Cloud-Native Attack and Defense from Scratch [Visual Notes Trial]

Nov 9, 2023#security165

AI Translation

This post is translated from Chinese into English through AI.View Original

AI-generated summary

The article is based on a blog post originally published on Tencent TSRC, focusing on cloud-native vulnerability discovery and exploitation in red-blue confrontation. It will be continuously updated and improved due to the evolving nature of Kubernetes security features and container security. The author plans to add content on setting up experimental environments, Kubernetes security features, complete red-blue confrontation cases, and EBPF security. The visualization notes are based on Heptabase, providing a clearer understanding of complex information. The author later switched to Obsidian due to pricing concerns.

This article is based on the blog post "A Record of Cloud-Native Vulnerability Discovery and Exploitation in Red-Blue Adversarial Scenarios" originally published by neargle and pk on Tencent TSRC, and is continuously updated and improved. Due to the continuous development and changes in Kubernetes security features, container security, and other attack and defense techniques, the content of the article will be continuously adjusted. Subsequent updates will include the setup of experimental environments from scratch, Kubernetes security feature resistance, complete red-blue adversarial case studies, EBPF security, and related content.

The visualization notes are based on Heptabase implementation. Visualization notes can help to better understand and display complex information. As an initial attempt, the experience was quite good, but I did not renew it later due to pricing considerations, and switched to Obsidian.

Preview:

Online link: https://app.heptabase.com/w/60306bad93e7e1bc7482688665bc31f19d662eb6f057e33096a3a15f6dfeb582