Hacking and Securing Docker Containers v2.0

Name: Hacking and Securing Docker Containers v2.0
Rating: 4.5 (497 reviews)

Learn to hack and secure docker containers the easy way

Created bySrinivas .

Last updated 7/2021

English

What you'll learn

Fundamentals of Docker Images and Containers
How to build your first docker image
How to run your first docker container
Fundamentals of Container Security
Auditing docker containers using automated tools
Docker security fundamentals for Penetration Testers
Common container misconfigurations
Container security concepts that can be applied in DevSecOps pipelines
This course falls into the categories - Cyber Security, Ethical Hacking, Information Security

Course content

7 sections • 35 lectures • 2h 13m total length

Introduction1:20

Introduction0:35
What is Docker?2:03
Virtual Machines vs Containers2:10
Explain the differences between virtual machines and containers, noting that VMs run separate operating systems via hypervisors, while Docker containers share the host Linux kernel for a smaller footprint.
Virtual Machine Download0:21
Lab setup1:19
Building your first Docker Image3:59
Running your first Docker container5:21
Images vs Containers2:25
How Docker Images are stored locally15:10
Control Groups5:28
Namespaces - Part 15:16
Namespaces - Part 26:26

Introduction0:30
Docker Attack Surface2:38
Explore the Docker attack surface. Learn how Docker group users can elevate to root and how remote code execution, container escapes, and backdoored images threaten a cluster.
Exploiting vulnerable images5:15
Backdooring Docker Images7:30
Privilege Escalation6:10
Container breakout- Introduction0:39
Introduction to docker.sock1:39
Understand how the Docker socket and Unix socket enable Docker commands via the Docker daemon and Docker CLI, including remote access, mounting /var/run/docker.sock into containers, and the associated security risks.
Container escape using docker.sock5:31
Introduction to --privileged flag4:12
Compare a container with and without the Docker --privileged flag and view the expanded capabilities. Learn how an attacker could escape to the host.
Writing to kernel space from a container5:25
Writing to kernel space to get a reverse shell4:19
Accessing Docker Secrets4:05

Introduction0:26
Explore how automated tools audit Docker hosts, images, and containers, and shift from fundamentals and attacks to defenses across the rest of the course.
Scanning Docker Images3:11
Use trivia, a simple vulnerability scanner for containers, to perform static analysis on docker images, revealing 145 vulnerabilities, including the Heartbleed CVE 2014 0160, and showcasing its ci/cd relevance.
Auditing the environment using Docker Bench Security7:11

Requirements

This course starts from very basics and thus no Docker experience is required

Description

[Please note that the course is being heavily updated with more videos]

This is the latest version of our previous course Hacking and Securing Docker Containers. This course contains several updates to the previous version.

Updates include:

1. Detailed explanation of how docker images are locally stored

2. How to abuse CAP_SYS_MODULE and write a kernel module to escape the container and get a reverseshell.

3. Scanning Docker Images using Trivy

4. Docker Content Trust

5. 1080p quality videos (compared to 720p in previous version)

This course introduces students to the security concepts associated with Docker. Docker is a popular software and it is widely used in Information Technology Industry. It's popularity also brings a larger attack surface and thus it is important to understand it's security aspects to be able to protect Docker containers. This course is designed for students with any experience. If you never used Docker, its fine we have covered the basics. If you have used Docker for containerizing your applications, we have covered some advanced topics such as escaping from containers to host using misconfigured containers. Regardless of your experience with Docker, we have got you covered here.

Who this course is for:

IT Professionals using Docker containers
IT Professionals planning to use Docker containers
IT Professionals using any orchestration tool such as Docker Swarm, Kubernetes
Anyone who is interested in understanding Docker Security

Hacking and Securing Docker Containers v2.0

What you'll learn

Explore related topics

Course content

Introduction1 lecture • 1min

Fundamentals of Docker12 lectures • 51min

Hacking Docker Containers12 lectures • 48min

Automated Assessments3 lectures • 11min

Defenses5 lectures • 22min

Conclusion1 lecture • 1min

Bonus Section1 lecture • 1min

Requirements

Description

Who this course is for: