Labs

Basic Service Account Token Compromises

Cluster Certificate Authority Compromise Attack

Service Account Token Compromise with TokenRequest API Using Long Lived Tokens

Liveness Probe Attack

DNS Spoofing

Course Content

Playgrounds are sandbox-style lab environments where you need to attack and defend a target application from each vulnerability. As you do so, your hands-on knowledge of how to build these apps securely will get stronger.

Kubernetes clusters are designed to be highly available and resilient. They are made up of several components, including the API server, etcd, kubelet, and kube-proxy, which work together to manage and maintain the cluster. 

This course is designed for security professionals and developers who want to learn how to identify and exploit vulnerabilities in Kubernetes clusters. Through a series of practical exercises, you'll learn how to attack Kubernetes clusters using different techniques and while also accruing best practices for shoring up your deployments.

Learn to identify and exploit vulnerabilities in Kubernetes Service Account tokens by locating and extracting tokens thus gaining unauthorized access to Kubernetes resources. Also, learn how to exploit vulnerabilities in Kubernetes Cluster Certificate Authorities by locating and extracting certificates thus gaining unauthorized access to Kubernetes resources and how to exploit vulnerabilities in Kubernetes TokenRequest APIs using long-lived tokens to gain persistent access to Kubernetes resources.

Learn how to exploit vulnerabilities in Kubernetes Liveness Probes to gain access to Kubernetes resources and how to exploit vulnerabilities in Kubernetes DNS by spoofing DNS responses to gain unauthorized access to Kubernetes resources.

By the end of this course, you'll have a better understanding of how to identify and exploit vulnerabilities in Kubernetes clusters, and how to protect against these types of attacks.

Beginner

3
Hours
1
Lessons
5
Cloud Labs
learning path:
Kubernetes Security

Attacking Kubernetes Clusters Playground

Ideal for
Security Engineer
Cloud Engineer
DevOps
Pentester
Get Started

You might also like these courses

Or explore these Learning Paths

Ready to Elevate Your Security Training?

Empower your teams with the skills they need to secure your applications and stay ahead of the curve.
Get Our Newsletter
Get Started
X
X
Copyright AppSecEngineer © 2025