k3os + security tools
This is a collection of security tools customized for use in k3os.
See pwn-k8s for an exploitable example to trigger a number of security rules
helm repo add gatekeeper https://open-policy-agent.github.io/gatekeeper/charts
helm repo update
helm install gatekeeper/gatekeeper --name-template=gatekeeper --namespace gatekeeper-system --create-namespace
helm uninstall gatekeeper --namespace gatekeeper-system
kubectl apply -f https://raw.githubusercontent.com/open-policy-agent/gatekeeper-library/master/library/general/disallowanonymous/template.yaml
helm repo add kyverno https://kyverno.github.io/kyverno/
helm repo update
helm install kyverno kyverno/kyverno -n kyverno --create-namespace --set replicaCount=1
helm uninstall kyverno kyverno/kyverno --namespace kyverno
helm install kyverno-policies kyverno/kyverno-policies -n kyverno
helm repo add falcosecurity https://falcosecurity.github.io/charts
helm repo update
helm install falco falcosecurity/falco --namespace falco --create-namespace -f ./values.yaml
helm upgrade falco falcosecurity/falco --namespace falco --create-namespace -f ./values.yaml
helm uninstall falco --namespace falco