Skip to content

cado-security/CloudAndContainerCompromiseSimulator

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

27 Commits

bins

bins

 
 

licenses

licenses

 
 

logs

logs

 
 

LICENSE

LICENSE

 
 

ReadMe.md

ReadMe.md

 
 

Screenshot.png

Screenshot.png

 
 

cloud-yara.rules

cloud-yara.rules

 
 

setup.sh

setup.sh

 
 

setup_dont_install_docker.sh

setup_dont_install_docker.sh

 
 

Repository files navigation

Background

This can be used an easy way of simulating a cloud and container compromise - to trigger detections

It is inspired by Florian Roth's APTSimulator

This allows you to trigger detections without running real world malware. Still, do not run this on production systems as it can reduce their security.

How to Run

Copy the files to a Linux system and run:

  • chmod +x ./setup.sh
  • ./setup.sh

You can also clone the repository directly, for example you can run on Amazon Linux like this:

Screenshot

Tools Deployed

About

Simulates a compromise in a cloud and container environment

www.cadosecurity.com

Topics

kubernetes aws security cloud-security cloud-forensics kubernetes-security cloudforensics docker-forensics kubernetes-forensics aws-forensics azure-forensics container-forensics

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

32 stars

Watchers

6 watching

Forks

5 forks
Report repository

Releases 1

Forensic Images Latest
Jun 28, 2021

Packages

No packages published

Contributors 2

  •  
  •  

Languages