Offensive Operations in Kubernetes and GKE
- Training Duration : 12 Hours (4 Hours * 3-day)
- Training Dates & Time : 24th Apr – 26th Apr ‘26 (4:30 PM GMT to 8:30 PM GMT)
- Mode : Online
- Level : Beginner to Intermediate
- Price: $99
- Hands-on, lab-driven bootcamp focused on offensive security in Docker, Kubernetes, and GKE
- Learn to exploit misconfigurations, exposed services, and weak identities for initial access
- Perform privilege escalation, persistence, defense evasion, and data exfiltration in real scenarios
- Perform privilege escalation, persistence, defense evasion, and data exfiltration in real scenarios
- Execute lateral movement across Kubernetes clusters and cloud environments
- Explore Kubernetes + GCP IAM attack paths to escalate privileges and pivot within cloud infrastructure
The Agenda is divided across 3 sections, Please Find Below
- By the end of this training, participants will be able to:
- Map and analyze attack surfaces across Docker, Kubernetes, and GKE from an adversarial perspective.
- Enumerate and exploit Docker to achieve code execution, container escape, and host compromise.
- Perform reconnaissance and gain initial access to Kubernetes via unauthenticated and credential-based paths.
- Abuse Kubernetes authentication mechanisms to escalate privileges and expand access.
- Execute post-compromise operations in Kubernetes, including escalation, persistence, evasion, exfiltration, and lateral movement.
- Exploit Kubernetes–GCP trust relationships to escalate privileges and pivot across cloud and cluster resources.
Pre-requisites
Following are the requirements:
- Working knowledge of Docker and Kubernetes concepts is required (containers, pods, basic cluster operations).
- Familiarity with cloud environments, preferably GCP, is beneficial but not mandatory.
- Basic proficiency with Linux command-line and YAML configuration files.
- Understanding of networking fundamentals (IP addressing, ports, HTTP/HTTPS).
- Exposure to penetration testing or security assessments is advantageous, but not required.
Target Audience
- Red Teamers looking to develop offensive tradecraft against Docker, Kubernetes, and GKE environments
- Penetration Testers assessing modern containerized and cloud-native infrastructure
- Cloud Security Engineers responsible for securing Kubernetes and GCP-based deployments
- DevSecOps Engineers seeking to understand real-world attack paths in container and Kubernetes environments
- Security Researchers and Threat Hunters analyzing attacks targeting containers, Kubernetes, and cloud platforms
- Platform Engineers and Kubernetes Administrators who want to understand adversary techniques to better defend their clusters
Below are the Deliverables, Requirements and Exclusions
Requirements
- Laptop with a 64-bit (AMD64/x86_64) processor architecture, minimum 16 GB RAM and 60–80 GB free disk space
- Ability to run VMware Workstation Pro hypervisor
- A modern web browser and terminal environment
- [ Note: Systems with Apple Silicon (M-series) or other ARM-based CPUs are not supported ]
Exclusions
- 0-day exploits will not be covered
- Kubernetes and Docker foundational concepts are assumed and not covered in depth
- Application-layer vulnerabilities (e.g., OWASP Top 10, web app pentesting)
Deliverables
- Premium study materials
- 7-day lab access
- Completion certificate
Abhijeet Kumar
- Security researcher specializing in adversary simulations and advanced attack chains
- Designs multi-stage attacks from initial access to persistence and data exfiltration
- Hands-on experience across supply chains, Kubernetes, Active Directory, and cloud (AWS, Azure, GCP)
- Skilled in targeting *enterprise and NIX environments
- Actively researches adversary TTPs and emerging threats
- Enjoys reading, exploring cuisines, and home cooking
