CloudGoat SNS Secrets

Warning Spoilers Ahead!

This is a write up the CloudGoat scenario sns_secrets and was created by the one and only Tyler Ramsbey.

Another walkthrough of the scenario can be found on TryHackMe which uses the Pacu SNS modules, mines uses the AWS CLI.

At time of writing this the scenario is still a GitHub Pull Request but its ready!

TryHackMe 'Frank and Herby try again.....'

This walk through of TryHackMe room “Frank and Herby try again…..” goes over how to escape from a container to take over the underlying node.

This room is a sequel of Frank & Herby make an app which is also Kubernetes themed.

2024 Northeast CCDC

This post goes over some of our methodology & rationale when we created this year’s (2024) Northeast Collegiate Cyber Defense League competition environment.

Topics that I’m planning to cover

I also have another post going through the CTF challenges we released

K8s LAN Party

Warning Spoilers!

This walkthrough goes over the 5 Kubernetes LAN Party challenges created by wiz.io.

https://k8slanparty.com/

2024 Northeast CCDC Challenges

Warning Spoilers!

Challenges

This writeup goes over the challenges created by the Black Team leading up to the 2024 Northeastern CCDC Competition.

There were a total of 4 challenges:

I also go into our thought process when making the challenges.

TryHackMe 'Frank & Herby make an app'

Learn how the misconfiguration of containers can lead to opportunities for some and disasters for others.

https://tryhackme.com/room/frankandherby

TryHackMe Insekube

Exploiting Kubernetes by leveraging a Grafana LFI vulnerability

https://tryhackme.com/room/insekube

TryHackMe Umbrella

Breach Umbrella Corp’s time-tracking server by exploiting misconfigurations around containerisation.

https://tryhackme.com/room/umbrella

CloudGoat RDS Snapshot

Warning Spoilers!

This is a write up the CloudGoat scenario rds_snapshot scenario and was created by the Best of the Best 12th CGV Team (Yong Siwoo, Park Do Kyu, Park Seo Hyun, Jung Ho Shim, Chae Jinsoo).

ArgoCD GitHub SSO

This post goes over how to setup single sign on ArgoCD. I use GitHub for the OAuth client but any client should also work.