K8sploitation: Hacking Kubernetes the Fun Way

K8sploitation: Hacking Kubernetes the Fun Way

Level of Instruction: Intermediate

Instructed by: Marcelo Ribeiro, Jeff Jordan

Abstract:

Kubernetes is now at the heart of modern infrastructure, yet offensive security content targeting real-world K8s exploitation is still underrepresented—even at DEF CON. K8sploitation: Hacking Kubernetes the Fun Way fills that gap by diving deep into hands‑on Kubernetes hacking techniques including privilege escalation, lateral movement, and control plane compromise. In this workshop, we set aside the buzzwords and focus on practical attacks and defenses drawn from real adversary tradecraft. Whether you’re a red teamer looking to understand how attackers think or a defender seeking to shore up your cluster’s security, you’ll gain invaluable insights through live demos, guided labs, and lessons learned from enterprise and government security operations. This session bridges cloud‑native technology with hands‑on offensive security training in a way that’s rare, relevant, and overdue.