Description
[Peirates](https://attack.mitre.org/software/S0683) is a post-exploitation Kubernetes exploitation framework with a focus on gathering service account tokens for lateral movement and privilege escalation. The tool is written in GoLang and publicly available on GitHub.(Citation: Peirates GitHub)
External References
Techniques Used by This Tool
- T1046 — Network Service Discovery
- T1078.004 — Cloud Accounts
- T1528 — Steal Application Access Token
- T1530 — Data from Cloud Storage
- T1550.001 — Application Access Token
- T1552.005 — Cloud Instance Metadata API
- T1552.007 — Container API
- T1609 — Container Administration Command
- T1610 — Deploy Container
- T1611 — Escape to Host
- T1613 — Container and Resource Discovery
- T1619 — Cloud Storage Object Discovery