mirror of
https://github.com/mukul975/Anthropic-Cybersecurity-Skills.git
synced 2026-07-17 13:15:16 +03:00
27c6414ca5
Complete skill folder anatomy across all cybersecurity skills: - scripts/agent.py: 80-150 line Python agents using real libraries (impacket, boto3, azure-mgmt-*, kubernetes, pefile, yara, scapy, shodan, stix2, etc.) - references/api-reference.md: real API documentation with method signatures - LICENSE: MIT license for all skill folders
1.7 KiB
1.7 KiB
API Reference: Detecting Privilege Escalation in Kubernetes Pods
Kubernetes Python Client API
| Method | Description |
|---|---|
CoreV1Api().list_pod_for_all_namespaces() |
List all pods across namespaces |
CoreV1Api().list_namespaced_pod(namespace) |
List pods in a specific namespace |
RbacAuthorizationV1Api().list_cluster_role_binding() |
List all ClusterRoleBindings |
RbacAuthorizationV1Api().list_namespaced_role_binding(ns) |
List RoleBindings in namespace |
Pod SecurityContext Fields
| Field | Risk |
|---|---|
privileged: true |
Full host access, container escape |
allowPrivilegeEscalation: true |
Enables setuid/setgid binaries |
runAsUser: 0 |
Container runs as root |
hostPID: true |
Access to host process namespace |
hostNetwork: true |
Access to host network stack |
capabilities.add: [SYS_ADMIN] |
Near-root capabilities |
Key Libraries
- kubernetes (
pip install kubernetes): Official Python client for Kubernetes API - config.load_kube_config(): Load kubeconfig from file for external access
- config.load_incluster_config(): Load service account config when running inside a pod
Configuration
| Variable | Description |
|---|---|
DANGEROUS_CAPABILITIES |
Linux capabilities that enable privilege escalation |
kubeconfig |
Path to Kubernetes configuration file |