniques.
How It Works
Peirates interacts with the Kubernetes API server using provided tokens (JWT) and API server URLs. It automates exploitation techniques including service account token theft, privilege escalation via known Kubernetes vulnerabilities, and lateral movement through cluster nodes. The tool supports ignoring TLS certificate validation for API requests and offers modular execution with verbose logging for debugging cluster interactions and attack progress.
Installation
sudo apt install peiratesFlags
Examples
peirates -hpeirates -u https://10.96.0.1:6443peirates -t <jwt-token>peirates -u https://10.96.0.1:6443 -t <jwt-token>peirates -k -u https://10.96.0.1:6443peirates -v -u https://10.96.0.1:6443peirates -m <module-name>