Book of BugBounty Tips
  • Introduction
  • OSINT / Recon
  • API
  • Cross Site Request Forgery (CSRF)
  • Server Side Request Forgery (SSRF)
  • Sensitive Information Disclosure
  • Cross Site Scripting (XSS)
  • CRLF
  • Remote Code Execution (RCE)
  • Email Bypass
  • File Upload
  • Open Redirect
  • Insecure Direct Object Reference (IDOR)
  • Injection
  • XXE
  • Local / Remote File Inclusion
  • Authentication / Authorization
  • Account Takeover
  • Application Login
  • Clickjacking
  • Parameter Pollution
  • Fuzzing
  • Application Logic Bypasses
  • Bypasses
  • Mobile
  • Password Reset
  • Web Cache
  • Server Side Template Injection
  • Tips from @EdOverflow
  • Tips From @intigriti
  • Hackpack From @yeswehack
  • Tips from @YogoshaOfficial
  • Tips from @Jhaddix
  • Tips from Ben (@nahamsec)
  • Tips from Other Sources
  • Tips from Blog posts / other hunters
  • Others
  • Bugbounty Related Websites / Blogs
  • Docker and k8s
  • Tweets Collection by @Pentesterland
  • Windows
  • Linux
  • Burp suite
  • Scope Based Recon Tips
Powered by GitBook
On this page

Docker and k8s

This section will contain the list of twitter feeds related to Docker and k8s security

PreviousBugbounty Related Websites / BlogsNextTweets Collection by @Pentesterland

Last updated 4 years ago

  • Dumping credentials, tokens, and keys from Kubernetes. STEP 1: Perform a GET on the following Kubernetes path: http://<Kube_IPAddr>:2379/v2/keys/?recursive=true STEP 2: Look through returned results for possible credentials or kublet tokens. Credit

#BugBountyTip: Found an SSRF #vulnerability in a Jira instance, now what? Right! #RCE like a boss 8) - [Only for Docker deployments] http://[::1]:2375/containers/json - might get you the docker credentials in the form of env variables!
Looking for kubelet information exposure?Use shodan and type this keyword :product:"Kubernetes" port:"10250"And try
https://x.x.x.x:10255/pods
#Bugbountytip Got a SSRF? no metadata endpoints to hit? Try https://kubernetes.default.svc/metrics if you get a load crap come back jackpot you've hit the kubernetes API and this should indicate it's shit the bed time for any security team. (url can change)
@carnal0wnage
#hashcrack