reddit hackernews mail facebook facebook linkedin


Make security testing of K8s, Docker, and Containerd easier.

CDK is an open-sourced container penetration toolkit, designed for offering stable exploitation in different slimmed containers without any OS dependency. It comes with useful net-tools and many powerful PoCs/EXPs and helps you to escape container and take over K8s cluster easily.

CDK has three modules:
1/ Evaluate: gather information inside container to find potential weakness.
2/ Exploit: for container escaping, persistance and lateral movement
3/ Tool: network-tools and APIs for TCP/HTTP requests, tunnels and K8s cluster management.