gitea-mirror/hacktricks-cloud
1
0
Fork 0
mirror of https://github.com/HackTricks-wiki/hacktricks-cloud.git synced 2025-12-29 06:03:26 -08:00
Code Issues Packages Projects Releases Wiki Activity

MIGRATION TYPOS

Browse Source
This commit is contained in:
Carlos Polop
2025-01-05 21:15:12 +01:00
parent c1aee098b6
commit 3a7480d764
20 changed files with 166 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/pentesting-cloud/kubernetes-security/kubernetes-kyverno/README.md
View File

@@ -2,7 +2,7 @@
**The original author of this page is** [**Guillaume**](https://www.linkedin.com/in/guillaume-chapela-ab4b9a196)
## Definition 
## Definition
Kyverno is an open-source, policy management framework for Kubernetes that enables organizations to define, enforce, and audit policies across their entire Kubernetes infrastructure. It provides a scalable, extensible, and highly customizable solution for managing the security, compliance, and governance of Kubernetes clusters.

8
src/pentesting-cloud/kubernetes-security/kubernetes-kyverno/kubernetes-kyverno-bypass.md
View File

@@ -25,15 +25,15 @@ For each ClusterPolicy and Policy, you can specify a list of excluded entities,
These excluded entities will be exempt from the policy requirements, and Kyverno will not enforce the policy for them.
## Example 
## Example
Let's dig into one clusterpolicy example : 
Let's dig into one clusterpolicy example :
```
$ kubectl get clusterpolicies MYPOLICY -o yaml
```
Look for the excluded entities : 
Look for the excluded entities :
```yaml
exclude:
@@ -53,7 +53,7 @@ Within a cluster, numerous added components, operators, and applications may nec
## Abusing ValidatingWebhookConfiguration
Another way to bypass policies is to focus on the ValidatingWebhookConfiguration resource : 
Another way to bypass policies is to focus on the ValidatingWebhookConfiguration resource :
{{#ref}}
../kubernetes-validatingwebhookconfiguration.md

2
src/pentesting-cloud/kubernetes-security/kubernetes-opa-gatekeeper/kubernetes-opa-gatekeeper-bypass.md
View File

@@ -51,7 +51,7 @@ With a comprehensive overview of the Gatekeeper configuration, it's possible to
## Abusing ValidatingWebhookConfiguration
Another way to bypass constraints is to focus on the ValidatingWebhookConfiguration resource : 
Another way to bypass constraints is to focus on the ValidatingWebhookConfiguration resource :
{{#ref}}
../kubernetes-validatingwebhookconfiguration.md

2
src/pentesting-cloud/kubernetes-security/kubernetes-validatingwebhookconfiguration.md
View File

@@ -37,7 +37,7 @@ webhook:
- pods
```
The main difference between a ValidatingWebhookConfiguration and policies : 
The main difference between a ValidatingWebhookConfiguration and policies :
<figure><img src="../../images/Kyverno.png" alt=""><figcaption><p>Kyverno.png</p></figcaption></figure>